$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143950.roa File: AS143950.roa (raw, json) Hash identifier: MnYulFVSGqMDAr9HwhRIxbJvHIpoq1J+LB/TNdOdSPo= Subject key identifier: EA:AE:16:60:89:82:99:E1:6B:9E:D1:A3:09:E5:A7:60:AC:D0:57:DD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A0CC130EB8EE2B973E2331D8D9FD5DD4D0946F4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143950.roa Signing time: Wed 04 Mar 2026 06:12:47 +0000 ROA not before: Wed 04 Mar 2026 06:07:47 +0000 ROA not after: Wed 03 Mar 2027 06:12:47 +0000 asID: 143950 IP address blocks: 240a:a514::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:0c:c1:30:eb:8e:e2:b9:73:e2:33:1d:8d:9f:d5:dd:4d:09:46:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:47 2026 GMT Not After : Mar 3 06:12:47 2027 GMT Subject: CN=EAAE1660898299E16B9ED1A309E5A760ACD057DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:d1:08:fa:c6:8a:a2:79:de:12:18:d6:3a:f9: 0e:58:eb:d0:c1:cb:5c:51:26:83:e1:6c:05:b2:31: 1d:aa:dc:5f:d6:e3:a5:1f:6c:ca:12:67:7e:8c:26: 95:bf:27:a0:1f:cc:59:8b:6b:07:38:4a:17:aa:7b: 95:99:b5:79:f7:8e:99:d9:8c:bc:6a:45:96:8d:55: 14:d9:ea:df:96:e2:61:14:8d:63:84:48:80:58:cf: 80:65:b9:94:72:1a:7b:1b:2e:57:c5:12:a0:cb:dc: e1:5a:92:34:4b:d3:00:53:2c:a8:55:16:12:21:c0: 36:b9:05:11:9d:e0:24:32:f0:2a:b6:c1:56:00:5b: bc:62:d7:6d:82:f9:06:6f:90:a7:62:86:f2:a4:f4: dd:90:31:f4:8d:34:cb:af:b3:8e:18:2f:25:0a:2e: 64:7c:d7:fe:2a:fe:fd:4a:f9:e3:be:33:1c:28:5b: f3:06:eb:de:aa:92:47:4d:ad:ce:6e:d0:b1:3d:71: 4d:ed:83:cf:9b:f1:82:7c:44:71:80:a5:ba:82:cc: 64:68:ed:d6:4f:b1:39:f2:80:8e:f4:be:b0:b4:f1: c2:db:89:df:57:72:be:08:53:1d:e7:7f:2b:48:7b: 08:2d:7c:f4:3f:70:46:8f:54:7f:ea:56:07:ac:7e: 68:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:AE:16:60:89:82:99:E1:6B:9E:D1:A3:09:E5:A7:60:AC:D0:57:DD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143950.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a514::/32 Signature Algorithm: sha256WithRSAEncryption ab:2c:ea:67:f1:4a:a3:af:b9:d2:df:c3:15:e0:02:2d:57:64: fa:7e:40:35:80:44:fb:82:50:48:ab:70:22:66:3e:05:61:ef: 62:cf:98:9f:16:d2:12:c6:d1:51:68:4d:7c:bf:6a:ee:dd:7e: ad:e9:5e:06:6f:13:da:53:22:72:37:29:86:58:e9:99:a6:6a: c2:60:69:b5:27:43:b6:c6:44:53:1b:98:59:81:5c:00:0d:3e: 9c:78:ba:c8:6d:d2:97:1f:bf:e6:cb:51:ef:56:10:98:7f:c4: f1:02:26:4c:d8:96:16:5c:d5:15:7f:10:c8:94:82:2b:f6:82: 23:47:08:01:9d:d2:4d:c7:e1:2a:a4:a3:c8:04:ad:86:03:17: c8:46:16:4d:6c:a9:dd:9a:1c:0c:d0:11:93:2e:51:7f:9c:ec: 38:82:7d:09:77:5d:2c:91:dd:28:f0:af:89:c1:1b:3d:ee:95: 67:d5:21:b2:ce:cc:ff:a4:87:9c:2f:42:5b:8a:7c:9f:14:d6: c1:6d:45:cb:2f:bb:39:08:e4:ba:77:84:fd:fc:94:97:4b:e0: 47:98:a4:ba:a6:57:6a:db:08:5d:37:34:b6:54:f5:92:29:7a: 4f:16:08:80:29:8a:d6:bc:46:4e:6c:4f:d9:25:d0:8b:04:84: bd:99:0a:87 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKgzBMOuO4rlz4jMdjZ/V3U0JRvQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0N1oX DTI3MDMwMzA2MTI0N1owMzExMC8GA1UEAxMoRUFBRTE2NjA4OTgyOTlFMTZCOUVE MUEzMDlFNUE3NjBBQ0QwNTdERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPbRCPrGiqJ53hIY1jr5Dljr0MHLXFEmg+FsBbIxHarcX9bjpR9syhJnfowm lb8noB/MWYtrBzhKF6p7lZm1efeOmdmMvGpFlo1VFNnq35biYRSNY4RIgFjPgGW5 lHIaexsuV8USoMvc4VqSNEvTAFMsqFUWEiHANrkFEZ3gJDLwKrbBVgBbvGLXbYL5 Bm+Qp2KG8qT03ZAx9I00y6+zjhgvJQouZHzX/ir+/Ur5474zHChb8wbr3qqSR02t zm7QsT1xTe2Dz5vxgnxEcYCluoLMZGjt1k+xOfKAjvS+sLTxwtuJ31dyvghTHed/ K0h7CC189D9wRo9Uf+pWB6x+aPsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTqrhZg iYKZ4Wue0aMJ5adgrNBX3TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pRQwDQYJKoZIhvcNAQELBQADggEBAKss6mfxSqOvudLfwxXgAi1XZPp+QDWARPuC UEircCJmPgVh72LPmJ8W0hLG0VFoTXy/au7dfq3pXgZvE9pTInI3KYZY6ZmmasJg abUnQ7bGRFMbmFmBXAANPpx4usht0pcfv+bLUe9WEJh/xPECJkzYlhZc1RV/EMiU giv2giNHCAGd0k3H4Sqko8gErYYDF8hGFk1sqd2aHAzQEZMuUX+c7DiCfQl3XSyR 3Sjwr4nBGz3ulWfVIbLOzP+kh5wvQluKfJ8U1sFtRcsvuzkI5Lp3hP38lJdL4EeY pLqmV2rbCF03NLZU9ZIpek8WCIApita8Rk5sT9kl0IsEhL2ZCoc= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:06 2026 by rpki-client