$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143971.roa File: AS143971.roa (raw, json) Hash identifier: zP3APtnCmnesNO5RUVzxLmQE8bkNyufdcng61DTG+qg= Subject key identifier: C0:CF:1A:DF:E2:8B:72:D0:8A:E5:2B:BC:AD:AD:E7:1B:37:F9:72:C9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E3E5C932B3D59DAB9320C7AD7BD91CBAE63E362 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143971.roa Signing time: Wed 04 Mar 2026 06:13:22 +0000 ROA not before: Wed 04 Mar 2026 06:08:22 +0000 ROA not after: Wed 03 Mar 2027 06:13:22 +0000 asID: 143971 IP address blocks: 240a:a529::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:3e:5c:93:2b:3d:59:da:b9:32:0c:7a:d7:bd:91:cb:ae:63:e3:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:22 2026 GMT Not After : Mar 3 06:13:22 2027 GMT Subject: CN=C0CF1ADFE28B72D08AE52BBCADADE71B37F972C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:b7:eb:32:ca:89:75:a4:2c:4c:bc:a3:4d:e4: 72:4e:c4:ec:67:13:48:0a:21:29:8f:bd:13:25:2c: d0:d7:52:18:1b:82:5a:06:44:74:5a:1a:7a:72:54: 17:d5:d0:8a:61:2f:e0:86:5a:4d:30:58:e7:af:8c: 1c:9d:e5:2c:d1:4c:e6:e3:e5:13:c0:e3:1b:10:cb: 6c:9f:e9:d0:5b:77:f7:c5:40:28:c3:9e:60:a9:cb: 87:d0:b8:c9:be:28:c0:e5:94:41:4a:5b:6a:b8:77: e6:e9:ea:7a:3d:2b:50:74:82:e2:94:9c:f9:97:90: bf:3f:90:a0:64:a3:f7:05:39:72:84:6d:07:3d:bc: cf:99:d2:a6:31:95:a7:08:2d:28:d0:a7:fe:3f:5b: eb:c1:cd:00:e8:56:7d:b8:f5:eb:cb:9a:55:25:68: ff:2b:ee:19:e1:78:58:74:1d:d3:fc:75:83:10:52: 86:53:84:e3:fb:a4:32:e0:e5:f1:04:e4:2a:c0:43: a1:28:18:31:89:4f:ba:9e:97:41:10:3f:53:25:87: b4:47:d8:e1:35:a9:b1:19:73:a5:79:09:2b:96:4a: 46:63:d4:90:c3:f1:df:f7:47:5c:16:36:3b:ae:27: f5:26:18:36:eb:41:bc:54:69:43:5d:2e:5a:4b:bf: 47:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:CF:1A:DF:E2:8B:72:D0:8A:E5:2B:BC:AD:AD:E7:1B:37:F9:72:C9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143971.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a529::/32 Signature Algorithm: sha256WithRSAEncryption 02:70:48:e1:1a:99:e3:17:79:05:0b:79:88:52:9e:7d:6d:ef: 4c:a6:0f:a9:48:d7:9e:f7:e5:5d:db:4b:ba:3f:cf:5c:e0:a2: 7a:c4:fe:dc:ba:8e:3e:6a:26:74:67:35:15:4c:2a:b8:e0:e1: 81:09:99:f4:16:b0:dc:2a:08:60:16:7b:1b:68:63:e1:78:93: d6:cb:36:93:04:c7:06:7d:00:cd:3c:88:9b:05:9b:1c:e8:18: 78:e9:4f:85:11:64:27:96:2f:4f:2b:56:56:ca:06:2f:3c:30: 3c:eb:90:ac:dd:16:12:4e:b1:b6:1c:70:e3:91:f0:2e:53:5b: ef:df:04:e2:27:74:27:51:83:09:7a:fb:33:05:46:95:17:66: 46:48:e0:99:11:ec:80:09:01:8d:d4:9d:dd:37:31:0b:77:e7: 52:f6:29:cb:ad:be:dc:72:90:0e:bf:7d:c7:e3:1f:90:a6:68: 6c:57:ec:7b:a0:bc:cf:4a:49:b4:0d:84:1a:3b:e0:ef:c8:c8: 16:03:7c:81:f4:68:88:42:88:12:e3:ab:3a:ff:0f:a5:e9:27: 93:55:64:40:50:91:40:77:0c:b2:95:53:e3:bb:44:64:a6:06: 41:fd:3e:0c:cc:e0:bb:d3:c2:61:13:36:f0:9c:cb:bd:f4:17: 74:b5:bb:23 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPj5ckys9Wdq5Mgx6172Ry65j42IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyMloX DTI3MDMwMzA2MTMyMlowMzExMC8GA1UEAxMoQzBDRjFBREZFMjhCNzJEMDhBRTUy QkJDQURBREU3MUIzN0Y5NzJDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJW36zLKiXWkLEy8o03kck7E7GcTSAohKY+9EyUs0NdSGBuCWgZEdFoaenJU F9XQimEv4IZaTTBY56+MHJ3lLNFM5uPlE8DjGxDLbJ/p0Ft398VAKMOeYKnLh9C4 yb4owOWUQUpbarh35unqej0rUHSC4pSc+ZeQvz+QoGSj9wU5coRtBz28z5nSpjGV pwgtKNCn/j9b68HNAOhWfbj168uaVSVo/yvuGeF4WHQd0/x1gxBShlOE4/ukMuDl 8QTkKsBDoSgYMYlPup6XQRA/UyWHtEfY4TWpsRlzpXkJK5ZKRmPUkMPx3/dHXBY2 O64n9SYYNutBvFRpQ10uWku/RyMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTAzxrf 4oty0IrlK7ytrecbN/lyyTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pSkwDQYJKoZIhvcNAQELBQADggEBAAJwSOEameMXeQULeYhSnn1t70ymD6lI1573 5V3bS7o/z1zgonrE/ty6jj5qJnRnNRVMKrjg4YEJmfQWsNwqCGAWextoY+F4k9bL NpMExwZ9AM08iJsFmxzoGHjpT4URZCeWL08rVlbKBi88MDzrkKzdFhJOsbYccOOR 8C5TW+/fBOIndCdRgwl6+zMFRpUXZkZI4JkR7IAJAY3Und03MQt351L2Kcutvtxy kA6/fcfjH5CmaGxX7HugvM9KSbQNhBo74O/IyBYDfIH0aIhCiBLjqzr/D6XpJ5NV ZEBQkUB3DLKVU+O7RGSmBkH9PgzM4LvTwmETNvCcy730F3S1uyM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:07 2026 by rpki-client