$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143978.roa File: AS143978.roa (raw, json) Hash identifier: qE1A/PLcLSPDNLJU23Vdb1poBpM89+rlFweCYGcWasU= Subject key identifier: BF:0F:A1:BA:8C:8B:7B:C3:DA:C9:40:61:F0:52:2E:7E:CE:A6:C9:E9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1574A4D32D5BC72AD2093762CE47B70D8BD5640A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143978.roa Signing time: Wed 04 Mar 2026 06:14:48 +0000 ROA not before: Wed 04 Mar 2026 06:09:48 +0000 ROA not after: Wed 03 Mar 2027 06:14:48 +0000 asID: 143978 IP address blocks: 240a:a530::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:74:a4:d3:2d:5b:c7:2a:d2:09:37:62:ce:47:b7:0d:8b:d5:64:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:48 2026 GMT Not After : Mar 3 06:14:48 2027 GMT Subject: CN=BF0FA1BA8C8B7BC3DAC94061F0522E7ECEA6C9E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:65:de:bc:00:1b:c7:55:1f:56:fb:58:5e:3e: c0:a7:85:25:4f:69:b2:05:86:83:26:e5:e2:f4:14: e0:50:1f:88:6a:f9:b1:ef:c0:15:ae:32:25:2f:eb: f2:54:2b:4f:ab:ff:16:e6:a5:53:7f:3e:2d:72:9a: 18:b3:5b:0b:ed:2d:73:ef:0e:07:40:a9:64:62:a0: ce:21:45:24:42:06:5a:8b:00:da:32:a7:04:33:08: a4:6b:7e:8c:de:ff:b0:53:78:74:71:53:2a:3d:52: fa:bb:a3:54:3d:db:2d:36:1c:2f:19:50:cb:f5:4d: d0:81:68:5b:6f:3b:da:f0:61:41:35:87:10:a3:33: e4:6a:ab:4d:3f:c8:9c:1e:91:30:d6:ff:81:7e:14: 47:dc:8d:1c:74:ff:d2:97:b9:0c:7a:89:f6:4c:ed: ed:73:d3:e3:1d:75:b3:a8:25:06:66:67:70:24:21: 70:d1:1c:9f:83:b8:64:29:1b:fa:e2:9c:be:37:8d: 35:4f:77:01:6e:fc:6e:23:ed:bf:d8:a5:93:03:95: 75:bb:95:aa:ee:29:8e:44:1e:76:1d:10:a6:95:b4: 44:b1:2c:48:10:bd:54:51:4b:82:15:48:b3:a9:9b: ab:f7:fa:c1:03:92:a3:66:4e:a4:aa:c5:03:a9:d5: 47:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:0F:A1:BA:8C:8B:7B:C3:DA:C9:40:61:F0:52:2E:7E:CE:A6:C9:E9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143978.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a530::/32 Signature Algorithm: sha256WithRSAEncryption 92:44:a4:d7:ed:31:81:a4:e4:df:c7:1c:f9:eb:7b:4d:df:32: 6e:3c:e4:d1:88:df:75:90:c8:be:ac:65:37:19:43:04:32:7e: 89:bf:39:f7:fe:0f:61:66:9e:95:8f:a8:cd:b4:41:6e:05:50: 78:c5:ad:ae:61:5e:cb:b2:09:90:86:b5:b9:39:04:b6:d8:bd: 65:66:7f:0e:c7:b4:a2:52:c0:22:55:66:90:2a:5d:b9:7c:0b: 42:bf:18:cd:2d:b8:84:14:47:10:ba:70:27:54:0c:12:1e:7b: d0:6d:e9:c5:8c:d7:f7:24:cd:85:1f:eb:e2:3f:79:95:2d:08: 28:bf:aa:36:0f:c4:7c:7d:0a:c4:6b:4a:93:a7:44:8a:df:fa: 40:6b:48:a9:fa:f1:67:be:76:ee:cf:9c:a5:db:a6:a1:4a:04: 79:7e:6c:88:e0:5f:d1:58:dd:15:98:00:4e:31:3f:6d:94:03: 52:55:07:94:b2:93:67:59:ff:c4:ab:cc:d5:91:0e:f7:5f:d7: f6:df:d7:c6:f8:f2:cf:cc:4d:02:cc:8d:16:b8:c9:9e:12:47: da:c6:8f:c2:ad:de:46:a8:15:b7:1e:57:d6:c8:f6:32:c0:27: 4c:ea:f7:84:9c:6b:a8:fb:72:15:3f:d4:f4:16:35:af:c1:e8: 5a:fb:21:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFXSk0y1bxyrSCTdizke3DYvVZAowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0OFoX DTI3MDMwMzA2MTQ0OFowMzExMC8GA1UEAxMoQkYwRkExQkE4QzhCN0JDM0RBQzk0 MDYxRjA1MjJFN0VDRUE2QzlFOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALhl3rwAG8dVH1b7WF4+wKeFJU9psgWGgybl4vQU4FAfiGr5se/AFa4yJS/r 8lQrT6v/FualU38+LXKaGLNbC+0tc+8OB0CpZGKgziFFJEIGWosA2jKnBDMIpGt+ jN7/sFN4dHFTKj1S+rujVD3bLTYcLxlQy/VN0IFoW2872vBhQTWHEKMz5GqrTT/I nB6RMNb/gX4UR9yNHHT/0pe5DHqJ9kzt7XPT4x11s6glBmZncCQhcNEcn4O4ZCkb +uKcvjeNNU93AW78biPtv9ilkwOVdbuVqu4pjkQedh0QppW0RLEsSBC9VFFLghVI s6mbq/f6wQOSo2ZOpKrFA6nVRwcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS/D6G6 jIt7w9rJQGHwUi5+zqbJ6TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pTAwDQYJKoZIhvcNAQELBQADggEBAJJEpNftMYGk5N/HHPnre03fMm485NGI33WQ yL6sZTcZQwQyfom/Off+D2FmnpWPqM20QW4FUHjFra5hXsuyCZCGtbk5BLbYvWVm fw7HtKJSwCJVZpAqXbl8C0K/GM0tuIQURxC6cCdUDBIee9Bt6cWM1/ckzYUf6+I/ eZUtCCi/qjYPxHx9CsRrSpOnRIrf+kBrSKn68We+du7PnKXbpqFKBHl+bIjgX9FY 3RWYAE4xP22UA1JVB5Syk2dZ/8SrzNWRDvdf1/bf18b48s/MTQLMjRa4yZ4SR9rG j8Kt3kaoFbceV9bI9jLAJ0zq94Sca6j7chU/1PQWNa/B6Fr7ISk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:44 2026 by rpki-client