$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143958.roa File: AS143958.roa (raw, json) Hash identifier: gZXkl6yj4MsSS53ZlHH+302zf6etvNdtC92TaCnpLBo= Subject key identifier: 59:7D:80:5F:A9:CA:49:C4:A7:BF:A1:FA:5B:83:76:BA:49:E8:9D:DD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6767C0BDD88239BF111C95E207C52253E10B2E8D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143958.roa Signing time: Wed 04 Mar 2026 06:14:35 +0000 ROA not before: Wed 04 Mar 2026 06:09:35 +0000 ROA not after: Wed 03 Mar 2027 06:14:35 +0000 asID: 143958 IP address blocks: 240a:a51c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:67:c0:bd:d8:82:39:bf:11:1c:95:e2:07:c5:22:53:e1:0b:2e:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:35 2026 GMT Not After : Mar 3 06:14:35 2027 GMT Subject: CN=597D805FA9CA49C4A7BFA1FA5B8376BA49E89DDD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:52:91:e8:08:ab:0a:fb:89:91:e9:90:98:77: d2:34:9a:ba:c3:5f:8a:95:e3:94:21:36:8a:2c:74: 86:36:d9:47:f6:25:43:64:c0:21:22:70:f7:b8:8c: bd:21:2f:68:58:18:ed:3e:84:68:59:8f:e9:59:b8: f5:11:47:c4:9e:a1:f6:b8:28:ff:ca:31:90:7c:42: 8a:2d:03:fc:e4:53:d8:c7:d2:85:c3:68:a8:30:cb: 22:33:2f:d9:43:b9:10:f5:c0:fc:51:57:86:19:80: 98:41:94:93:7f:f7:f7:1d:79:fe:d8:61:de:9d:58: ef:ca:e5:db:57:c8:71:ec:1a:fa:93:c3:11:fa:05: fe:ee:09:62:6b:e6:cd:3a:11:01:e3:cb:c8:58:a5: f8:b3:c5:84:e2:2b:09:09:e0:53:00:4a:d7:c4:d8: 4a:6c:a0:aa:c2:a5:2a:d6:b1:56:dc:e0:7c:36:86: e7:47:d5:62:9c:9c:54:c7:08:87:7f:ce:e8:32:af: 4c:b0:d5:ba:e2:bd:10:8a:a3:cd:a5:6e:d4:da:c4: 79:90:a6:b5:5e:99:e0:9d:fb:99:b0:05:66:ef:02: 6a:6e:f7:df:a6:39:1b:e3:ab:aa:96:c0:db:02:13: 4a:7c:05:fd:0f:92:26:f3:dd:43:a0:38:82:b1:03: 52:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:7D:80:5F:A9:CA:49:C4:A7:BF:A1:FA:5B:83:76:BA:49:E8:9D:DD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143958.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a51c::/32 Signature Algorithm: sha256WithRSAEncryption 79:8d:fa:b9:3e:09:57:e1:38:e9:99:3f:39:28:b4:66:08:b3: 9a:4b:7d:ef:04:0c:50:6b:9f:ad:bb:cc:7a:69:de:73:2c:6f: 03:af:7b:7a:9b:ed:be:9b:2c:02:66:69:2f:03:85:c5:b3:b2: a0:4b:0b:0b:ba:83:e2:ee:11:06:ad:ea:89:f8:63:bc:91:52: 77:76:57:17:c0:1f:93:15:5c:8a:1e:6a:f3:96:b5:7b:9e:3b: 68:da:75:89:8f:f0:ca:ac:e9:68:3f:68:20:84:41:89:44:a2: a3:d7:09:83:35:c4:b6:3b:19:af:ae:c5:3e:83:3d:5f:32:fe: 12:d8:eb:be:7f:58:50:cf:fc:bb:7f:29:70:db:bd:64:98:c8: ce:e1:81:ca:94:81:c7:00:68:a5:20:63:96:33:65:09:ff:f5: 22:9c:f4:2e:8f:a2:80:66:0b:e5:7f:03:c4:6e:f9:3a:be:e2: a4:87:9a:0a:fb:ae:21:e3:9c:bf:ed:b5:65:f1:52:6e:ca:98: d4:9d:cf:07:a5:ff:30:f8:e1:54:fa:b4:c1:9a:3b:9c:43:f4: 53:9c:a8:31:af:c1:9b:00:e8:64:25:77:ae:a7:ba:6c:7c:d1: 85:3e:00:8b:24:21:4f:ef:42:c2:18:b7:c8:25:72:d1:e4:3e: 96:42:f5:13 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZ2fAvdiCOb8RHJXiB8UiU+ELLo0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzNVoX DTI3MDMwMzA2MTQzNVowMzExMC8GA1UEAxMoNTk3RDgwNUZBOUNBNDlDNEE3QkZB MUZBNUI4Mzc2QkE0OUU4OURERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOtSkegIqwr7iZHpkJh30jSausNfipXjlCE2iix0hjbZR/YlQ2TAISJw97iM vSEvaFgY7T6EaFmP6Vm49RFHxJ6h9rgo/8oxkHxCii0D/ORT2MfShcNoqDDLIjMv 2UO5EPXA/FFXhhmAmEGUk3/39x15/thh3p1Y78rl21fIcewa+pPDEfoF/u4JYmvm zToRAePLyFil+LPFhOIrCQngUwBK18TYSmygqsKlKtaxVtzgfDaG50fVYpycVMcI h3/O6DKvTLDVuuK9EIqjzaVu1NrEeZCmtV6Z4J37mbAFZu8Cam7336Y5G+OrqpbA 2wITSnwF/Q+SJvPdQ6A4grEDUlkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRZfYBf qcpJxKe/ofpbg3a6Seid3TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pRwwDQYJKoZIhvcNAQELBQADggEBAHmN+rk+CVfhOOmZPzkotGYIs5pLfe8EDFBr n627zHpp3nMsbwOve3qb7b6bLAJmaS8DhcWzsqBLCwu6g+LuEQat6on4Y7yRUnd2 VxfAH5MVXIoeavOWtXueO2jadYmP8Mqs6Wg/aCCEQYlEoqPXCYM1xLY7Ga+uxT6D PV8y/hLY675/WFDP/Lt/KXDbvWSYyM7hgcqUgccAaKUgY5YzZQn/9SKc9C6PooBm C+V/A8Ru+Tq+4qSHmgr7riHjnL/ttWXxUm7KmNSdzwel/zD44VT6tMGaO5xD9FOc qDGvwZsA6GQld66numx80YU+AIskIU/vQsIYt8glctHkPpZC9RM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:36 2026 by rpki-client