$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143956.roa File: AS143956.roa (raw, json) Hash identifier: 9nN/jr1QmH0gJYcqzsmCQ5e6JCoDQgCKadm0GjS5Y9c= Subject key identifier: 1E:16:3D:E5:79:1F:12:DE:38:9B:90:38:23:AF:9A:20:55:7C:5D:F4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2348CE14CF8789DE18B53D893F15556E4AB3021C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143956.roa Signing time: Wed 04 Mar 2026 06:15:08 +0000 ROA not before: Wed 04 Mar 2026 06:10:08 +0000 ROA not after: Wed 03 Mar 2027 06:15:08 +0000 asID: 143956 IP address blocks: 240a:a51a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:48:ce:14:cf:87:89:de:18:b5:3d:89:3f:15:55:6e:4a:b3:02:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:08 2026 GMT Not After : Mar 3 06:15:08 2027 GMT Subject: CN=1E163DE5791F12DE389B903823AF9A20557C5DF4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e2:44:f3:83:c6:9f:6d:c7:31:98:8e:85:e7: e2:4f:c8:23:ab:1d:db:02:ac:ab:93:3b:3a:fa:31: 5b:af:c7:75:30:61:53:ea:87:52:76:3d:3a:1c:ee: f7:f9:04:2c:37:fd:30:dc:60:6c:94:d8:8b:da:9f: 3c:4e:5d:c2:be:cf:3d:dc:c7:d1:c5:21:95:cb:de: 15:e4:20:8e:e7:f1:07:6c:56:dc:10:58:00:6c:9f: 57:9f:f7:67:f5:69:70:8f:bd:9a:5b:d2:61:01:28: 60:40:7b:15:35:a8:a3:55:a2:42:03:5d:4e:20:a8: fd:b5:65:d1:70:34:ea:81:62:86:ab:82:c9:2d:ba: 51:6d:d9:c1:49:88:b8:5d:80:cd:29:42:0e:05:7a: 77:31:ea:7f:cf:d3:4b:96:ad:cb:7d:a4:3a:35:0e: ea:95:1d:0b:b5:28:5c:10:b7:ee:36:8f:35:70:82: 9a:c7:a0:50:21:f2:97:f2:b4:0c:8f:6a:83:90:a9: 7a:12:e3:c2:85:15:b2:2e:75:3c:d2:0d:42:31:2f: 73:b7:25:c6:c6:66:3b:e1:f9:f9:8d:50:06:19:e9: ce:03:81:a4:74:83:93:ed:2b:06:d3:3d:69:cf:8a: ab:20:3e:18:fe:5c:25:65:58:de:79:c0:51:fb:d4: 46:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:16:3D:E5:79:1F:12:DE:38:9B:90:38:23:AF:9A:20:55:7C:5D:F4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143956.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a51a::/32 Signature Algorithm: sha256WithRSAEncryption 31:f8:bf:33:fc:41:0d:46:ff:2a:47:ab:73:80:aa:30:46:73: b4:22:cb:6f:4d:94:ba:24:a1:93:f8:0c:f4:00:c8:c8:42:92: 16:73:45:b7:a8:20:cd:4e:58:79:29:c3:9b:e1:9a:18:50:22: 85:18:61:80:33:45:d5:6b:9f:fc:20:ef:14:1b:b6:5f:46:cc: 64:80:b7:8b:61:08:13:45:c2:f4:ae:09:56:1e:84:5a:8c:05: 7a:b9:40:ad:c4:53:8b:51:1a:19:8d:a2:11:6d:97:97:fd:a5: e8:10:2b:26:d4:ac:e6:c9:39:90:b9:d1:9e:82:43:59:bb:fc: 81:c8:ff:b4:b2:89:ff:38:13:9a:fa:38:54:f1:ae:b6:7e:ea: 00:b8:c2:00:e9:57:9c:a0:87:07:92:6f:dc:ce:60:b2:59:b2: 7f:bf:3e:db:16:4a:3e:96:c3:35:3e:6a:1d:86:6f:d3:6c:fe: 01:47:4c:42:ed:df:d8:27:89:9d:3a:f6:d9:91:d7:d3:95:44: 98:2d:e0:c0:bd:cc:88:8f:38:54:d6:2f:dd:cf:89:7a:ae:d8: 48:41:7c:94:b6:cc:c9:cf:d1:78:9b:60:06:a1:07:51:f5:05: 15:cb:79:c2:76:2e:d8:16:d4:2d:51:3f:10:ad:c8:7e:63:2d: 79:f8:1e:40 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI0jOFM+Hid4YtT2JPxVVbkqzAhwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwOFoX DTI3MDMwMzA2MTUwOFowMzExMC8GA1UEAxMoMUUxNjNERTU3OTFGMTJERTM4OUI5 MDM4MjNBRjlBMjA1NTdDNURGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANniRPODxp9txzGYjoXn4k/II6sd2wKsq5M7OvoxW6/HdTBhU+qHUnY9Ohzu 9/kELDf9MNxgbJTYi9qfPE5dwr7PPdzH0cUhlcveFeQgjufxB2xW3BBYAGyfV5/3 Z/VpcI+9mlvSYQEoYEB7FTWoo1WiQgNdTiCo/bVl0XA06oFihquCyS26UW3ZwUmI uF2AzSlCDgV6dzHqf8/TS5aty32kOjUO6pUdC7UoXBC37jaPNXCCmsegUCHyl/K0 DI9qg5CpehLjwoUVsi51PNINQjEvc7clxsZmO+H5+Y1QBhnpzgOBpHSDk+0rBtM9 ac+KqyA+GP5cJWVY3nnAUfvURpUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQeFj3l eR8S3jibkDgjr5ogVXxd9DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pRowDQYJKoZIhvcNAQELBQADggEBADH4vzP8QQ1G/ypHq3OAqjBGc7Qiy29NlLok oZP4DPQAyMhCkhZzRbeoIM1OWHkpw5vhmhhQIoUYYYAzRdVrn/wg7xQbtl9GzGSA t4thCBNFwvSuCVYehFqMBXq5QK3EU4tRGhmNohFtl5f9pegQKybUrObJOZC50Z6C Q1m7/IHI/7Syif84E5r6OFTxrrZ+6gC4wgDpV5yghweSb9zOYLJZsn+/PtsWSj6W wzU+ah2Gb9Ns/gFHTELt39gniZ069tmR19OVRJgt4MC9zIiPOFTWL93PiXqu2EhB fJS2zMnP0XibYAahB1H1BRXLecJ2LtgW1C1RPxCtyH5jLXn4HkA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:39 2026 by rpki-client