$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143963.roa File: AS143963.roa (raw, json) Hash identifier: m+Jn0BCac6W7Tv75xMjY5kG/E2lM9w5hf/Efp3MOKZ0= Subject key identifier: 27:A6:6D:86:F9:0E:B4:B2:D1:99:F7:A7:F5:54:FF:33:7B:8B:13:0E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 155E288A4E27D2662C6A1EEA082C5B27F632740D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143963.roa Signing time: Wed 04 Mar 2026 06:15:28 +0000 ROA not before: Wed 04 Mar 2026 06:10:28 +0000 ROA not after: Wed 03 Mar 2027 06:15:28 +0000 asID: 143963 IP address blocks: 240a:a521::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:5e:28:8a:4e:27:d2:66:2c:6a:1e:ea:08:2c:5b:27:f6:32:74:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:28 2026 GMT Not After : Mar 3 06:15:28 2027 GMT Subject: CN=27A66D86F90EB4B2D199F7A7F554FF337B8B130E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:4f:7b:ca:be:c8:9c:35:1d:0f:23:f9:4d:f0: 68:56:c0:30:85:62:dc:32:db:fd:ee:a9:e7:f0:66: cd:3c:fd:7a:76:73:61:70:2e:a5:a2:c1:a0:b9:3c: eb:da:bd:1a:27:51:68:1b:77:ba:00:f0:e2:61:fd: 6f:92:a1:e6:a6:1c:e4:89:cf:fe:f9:f9:b3:b7:36: df:d3:92:a6:0f:42:5a:de:0b:79:5b:6c:0b:e2:fc: 69:ab:5b:23:b0:54:ee:e9:d5:7a:27:1c:3f:b7:5d: 1d:16:5e:2a:bf:c1:fb:aa:a4:9b:65:64:ec:b8:de: b2:9f:10:b3:8d:f2:cd:33:36:e9:87:6d:9f:b2:5b: 22:70:9d:d0:51:7c:69:d5:8b:fd:9d:7b:c8:d5:49: 2d:07:47:f3:16:c4:d2:08:6a:d6:83:14:ac:80:63: d4:75:f4:84:ad:2c:94:c2:0b:68:cb:7d:5f:73:77: ef:c5:a3:13:75:3a:f7:95:e5:69:85:98:ff:23:9e: 06:85:73:84:4b:86:60:93:64:00:ae:b4:0e:3d:99: db:c9:98:bb:d7:e3:49:0c:ac:d5:7c:4a:87:ce:e3: 8b:f4:e8:5d:e0:cf:83:b0:68:a0:7d:7b:ef:43:e1: 88:17:70:86:9c:50:c9:a5:f6:29:c9:b7:cf:1d:99: 41:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:A6:6D:86:F9:0E:B4:B2:D1:99:F7:A7:F5:54:FF:33:7B:8B:13:0E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143963.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a521::/32 Signature Algorithm: sha256WithRSAEncryption c9:1d:ad:ba:1b:f0:89:46:fe:47:d0:bd:c5:d4:0d:c8:4b:ac: 57:04:e7:44:80:da:fa:7f:03:72:88:b9:1b:67:93:d2:8c:c5: 57:5f:b4:39:cc:ee:20:c9:84:36:3c:c1:6b:29:45:9d:03:11: 0b:d7:dd:dc:e7:7e:1c:19:5f:44:e9:11:bd:fe:8e:06:77:92: 23:c8:7a:c1:f7:d1:c6:1b:fa:a4:1b:a8:76:57:fe:6f:16:2b: 27:4d:d3:5b:6c:d8:55:53:3f:77:d2:dc:a7:d6:30:48:d1:47: 64:86:b0:45:f7:da:e5:4b:c5:ce:33:c5:4c:48:7b:e4:98:c2: 25:f3:24:2c:97:9d:bd:cb:ef:e7:ff:91:61:2b:b1:36:74:b0: a0:6e:d4:2a:c6:54:3f:8b:58:57:f3:8d:34:c6:00:d2:68:90: a1:e2:5b:ec:4d:1a:e6:77:c9:58:bf:b6:91:f1:69:06:60:af: 45:f4:b4:02:de:83:31:ef:d6:4d:7e:b2:1c:a2:06:52:cd:42: 17:0c:0f:05:56:3d:7d:83:77:d0:24:3b:70:9d:4d:b7:6e:6d: cd:be:30:ae:a9:4b:bf:e0:2d:dc:8d:3f:1d:f3:5a:4f:1f:aa: a6:60:d9:82:78:f8:10:0a:2e:07:bb:cc:14:22:fe:00:7e:3b: ef:ef:2d:db -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFV4oik4n0mYsah7qCCxbJ/YydA0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyOFoX DTI3MDMwMzA2MTUyOFowMzExMC8GA1UEAxMoMjdBNjZEODZGOTBFQjRCMkQxOTlG N0E3RjU1NEZGMzM3QjhCMTMwRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVPe8q+yJw1HQ8j+U3waFbAMIVi3DLb/e6p5/BmzTz9enZzYXAupaLBoLk8 69q9GidRaBt3ugDw4mH9b5Kh5qYc5InP/vn5s7c239OSpg9CWt4LeVtsC+L8aatb I7BU7unVeiccP7ddHRZeKr/B+6qkm2Vk7Ljesp8Qs43yzTM26Ydtn7JbInCd0FF8 adWL/Z17yNVJLQdH8xbE0ghq1oMUrIBj1HX0hK0slMILaMt9X3N378WjE3U695Xl aYWY/yOeBoVzhEuGYJNkAK60Dj2Z28mYu9fjSQys1XxKh87ji/ToXeDPg7BooH17 70PhiBdwhpxQyaX2Kcm3zx2ZQTECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQnpm2G +Q60stGZ96f1VP8ze4sTDjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pSEwDQYJKoZIhvcNAQELBQADggEBAMkdrbob8IlG/kfQvcXUDchLrFcE50SA2vp/ A3KIuRtnk9KMxVdftDnM7iDJhDY8wWspRZ0DEQvX3dznfhwZX0TpEb3+jgZ3kiPI esH30cYb+qQbqHZX/m8WKydN01ts2FVTP3fS3KfWMEjRR2SGsEX32uVLxc4zxUxI e+SYwiXzJCyXnb3L7+f/kWErsTZ0sKBu1CrGVD+LWFfzjTTGANJokKHiW+xNGuZ3 yVi/tpHxaQZgr0X0tALegzHv1k1+shyiBlLNQhcMDwVWPX2Dd9AkO3CdTbdubc2+ MK6pS7/gLdyNPx3zWk8fqqZg2YJ4+BAKLge7zBQi/gB+O+/vLds= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:01 2026 by rpki-client