$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143955.roa File: AS143955.roa (raw, json) Hash identifier: wN3Tq3TG4fYniqTIeo/wz3rmwCcvAJYyTJF3+lUWRtA= Subject key identifier: CF:47:9D:A1:D4:7B:BA:CB:89:3E:28:50:38:A0:2A:7F:97:97:E9:10 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 79931A4AB1C1FA1DDCCB454B282D0A4F1EBAC88F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143955.roa Signing time: Wed 04 Mar 2026 06:13:40 +0000 ROA not before: Wed 04 Mar 2026 06:08:40 +0000 ROA not after: Wed 03 Mar 2027 06:13:40 +0000 asID: 143955 IP address blocks: 240a:a519::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:93:1a:4a:b1:c1:fa:1d:dc:cb:45:4b:28:2d:0a:4f:1e:ba:c8:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:40 2026 GMT Not After : Mar 3 06:13:40 2027 GMT Subject: CN=CF479DA1D47BBACB893E285038A02A7F9797E910 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:06:d4:da:c9:ad:76:fe:4b:dc:63:8c:23:b4: 2d:c4:ec:99:ff:8f:05:20:97:df:d9:c5:cb:f9:82: 71:08:fb:6f:54:06:f1:38:15:fc:95:f8:bb:1d:24: 91:64:3f:8a:18:df:c9:05:15:ce:74:3f:8d:ad:58: 1f:d2:88:48:51:ab:8d:87:5a:9b:0a:22:d4:25:2a: e7:03:50:6b:ce:bb:fe:82:f8:48:8f:00:21:41:63: b9:c4:91:72:00:1c:2f:ea:b0:82:4c:a6:41:d0:f1: a1:43:79:a6:3e:49:d5:b5:72:28:57:5a:61:e4:58: b5:84:a4:69:41:14:46:66:03:28:6f:0f:3a:47:e1: 24:ee:4e:b4:0e:dc:0a:7b:ef:0f:74:18:80:c3:56: 0f:fc:d0:9f:46:90:ed:6b:ca:50:e1:bc:23:f6:cc: cc:59:95:a2:61:f4:61:9c:01:ca:8f:70:94:f8:df: d2:d1:c9:ab:3b:9d:07:ad:1e:22:7c:8d:45:59:ed: 62:37:da:25:65:f3:b4:b6:88:c7:76:c7:55:e7:73: dd:e1:04:3e:b9:d9:01:de:07:c8:75:61:f3:88:89: ad:4f:34:1e:30:5e:73:36:a5:fc:c9:e5:4c:83:9e: f9:7f:73:10:82:f0:6f:4e:8c:50:ba:92:4d:b0:8b: 7d:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:47:9D:A1:D4:7B:BA:CB:89:3E:28:50:38:A0:2A:7F:97:97:E9:10 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143955.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a519::/32 Signature Algorithm: sha256WithRSAEncryption 40:bf:5d:86:0b:a9:14:74:03:4e:60:61:b9:98:2c:b8:9a:77: 2a:ed:75:62:63:76:2e:b7:f3:06:27:83:32:89:2a:76:0e:bc: 83:5a:ab:73:3b:2b:d3:74:e5:7f:54:0a:d9:96:d9:c8:2c:7a: 1c:0b:3b:47:e9:b2:ca:d2:d3:e4:ce:dd:0b:ad:12:b6:51:b1: 47:9c:69:d2:dc:d4:eb:0b:01:93:54:cf:77:72:cd:b6:be:f6: d8:c4:43:0e:e3:9b:dc:b9:ef:c9:0f:4a:75:8c:9d:ae:34:22: 7d:aa:46:ef:27:50:fc:ad:eb:c5:7d:ad:92:f6:71:87:27:fd: 98:00:e9:d0:19:3c:be:c8:f9:1a:84:41:7e:a2:dc:ff:41:b2: c2:ea:5d:85:82:e8:1a:46:1b:8d:91:a6:d3:6c:61:16:2b:b0: 24:2f:4a:bb:d7:8c:39:5e:10:94:de:ea:55:67:19:88:2d:31: dc:77:84:0a:a7:1b:a0:09:f8:29:7a:a0:ae:6f:cc:b3:14:42: 9d:b8:24:f4:55:1b:af:95:f8:c1:c5:ac:bc:53:1d:ba:ed:35: 5e:ae:6a:35:b9:b3:ff:39:18:77:1e:4a:22:39:4d:65:68:e8: 73:a4:85:fb:f7:28:bf:1e:cf:91:16:88:58:17:6d:bf:b0:66: f9:07:89:25 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeZMaSrHB+h3cy0VLKC0KTx66yI8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0MFoX DTI3MDMwMzA2MTM0MFowMzExMC8GA1UEAxMoQ0Y0NzlEQTFENDdCQkFDQjg5M0Uy ODUwMzhBMDJBN0Y5Nzk3RTkxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4G1NrJrXb+S9xjjCO0LcTsmf+PBSCX39nFy/mCcQj7b1QG8TgV/JX4ux0k kWQ/ihjfyQUVznQ/ja1YH9KISFGrjYdamwoi1CUq5wNQa867/oL4SI8AIUFjucSR cgAcL+qwgkymQdDxoUN5pj5J1bVyKFdaYeRYtYSkaUEURmYDKG8POkfhJO5OtA7c CnvvD3QYgMNWD/zQn0aQ7WvKUOG8I/bMzFmVomH0YZwByo9wlPjf0tHJqzudB60e InyNRVntYjfaJWXztLaIx3bHVedz3eEEPrnZAd4HyHVh84iJrU80HjBeczal/Mnl TIOe+X9zEILwb06MULqSTbCLfWkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTPR52h 1Hu6y4k+KFA4oCp/l5fpEDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pRkwDQYJKoZIhvcNAQELBQADggEBAEC/XYYLqRR0A05gYbmYLLiadyrtdWJjdi63 8wYngzKJKnYOvINaq3M7K9N05X9UCtmW2cgsehwLO0fpssrS0+TO3QutErZRsUec adLc1OsLAZNUz3dyzba+9tjEQw7jm9y578kPSnWMna40In2qRu8nUPyt68V9rZL2 cYcn/ZgA6dAZPL7I+RqEQX6i3P9BssLqXYWC6BpGG42RptNsYRYrsCQvSrvXjDle EJTe6lVnGYgtMdx3hAqnG6AJ+Cl6oK5vzLMUQp24JPRVG6+V+MHFrLxTHbrtNV6u ajW5s/85GHceSiI5TWVo6HOkhfv3KL8ez5EWiFgXbb+wZvkHiSU= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:19 2026 by rpki-client