$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143990.roa File: AS143990.roa (raw, json) Hash identifier: mZdAlqpIGyncJgtdxR4++CRfOTi73R8OMBYxZ15iT+M= Subject key identifier: 12:EE:BC:39:9E:CF:7A:9F:A2:60:2E:E9:2A:18:D9:B0:7F:2E:97:EE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 12B18850E72C9860580C7116D64C92A1B845025D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143990.roa Signing time: Wed 04 Mar 2026 06:13:54 +0000 ROA not before: Wed 04 Mar 2026 06:08:54 +0000 ROA not after: Wed 03 Mar 2027 06:13:54 +0000 asID: 143990 IP address blocks: 240a:a53c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:b1:88:50:e7:2c:98:60:58:0c:71:16:d6:4c:92:a1:b8:45:02:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:54 2026 GMT Not After : Mar 3 06:13:54 2027 GMT Subject: CN=12EEBC399ECF7A9FA2602EE92A18D9B07F2E97EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:8d:9d:85:4d:8d:1b:f4:d7:3b:e4:6b:26:ff: 37:23:50:aa:a2:62:da:3b:21:a9:18:35:2e:81:a0: 21:0d:ba:9f:0b:75:6a:fa:3b:57:a6:bc:57:fb:69: 39:32:d8:99:ea:9b:7f:17:8e:61:d9:ba:2b:4a:c3: 3c:df:83:48:ee:fb:32:65:1c:49:d2:8d:27:a7:0d: 4c:a4:a4:53:d1:26:c3:42:d9:97:af:bc:d8:d4:bf: 33:bb:f0:f6:f8:58:08:51:21:f5:20:36:9d:83:10: dc:71:33:57:4f:39:0b:91:94:20:a1:7b:06:ff:d3: f8:55:45:65:7c:87:a4:ad:c2:07:30:5f:b7:8f:08: a6:a4:3b:9d:ee:21:a4:4a:52:09:19:a6:d0:18:b6: d8:64:93:89:cf:25:e8:ad:a8:a8:dd:77:92:4f:5c: 63:88:14:e1:a2:7a:c7:dc:16:c8:67:66:30:3b:4d: ba:86:a9:57:62:54:74:5e:ed:e8:02:0b:c9:b3:32: f9:8e:bf:39:6f:6e:c8:e1:39:f7:7a:6a:83:a1:78: da:1d:93:e2:c0:15:73:b4:d1:53:fe:eb:b9:92:db: bc:f5:ef:0d:4e:9b:95:8d:3d:fb:ef:77:4d:64:43: ac:0c:43:00:47:a0:a3:28:02:ed:bf:3b:4b:17:b9: 9c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:EE:BC:39:9E:CF:7A:9F:A2:60:2E:E9:2A:18:D9:B0:7F:2E:97:EE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143990.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a53c::/32 Signature Algorithm: sha256WithRSAEncryption 20:95:60:f7:e0:4f:54:5b:22:af:8e:2e:0f:74:e3:db:6a:d6: e2:7b:e0:2d:70:8b:8c:6e:65:e6:b6:23:cc:ed:95:58:3c:fc: 86:4e:3b:31:c7:13:c9:dc:b6:f2:f4:7c:21:0f:9c:c8:67:69: c0:6c:6f:4b:2b:8d:3f:6f:8f:c2:fe:09:c5:f9:86:02:5d:65: 27:b4:3f:b8:7d:49:ff:7b:b4:df:f8:e9:61:ef:c7:84:81:2e: 58:1f:5c:ed:a0:d2:bb:3e:7e:cb:94:f4:09:b8:e3:53:e0:6b: c4:a2:a7:a5:f9:9f:fe:a2:6d:e7:08:da:ea:f0:6e:70:c5:9e: cd:21:73:ea:9a:35:09:d4:6c:e5:51:65:93:fa:bd:20:77:93: d0:3b:4c:ee:52:8b:40:69:50:10:dd:44:a1:eb:80:e7:17:a9: 44:9a:f0:17:af:05:34:26:bb:3c:5a:db:cf:bf:42:31:08:f4: d7:e4:36:8d:34:d6:c5:f8:8a:f5:f9:b3:95:5f:25:b0:1f:93: 07:62:f6:17:98:e6:13:26:e5:1e:a3:75:e1:c6:b6:33:2a:65: f8:b2:41:aa:d5:e0:73:2e:5d:03:1b:15:d8:c7:49:85:66:37: 2f:50:c6:0c:bc:53:eb:b5:96:d4:b7:71:84:44:d4:87:80:be: 31:5c:c8:ff -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUErGIUOcsmGBYDHEW1kySobhFAl0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1NFoX DTI3MDMwMzA2MTM1NFowMzExMC8GA1UEAxMoMTJFRUJDMzk5RUNGN0E5RkEyNjAy RUU5MkExOEQ5QjA3RjJFOTdFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmNnYVNjRv01zvkayb/NyNQqqJi2jshqRg1LoGgIQ26nwt1avo7V6a8V/tp OTLYmeqbfxeOYdm6K0rDPN+DSO77MmUcSdKNJ6cNTKSkU9Emw0LZl6+82NS/M7vw 9vhYCFEh9SA2nYMQ3HEzV085C5GUIKF7Bv/T+FVFZXyHpK3CBzBft48IpqQ7ne4h pEpSCRmm0Bi22GSTic8l6K2oqN13kk9cY4gU4aJ6x9wWyGdmMDtNuoapV2JUdF7t 6AILybMy+Y6/OW9uyOE593pqg6F42h2T4sAVc7TRU/7ruZLbvPXvDU6blY09++93 TWRDrAxDAEegoygC7b87Sxe5nH0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQS7rw5 ns96n6JgLukqGNmwfy6X7jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk5MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pTwwDQYJKoZIhvcNAQELBQADggEBACCVYPfgT1RbIq+OLg9049tq1uJ74C1wi4xu Zea2I8ztlVg8/IZOOzHHE8nctvL0fCEPnMhnacBsb0srjT9vj8L+CcX5hgJdZSe0 P7h9Sf97tN/46WHvx4SBLlgfXO2g0rs+fsuU9Am441Pga8Sip6X5n/6ibecI2urw bnDFns0hc+qaNQnUbOVRZZP6vSB3k9A7TO5Si0BpUBDdRKHrgOcXqUSa8BevBTQm uzxa28+/QjEI9NfkNo001sX4ivX5s5VfJbAfkwdi9heY5hMm5R6jdeHGtjMqZfiy QarV4HMuXQMbFdjHSYVmNy9Qxgy8U+u1ltS3cYRE1IeAvjFcyP8= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:38 2026 by rpki-client