$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143959.roa File: AS143959.roa (raw, json) Hash identifier: V8jrmcyB1hevB73eCw/CUvWE3IgNRWlv0VjZFdY7+yU= Subject key identifier: 42:32:26:BD:58:F6:3C:CB:FA:E8:60:3F:90:04:75:33:62:DC:1F:19 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 184550D03405B5825B2E31B7F7DE1139915EF113 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143959.roa Signing time: Wed 04 Mar 2026 06:14:48 +0000 ROA not before: Wed 04 Mar 2026 06:09:48 +0000 ROA not after: Wed 03 Mar 2027 06:14:48 +0000 asID: 143959 IP address blocks: 240a:a51d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:45:50:d0:34:05:b5:82:5b:2e:31:b7:f7:de:11:39:91:5e:f1:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:48 2026 GMT Not After : Mar 3 06:14:48 2027 GMT Subject: CN=423226BD58F63CCBFAE8603F9004753362DC1F19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:30:1c:9c:e7:8f:40:b3:34:c9:77:68:84:a4: cd:0a:5d:4e:3f:07:d9:f9:b7:dc:e2:32:97:9a:46: a3:12:f5:01:34:2f:14:94:8a:dc:ea:4e:5c:59:d0: db:d6:83:35:63:35:2c:23:a5:b2:67:f8:c6:3e:47: f6:56:21:aa:94:4a:b0:eb:f6:f7:53:09:76:2b:b5: 15:6f:a0:3f:08:4e:fa:6b:af:b4:2f:d0:4c:84:7a: 68:e1:f0:66:fa:ca:e0:89:bf:57:9d:6a:1c:08:86: 7f:88:a1:14:7a:0d:61:39:6c:0b:af:1d:5c:a2:f3: 9c:ea:82:2d:d8:2f:ab:77:14:fa:dc:2f:b2:ab:c0: cb:db:5e:63:25:1a:a3:c4:78:7a:fb:12:6f:e2:0a: 95:fd:fa:bb:6c:13:7d:b5:8d:4c:ea:92:dc:ea:46: ad:e6:41:f4:ba:94:fd:0c:f4:72:a7:a9:c1:11:72: 7a:bf:ac:79:57:7f:d5:36:cc:4b:5a:ef:d0:50:60: 9c:a9:21:90:bb:a4:55:f0:27:e0:e7:5d:d5:89:b6: 4e:05:43:8b:4c:4b:a7:31:04:8e:af:dd:e4:62:fe: ae:27:d8:38:7b:5e:35:03:ad:8a:e3:a4:4b:c7:16: fa:21:6f:bc:de:21:03:34:df:bf:67:c7:d4:36:68: 7e:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:32:26:BD:58:F6:3C:CB:FA:E8:60:3F:90:04:75:33:62:DC:1F:19 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143959.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a51d::/32 Signature Algorithm: sha256WithRSAEncryption 93:14:4d:62:e7:a9:c5:d7:32:43:6d:24:4c:05:78:28:59:ee: f8:0b:e8:44:7e:b3:18:9f:df:d6:99:bf:a7:8a:d8:b4:88:5a: c2:b7:fa:09:0b:86:94:f7:6b:1e:31:34:99:b1:84:7e:7a:f8: 6b:fa:aa:ca:fc:96:39:5b:ea:fa:c8:fc:f1:fa:cf:df:42:ed: 0f:52:df:ba:c8:61:11:79:cd:89:39:bd:c4:d5:8d:d6:84:ba: ee:bf:9f:98:46:ec:b8:e0:69:81:e2:8d:3c:4f:13:04:4a:14: 9d:4d:24:12:d8:90:1e:cf:05:3f:a2:00:c5:eb:a8:5d:87:47: 64:8d:5a:b4:15:d5:ff:01:97:10:0d:02:a4:93:95:6c:d7:21: 97:04:b9:05:88:56:a0:f4:35:0c:e3:5a:1d:5b:1b:22:d9:ba: 9f:6d:91:b1:37:ae:33:8b:24:54:f3:0c:b3:ef:fd:9a:63:e6: aa:44:ad:1c:71:1a:5d:4c:b2:6c:e7:cc:ca:64:42:7f:a1:a2: 23:94:1b:e5:31:25:9b:04:79:48:33:ad:c2:11:f4:24:f2:aa: 61:e1:b9:5f:e4:3a:63:b0:92:36:c0:b0:97:3e:38:9b:72:eb: 50:b5:57:4e:a4:57:e3:7a:42:61:3a:9b:02:b6:f2:a9:54:c2: 4f:e1:6b:f5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGEVQ0DQFtYJbLjG3994ROZFe8RMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0OFoX DTI3MDMwMzA2MTQ0OFowMzExMC8GA1UEAxMoNDIzMjI2QkQ1OEY2M0NDQkZBRTg2 MDNGOTAwNDc1MzM2MkRDMUYxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANcwHJznj0CzNMl3aISkzQpdTj8H2fm33OIyl5pGoxL1ATQvFJSK3OpOXFnQ 29aDNWM1LCOlsmf4xj5H9lYhqpRKsOv291MJdiu1FW+gPwhO+muvtC/QTIR6aOHw ZvrK4Im/V51qHAiGf4ihFHoNYTlsC68dXKLznOqCLdgvq3cU+twvsqvAy9teYyUa o8R4evsSb+IKlf36u2wTfbWNTOqS3OpGreZB9LqU/Qz0cqepwRFyer+seVd/1TbM S1rv0FBgnKkhkLukVfAn4Odd1Ym2TgVDi0xLpzEEjq/d5GL+rifYOHteNQOtiuOk S8cW+iFvvN4hAzTfv2fH1DZofv0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRCMia9 WPY8y/roYD+QBHUzYtwfGTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pR0wDQYJKoZIhvcNAQELBQADggEBAJMUTWLnqcXXMkNtJEwFeChZ7vgL6ER+sxif 39aZv6eK2LSIWsK3+gkLhpT3ax4xNJmxhH56+Gv6qsr8ljlb6vrI/PH6z99C7Q9S 37rIYRF5zYk5vcTVjdaEuu6/n5hG7LjgaYHijTxPEwRKFJ1NJBLYkB7PBT+iAMXr qF2HR2SNWrQV1f8BlxANAqSTlWzXIZcEuQWIVqD0NQzjWh1bGyLZup9tkbE3rjOL JFTzDLPv/Zpj5qpErRxxGl1MsmznzMpkQn+hoiOUG+UxJZsEeUgzrcIR9CTyqmHh uV/kOmOwkjbAsJc+OJty61C1V06kV+N6QmE6mwK28qlUwk/ha/U= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:09 2026 by rpki-client