$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143945.roa File: AS143945.roa (raw, json) Hash identifier: 8ZMgsDbMyX37i+LiPqUTJPATjhxKVIId2QTZgyI+prU= Subject key identifier: 73:C3:D8:0C:E8:BB:F6:CD:63:1F:3E:81:84:A2:B4:74:7A:27:2A:B3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3111133BD882F235C4FC04F3742E5EF30935EB30 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143945.roa Signing time: Wed 04 Mar 2026 06:12:45 +0000 ROA not before: Wed 04 Mar 2026 06:07:45 +0000 ROA not after: Wed 03 Mar 2027 06:12:45 +0000 asID: 143945 IP address blocks: 240a:a50f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:11:13:3b:d8:82:f2:35:c4:fc:04:f3:74:2e:5e:f3:09:35:eb:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:45 2026 GMT Not After : Mar 3 06:12:45 2027 GMT Subject: CN=73C3D80CE8BBF6CD631F3E8184A2B4747A272AB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:af:4c:8f:6f:3b:61:76:ef:2b:8a:4b:5f:6e: 98:73:6f:b4:56:5c:c5:3a:9d:eb:f8:2a:81:90:98: a6:9a:5b:e8:09:e9:63:96:4b:98:c7:54:5d:8c:f4: 37:6a:5c:89:7c:f2:37:f1:a2:6c:20:9c:3b:74:4a: 34:0d:18:48:73:82:48:d4:49:9a:81:32:db:97:3c: 70:17:0a:85:a2:30:d1:4a:4d:b6:b4:92:e4:08:82: 30:06:93:87:da:8d:93:4e:0d:d8:da:4d:87:75:44: 7c:e0:26:20:91:cc:45:0f:be:32:ef:51:40:79:cc: 26:0f:6b:5e:fe:e1:d8:b5:06:b1:9d:2e:e2:e4:ab: 9e:ff:e5:e2:a1:72:c3:6f:66:2f:aa:d5:2f:76:90: 08:1c:89:5d:00:61:96:8d:f6:b4:83:65:e4:84:79: 26:64:18:2c:09:cc:40:8d:a7:0f:35:e8:29:31:ca: 0d:27:1e:98:a4:57:56:67:2d:35:81:19:a7:82:62: 45:75:43:16:58:d7:4f:08:9f:1b:93:b1:ba:53:bb: ec:5d:e1:16:f4:50:a3:21:33:7a:1e:26:83:0b:92: fe:db:23:95:8c:4a:c7:32:17:59:d9:47:62:22:97: e8:ea:8c:bb:24:32:e1:c7:fa:99:45:29:a2:7f:7e: 49:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C3:D8:0C:E8:BB:F6:CD:63:1F:3E:81:84:A2:B4:74:7A:27:2A:B3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143945.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a50f::/32 Signature Algorithm: sha256WithRSAEncryption 8e:59:8e:3b:e7:c7:43:62:82:b3:b8:32:93:d0:62:40:b2:f9: 32:ca:28:af:63:ec:3b:83:bd:7c:4b:92:b2:8d:7d:18:05:c8: 37:82:eb:0f:9c:bb:c5:fe:9c:b6:6b:df:49:f7:83:5a:63:f6: f7:4b:ea:dc:1f:5f:d2:85:b4:00:10:b9:45:78:75:f3:c7:d0: b7:8b:84:bd:08:5f:20:73:c5:52:68:a7:10:58:36:16:5a:eb: db:74:79:73:29:b2:64:9e:35:5a:cb:2a:3c:74:48:5d:b7:55: c7:ee:61:d4:e1:71:59:62:56:77:fe:1e:8c:13:1a:f7:a7:e0: fb:59:f4:ff:b9:07:9a:ca:34:b9:7e:03:66:33:f6:80:36:f6: b8:7d:17:64:f0:05:ed:19:62:ae:e9:e0:71:c6:24:86:4f:ff: 74:85:4a:4d:c4:22:3e:ae:ac:e8:0a:07:15:9e:cb:3e:62:b9: 0c:e2:43:92:c5:88:01:22:a6:fa:e2:7b:3f:23:7c:2b:27:0d: 98:c9:c3:23:4a:5c:3f:dd:6b:43:13:a4:fc:48:e7:2b:37:ba: 00:ff:40:ec:55:d5:22:ba:f8:de:20:a5:da:4d:83:df:12:dd: de:79:83:6f:b4:a5:5b:ab:bf:72:52:74:d0:93:c5:48:88:c6: b0:1b:93:e3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMRETO9iC8jXE/ATzdC5e8wk16zAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0NVoX DTI3MDMwMzA2MTI0NVowMzExMC8GA1UEAxMoNzNDM0Q4MENFOEJCRjZDRDYzMUYz RTgxODRBMkI0NzQ3QTI3MkFCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKmvTI9vO2F27yuKS19umHNvtFZcxTqd6/gqgZCYpppb6AnpY5ZLmMdUXYz0 N2pciXzyN/GibCCcO3RKNA0YSHOCSNRJmoEy25c8cBcKhaIw0UpNtrSS5AiCMAaT h9qNk04N2NpNh3VEfOAmIJHMRQ++Mu9RQHnMJg9rXv7h2LUGsZ0u4uSrnv/l4qFy w29mL6rVL3aQCByJXQBhlo32tINl5IR5JmQYLAnMQI2nDzXoKTHKDScemKRXVmct NYEZp4JiRXVDFljXTwifG5OxulO77F3hFvRQoyEzeh4mgwuS/tsjlYxKxzIXWdlH YiKX6OqMuyQy4cf6mUUpon9+SWsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRzw9gM 6Lv2zWMfPoGEorR0eicqszAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk0NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQ8wDQYJKoZIhvcNAQELBQADggEBAI5Zjjvnx0NigrO4MpPQYkCy+TLKKK9j7DuD vXxLkrKNfRgFyDeC6w+cu8X+nLZr30n3g1pj9vdL6twfX9KFtAAQuUV4dfPH0LeL hL0IXyBzxVJopxBYNhZa69t0eXMpsmSeNVrLKjx0SF23VcfuYdThcVliVnf+HowT Gven4PtZ9P+5B5rKNLl+A2Yz9oA29rh9F2TwBe0ZYq7p4HHGJIZP/3SFSk3EIj6u rOgKBxWeyz5iuQziQ5LFiAEipvriez8jfCsnDZjJwyNKXD/da0MTpPxI5ys3ugD/ QOxV1SK6+N4gpdpNg98S3d55g2+0pVurv3JSdNCTxUiIxrAbk+M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:12 2026 by rpki-client