$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143953.roa File: AS143953.roa (raw, json) Hash identifier: MOwE06FObRrxtBMdt6mwvmTOX/i2qoCW7twNvZSti8U= Subject key identifier: B3:47:5A:6A:AE:D6:3E:8B:DE:0F:C7:7F:7C:8F:88:D9:E0:55:83:CF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 42DE287199B108E23D92D5A8C8DA5B10549A2B7C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143953.roa Signing time: Wed 04 Mar 2026 06:13:07 +0000 ROA not before: Wed 04 Mar 2026 06:08:07 +0000 ROA not after: Wed 03 Mar 2027 06:13:07 +0000 asID: 143953 IP address blocks: 240a:a517::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:de:28:71:99:b1:08:e2:3d:92:d5:a8:c8:da:5b:10:54:9a:2b:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:07 2026 GMT Not After : Mar 3 06:13:07 2027 GMT Subject: CN=B3475A6AAED63E8BDE0FC77F7C8F88D9E05583CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:da:22:3b:9b:f1:bb:5c:df:d8:b3:0f:66:04: 00:6e:c3:a0:11:d5:b0:df:41:3d:02:51:3c:ca:55: 54:fa:d0:22:c5:46:8b:4a:c7:9a:5c:ce:d4:32:86: 9b:22:f7:0d:95:20:82:d3:28:47:3c:ea:5c:04:3d: 4d:de:9c:a0:f7:f0:c2:29:81:11:21:20:44:40:a9: 28:e8:06:95:82:62:b7:45:cb:9b:31:3b:42:e3:55: 0a:c1:75:05:fc:ab:fe:4b:6f:c9:81:13:e5:76:3b: d8:7f:a0:3d:30:71:8d:26:c6:6d:e0:15:4b:87:00: 73:1f:33:30:b8:a8:8c:e3:eb:68:77:7b:4d:c8:5a: 2b:f8:81:15:1f:f9:92:b6:2c:0a:d0:9b:21:e4:66: b8:b9:f2:7d:26:94:2f:91:cb:65:5d:53:ba:72:94: f0:de:cf:68:ba:e9:13:3a:13:e1:cc:f0:34:a7:49: b7:9f:40:17:03:f4:81:81:d1:85:33:f4:d6:fd:5b: 5b:dd:94:ac:79:74:cf:b7:04:71:23:7b:41:81:50: e8:e7:2a:7f:2a:a1:89:f9:70:0a:7f:f3:68:13:3a: 28:01:12:0b:41:67:25:b1:15:9c:30:ca:1f:15:d6: 45:12:f8:51:b9:d3:42:2b:0e:1f:cb:ac:6a:36:0c: c0:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:47:5A:6A:AE:D6:3E:8B:DE:0F:C7:7F:7C:8F:88:D9:E0:55:83:CF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143953.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a517::/32 Signature Algorithm: sha256WithRSAEncryption 12:cf:25:4d:a4:98:f4:18:60:12:a3:cd:cd:b7:24:f5:09:f4: ac:67:f3:11:e9:f2:c7:5d:a1:c2:a0:54:58:76:ad:fa:07:6e: a5:35:dc:8c:9a:2a:09:52:3d:51:a1:79:db:24:b8:14:5d:ce: 17:0f:13:11:14:d9:51:88:28:13:4d:e6:c5:35:38:27:57:9d: 39:fa:05:23:55:27:2c:00:d8:80:8b:2e:af:6d:1e:b1:9a:1d: 1e:35:3f:e3:05:e1:fd:5a:28:1f:95:b2:4b:e7:37:ea:94:f8: 5a:03:a1:4b:2a:13:96:53:b6:02:f6:4c:a8:f7:21:8d:35:a6: 9d:4b:13:70:bd:c9:23:06:38:b4:74:e3:c7:b6:32:c3:5b:78: 46:55:f1:37:6f:9f:9a:ea:25:a4:55:d0:c2:99:2f:30:4d:f5: d2:f4:0b:7b:4d:6a:fc:82:6e:2e:11:fb:3a:68:2a:c2:45:c8: fb:74:7d:d8:79:a3:38:cc:3d:c4:dd:a3:53:a0:02:0c:c6:84: 1e:90:1f:5d:4b:cb:6c:7c:9d:e5:ca:29:1c:14:7e:17:ee:29: 90:4d:34:14:9c:df:06:13:a6:cc:60:87:98:c4:ff:dc:cd:14: 82:82:1a:de:21:a6:c2:a9:92:6b:f0:d6:d7:d0:60:48:29:92: 9a:38:98:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQt4ocZmxCOI9ktWoyNpbEFSaK3wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwN1oX DTI3MDMwMzA2MTMwN1owMzExMC8GA1UEAxMoQjM0NzVBNkFBRUQ2M0U4QkRFMEZD NzdGN0M4Rjg4RDlFMDU1ODNDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfaIjub8btc39izD2YEAG7DoBHVsN9BPQJRPMpVVPrQIsVGi0rHmlzO1DKG myL3DZUggtMoRzzqXAQ9Td6coPfwwimBESEgRECpKOgGlYJit0XLmzE7QuNVCsF1 Bfyr/ktvyYET5XY72H+gPTBxjSbGbeAVS4cAcx8zMLiojOPraHd7TchaK/iBFR/5 krYsCtCbIeRmuLnyfSaUL5HLZV1TunKU8N7PaLrpEzoT4czwNKdJt59AFwP0gYHR hTP01v1bW92UrHl0z7cEcSN7QYFQ6OcqfyqhiflwCn/zaBM6KAESC0FnJbEVnDDK HxXWRRL4UbnTQisOH8usajYMwGUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSzR1pq rtY+i94Px398j4jZ4FWDzzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pRcwDQYJKoZIhvcNAQELBQADggEBABLPJU2kmPQYYBKjzc23JPUJ9Kxn8xHp8sdd ocKgVFh2rfoHbqU13IyaKglSPVGhedskuBRdzhcPExEU2VGIKBNN5sU1OCdXnTn6 BSNVJywA2ICLLq9tHrGaHR41P+MF4f1aKB+VskvnN+qU+FoDoUsqE5ZTtgL2TKj3 IY01pp1LE3C9ySMGOLR048e2MsNbeEZV8Tdvn5rqJaRV0MKZLzBN9dL0C3tNavyC bi4R+zpoKsJFyPt0fdh5ozjMPcTdo1OgAgzGhB6QH11Ly2x8neXKKRwUfhfuKZBN NBSc3wYTpsxgh5jE/9zNFIKCGt4hpsKpkmvw1tfQYEgpkpo4mHI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:35 2026 by rpki-client