$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143952.roa File: AS143952.roa (raw, json) Hash identifier: zr8CC7VttthY4cqtr9PH8uXJn/NS+9krH7JHSCOoTSU= Subject key identifier: 47:C8:9D:EB:77:D1:3D:CF:32:CF:4B:BD:25:3D:32:51:2B:A1:EF:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5FAE0942AB5D1E2BD8B927743B091403C83A5487 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143952.roa Signing time: Wed 04 Mar 2026 06:14:26 +0000 ROA not before: Wed 04 Mar 2026 06:09:26 +0000 ROA not after: Wed 03 Mar 2027 06:14:26 +0000 asID: 143952 IP address blocks: 240a:a516::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:ae:09:42:ab:5d:1e:2b:d8:b9:27:74:3b:09:14:03:c8:3a:54:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:26 2026 GMT Not After : Mar 3 06:14:26 2027 GMT Subject: CN=47C89DEB77D13DCF32CF4BBD253D32512BA1EF97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d9:15:bb:f6:d5:1b:a0:38:92:d8:08:83:d2: c1:05:aa:2f:63:37:b6:9b:df:da:a6:75:00:2c:5f: e3:26:46:89:23:68:6c:ef:3f:d4:5d:11:56:9b:51: 00:7d:33:de:b8:db:d5:f2:45:9c:1e:00:cd:b3:38: f0:f0:87:c5:22:5f:90:1e:bc:fd:91:34:a4:5a:87: 9c:18:1e:16:f7:eb:f8:ee:d1:49:2e:f6:e7:c8:23: 8b:b6:e0:74:f6:cb:3a:92:7f:8d:2e:f7:22:a0:b8: eb:ae:e6:1b:85:a3:08:2f:07:0e:90:6b:6b:25:55: eb:5f:d1:e0:4b:af:9b:40:2b:3e:92:33:43:01:7c: 38:e2:3e:e0:a7:b6:bf:38:fc:46:5f:01:f2:8d:ed: 49:80:55:c0:fb:b8:d9:81:1e:fe:d2:3a:ff:42:ff: 10:8a:5d:9f:47:8e:d9:20:fe:70:1d:51:00:c3:96: 3b:4b:5e:b1:d7:f6:5b:6a:b4:4c:a4:0d:15:bd:fb: 3c:d8:74:10:6b:d4:61:7b:a8:2e:ef:a8:9d:ea:a9: 05:89:03:68:e3:51:11:8e:01:c6:ba:25:96:e2:ff: 9c:27:4d:bb:63:2f:7d:99:ef:c0:41:52:b3:86:4f: 30:07:a8:37:4c:10:9d:93:dc:83:ab:58:a1:fa:cc: 44:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:C8:9D:EB:77:D1:3D:CF:32:CF:4B:BD:25:3D:32:51:2B:A1:EF:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143952.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a516::/32 Signature Algorithm: sha256WithRSAEncryption d4:72:1a:18:b2:1e:03:08:b9:2a:38:d9:df:35:a3:f7:8c:fe: f1:e5:63:e0:f0:57:73:70:e9:b0:06:33:9a:74:2b:d4:16:df: ec:d1:61:d8:61:21:c5:e9:57:9f:70:e9:0d:22:7a:ef:4f:7b: 8e:f5:7a:68:7b:88:7d:4e:15:16:01:01:90:54:06:67:58:76: bd:04:ab:40:a0:94:c7:c0:2d:bd:f7:62:1b:e4:6f:4c:5c:20: 2a:f1:c2:cf:5f:a4:37:dc:7a:e3:75:da:5e:cd:1d:9a:f3:d8: 58:4f:3a:b6:3f:21:ac:cb:1a:9a:0a:f9:82:2d:68:0b:f6:b9: 9c:18:8f:b0:8e:ff:9d:e0:4c:85:37:7e:01:2d:76:ce:08:d5: 72:c0:89:3a:bb:3c:45:9c:69:47:7b:42:11:a2:91:8c:f2:98: 8c:9e:e4:e7:58:1a:24:db:34:4f:b3:2b:c0:d0:98:c9:6d:19: 35:f6:7c:78:52:48:63:78:f3:c9:39:c8:99:64:2b:90:a7:cb: 26:f7:03:57:d1:fc:f9:fd:54:ea:51:5c:d3:41:0d:e6:9e:5f: 21:25:c2:f5:29:bd:4e:08:cf:e4:9c:6e:84:27:16:f4:42:0b: 27:2c:31:9b:5e:c8:19:4e:e2:fa:9f:b8:d5:91:1d:c8:f8:cb: 9b:6c:c0:82 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUX64JQqtdHivYuSd0OwkUA8g6VIcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyNloX DTI3MDMwMzA2MTQyNlowMzExMC8GA1UEAxMoNDdDODlERUI3N0QxM0RDRjMyQ0Y0 QkJEMjUzRDMyNTEyQkExRUY5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOnZFbv21RugOJLYCIPSwQWqL2M3tpvf2qZ1ACxf4yZGiSNobO8/1F0RVptR AH0z3rjb1fJFnB4AzbM48PCHxSJfkB68/ZE0pFqHnBgeFvfr+O7RSS7258gji7bg dPbLOpJ/jS73IqC4667mG4WjCC8HDpBrayVV61/R4Euvm0ArPpIzQwF8OOI+4Ke2 vzj8Rl8B8o3tSYBVwPu42YEe/tI6/0L/EIpdn0eO2SD+cB1RAMOWO0tesdf2W2q0 TKQNFb37PNh0EGvUYXuoLu+oneqpBYkDaONREY4BxrolluL/nCdNu2MvfZnvwEFS s4ZPMAeoN0wQnZPcg6tYofrMRPkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRHyJ3r d9E9zzLPS70lPTJRK6HvlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pRYwDQYJKoZIhvcNAQELBQADggEBANRyGhiyHgMIuSo42d81o/eM/vHlY+DwV3Nw 6bAGM5p0K9QW3+zRYdhhIcXpV59w6Q0ieu9Pe471emh7iH1OFRYBAZBUBmdYdr0E q0CglMfALb33Yhvkb0xcICrxws9fpDfceuN12l7NHZrz2FhPOrY/IazLGpoK+YIt aAv2uZwYj7CO/53gTIU3fgEtds4I1XLAiTq7PEWcaUd7QhGikYzymIye5OdYGiTb NE+zK8DQmMltGTX2fHhSSGN488k5yJlkK5Cnyyb3A1fR/Pn9VOpRXNNBDeaeXyEl wvUpvU4Iz+ScboQnFvRCCycsMZteyBlO4vqfuNWRHcj4y5tswII= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:47 2026 by rpki-client