$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143966.roa File: AS143966.roa (raw, json) Hash identifier: pMnlSCiGkQPFpu0g5g4OlwcoM7MyWSoQXVv9QFirv+g= Subject key identifier: 6E:B3:FE:A3:A7:76:DF:3E:0A:4F:5C:43:9C:09:B9:04:15:C1:6E:85 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 011A471DC1E36188884241D1D02C314F7E905571 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143966.roa Signing time: Wed 04 Mar 2026 06:12:44 +0000 ROA not before: Wed 04 Mar 2026 06:07:44 +0000 ROA not after: Wed 03 Mar 2027 06:12:44 +0000 asID: 143966 IP address blocks: 240a:a524::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:1a:47:1d:c1:e3:61:88:88:42:41:d1:d0:2c:31:4f:7e:90:55:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:44 2026 GMT Not After : Mar 3 06:12:44 2027 GMT Subject: CN=6EB3FEA3A776DF3E0A4F5C439C09B90415C16E85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:66:14:08:e6:9d:0e:50:63:97:d8:38:21:6d: 46:7c:5b:58:8e:e7:c4:31:20:b5:ba:8d:04:cd:b7: 81:2c:47:10:f8:fa:c0:a4:3a:2c:ed:14:3c:84:6e: 6a:6d:ba:a8:c4:f5:b1:74:71:1e:53:d2:fb:63:80: 91:cc:8a:ca:4a:7a:33:63:fc:1e:7a:79:43:42:7a: 2e:06:9e:25:8d:94:37:c9:da:51:a4:c6:f7:27:58: 1b:14:cb:c5:01:cb:0c:f9:78:4f:96:b2:60:43:dc: 9b:de:96:4b:32:ee:cf:4e:6b:98:c7:25:1b:83:c2: b9:9e:99:03:8e:19:e4:4e:bb:f0:54:de:81:69:24: 8d:21:b0:e0:a2:10:73:5f:f0:33:6e:86:bb:22:45: 98:d7:95:b8:64:06:2b:9d:f6:25:3f:3d:39:3d:ad: 21:24:fd:c8:5e:75:e1:fc:77:4e:3b:87:e8:03:56: 79:68:df:d8:f0:68:85:48:dd:ce:f8:1c:0f:e6:94: 8c:08:4a:5d:12:2b:6d:de:e4:87:1b:eb:4f:b6:ec: fd:57:94:c8:3f:8a:75:cf:e2:d9:d6:fe:81:4a:eb: 4f:55:4b:87:1a:42:5b:02:a7:bd:06:da:2f:4a:83: 40:ee:61:e8:6a:a7:41:a0:3f:84:3c:cd:56:a2:7f: 7c:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:B3:FE:A3:A7:76:DF:3E:0A:4F:5C:43:9C:09:B9:04:15:C1:6E:85 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143966.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a524::/32 Signature Algorithm: sha256WithRSAEncryption 4c:77:a2:4f:da:14:7a:dd:1d:64:55:d2:86:e0:28:98:83:cd: c5:2a:aa:b7:16:d1:bb:ba:89:59:27:4c:81:ff:d2:10:88:12: 7c:43:ac:4a:27:32:8f:87:f3:28:c0:83:1a:52:8b:c7:3a:42: 6e:aa:67:5d:51:79:db:9c:ac:20:41:1a:27:1a:a7:f8:b2:b2: 9a:4d:54:64:71:e3:92:31:f1:81:9b:00:63:53:ce:8a:57:9e: 49:02:7f:cc:32:88:f2:b5:ea:01:14:40:06:2f:0e:ef:ae:66: a2:b2:b8:60:63:6d:c1:f5:ee:dc:88:e5:57:e3:60:72:08:fd: 81:7e:cb:3e:c3:5d:79:16:2b:6f:ac:36:b1:15:59:c2:c9:c3: 1b:a7:65:d3:ff:fb:75:2d:23:7d:b8:00:03:5b:f8:cb:35:38: 89:f7:9d:18:c7:20:2e:32:01:2a:da:fb:b2:d9:c2:b5:29:0d: b4:b2:be:8b:5b:dc:d0:51:54:97:60:0b:71:e5:21:4b:2a:a5: d4:57:92:e1:19:98:99:f7:02:5a:af:a2:ae:c0:2d:2a:89:0b: 75:d6:7b:61:31:02:5b:01:4a:cf:17:dc:15:6a:99:01:51:b7: 71:f6:53:b6:76:96:9c:bd:1e:fc:29:e4:38:ee:4c:55:a7:e4: 7d:11:f8:54 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUARpHHcHjYYiIQkHR0CwxT36QVXEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0NFoX DTI3MDMwMzA2MTI0NFowMzExMC8GA1UEAxMoNkVCM0ZFQTNBNzc2REYzRTBBNEY1 QzQzOUMwOUI5MDQxNUMxNkU4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKBmFAjmnQ5QY5fYOCFtRnxbWI7nxDEgtbqNBM23gSxHEPj6wKQ6LO0UPIRu am26qMT1sXRxHlPS+2OAkcyKykp6M2P8Hnp5Q0J6LgaeJY2UN8naUaTG9ydYGxTL xQHLDPl4T5ayYEPcm96WSzLuz05rmMclG4PCuZ6ZA44Z5E678FTegWkkjSGw4KIQ c1/wM26GuyJFmNeVuGQGK532JT89OT2tIST9yF514fx3TjuH6ANWeWjf2PBohUjd zvgcD+aUjAhKXRIrbd7khxvrT7bs/VeUyD+Kdc/i2db+gUrrT1VLhxpCWwKnvQba L0qDQO5h6GqnQaA/hDzNVqJ/fD0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRus/6j p3bfPgpPXEOcCbkEFcFuhTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk2Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pSQwDQYJKoZIhvcNAQELBQADggEBAEx3ok/aFHrdHWRV0obgKJiDzcUqqrcW0bu6 iVknTIH/0hCIEnxDrEonMo+H8yjAgxpSi8c6Qm6qZ11ReducrCBBGicap/iysppN VGRx45Ix8YGbAGNTzopXnkkCf8wyiPK16gEUQAYvDu+uZqKyuGBjbcH17tyI5Vfj YHII/YF+yz7DXXkWK2+sNrEVWcLJwxunZdP/+3UtI324AANb+Ms1OIn3nRjHIC4y ASra+7LZwrUpDbSyvotb3NBRVJdgC3HlIUsqpdRXkuEZmJn3Alqvoq7ALSqJC3XW e2ExAlsBSs8X3BVqmQFRt3H2U7Z2lpy9Hvwp5DjuTFWn5H0R+FQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:45 2026 by rpki-client