$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143991.roa File: AS143991.roa (raw, json) Hash identifier: IxqJXqRL4Wy4YOn6Je2JwK/yHvAj2XEiJNqoWJWom6A= Subject key identifier: 13:5F:52:74:FD:CF:C7:25:C1:E1:DB:DF:95:0E:D3:39:D8:AF:F5:69 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 513D9129BD122953B25712D1E9212CC49D4D9F31 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143991.roa Signing time: Wed 04 Mar 2026 06:15:12 +0000 ROA not before: Wed 04 Mar 2026 06:10:12 +0000 ROA not after: Wed 03 Mar 2027 06:15:12 +0000 asID: 143991 IP address blocks: 240a:a53d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:3d:91:29:bd:12:29:53:b2:57:12:d1:e9:21:2c:c4:9d:4d:9f:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:12 2026 GMT Not After : Mar 3 06:15:12 2027 GMT Subject: CN=135F5274FDCFC725C1E1DBDF950ED339D8AFF569 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:39:fe:c6:f5:63:81:4b:68:06:bf:77:95:2b: 30:61:15:21:0b:e6:c0:4f:46:89:d1:a4:51:de:d8: 0d:fc:cd:6e:d0:61:63:e2:56:ee:c3:fc:bc:f5:3a: 95:91:85:18:ff:41:74:fc:b2:49:82:55:ef:17:47: 0c:9e:27:71:7a:d3:d7:9f:be:c0:6e:5d:99:2a:fb: 56:a7:c2:f4:32:e9:4f:4f:8f:8c:77:dd:e6:f0:cc: ee:62:3c:84:2f:c3:d2:7e:22:d4:87:f4:bc:46:08: 02:53:95:bb:3e:bb:16:17:97:c0:64:2d:fb:4c:76: d1:6a:61:dd:ca:13:11:dd:73:d0:c0:90:a7:a2:4c: 6f:98:3a:97:f1:f5:7f:43:b1:0b:4a:c5:6b:83:3b: a9:42:e0:98:07:ea:62:4e:ba:34:ad:4d:78:5d:b5: aa:d6:05:27:60:e4:f6:9c:8a:39:85:39:f6:26:2d: 52:14:99:8a:11:6b:f1:19:5b:19:b5:12:1d:52:26: 6a:b9:6f:06:86:97:59:69:75:f2:a3:16:b7:07:af: 3f:0b:28:f0:aa:bf:78:a2:6a:71:f6:c9:9e:9b:36: 8f:2a:61:9c:dc:3a:b2:ed:92:43:41:b7:67:82:31: c8:96:e6:19:c9:1e:b3:8b:b8:fe:f1:66:54:98:55: 17:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:5F:52:74:FD:CF:C7:25:C1:E1:DB:DF:95:0E:D3:39:D8:AF:F5:69 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143991.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a53d::/32 Signature Algorithm: sha256WithRSAEncryption 5c:72:25:b0:87:93:74:bb:b3:5e:b0:a0:42:8e:2a:31:6c:c6: 69:8b:10:47:0a:3e:1d:20:5a:f0:38:4b:b5:51:ba:c8:51:e3: 79:8b:ec:f0:65:f4:e2:60:61:ac:2e:71:5a:43:1b:5e:83:3e: 5f:97:7d:d1:19:53:f7:2b:db:44:ed:75:41:47:1a:4c:eb:5b: 30:0a:11:6b:ec:69:9d:68:c5:17:8c:58:50:5f:d7:fc:6e:93: cd:8e:30:10:fb:42:5b:72:15:57:b6:1a:7e:0f:18:44:14:ed: ea:e4:78:36:da:ce:b1:81:f5:4f:19:bf:a5:0d:0c:d6:d7:f7: 25:0f:8a:30:c3:f7:3b:74:c4:8a:35:c5:c9:db:3e:c0:c4:3b: 43:08:c2:4b:d3:a8:0d:91:47:c4:ed:fa:c1:32:a8:75:6a:c3: 5f:02:55:5c:55:39:23:37:f9:e6:ce:68:3a:0f:26:38:24:12: 63:db:60:24:38:f6:9c:e6:2b:1c:b4:12:ee:ab:07:a7:cd:97: e3:49:a9:ea:7b:c2:34:21:5f:fa:ea:a9:33:62:5b:6d:e3:6c: 01:67:13:c1:b8:70:97:1d:b6:27:97:f5:2d:bf:17:2d:46:0b: e0:d6:f0:b7:2e:50:51:35:f3:34:f9:cd:d0:cc:0e:99:c2:a2: 83:aa:89:70 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUT2RKb0SKVOyVxLR6SEsxJ1NnzEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxMloX DTI3MDMwMzA2MTUxMlowMzExMC8GA1UEAxMoMTM1RjUyNzRGRENGQzcyNUMxRTFE QkRGOTUwRUQzMzlEOEFGRjU2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN05/sb1Y4FLaAa/d5UrMGEVIQvmwE9GidGkUd7YDfzNbtBhY+JW7sP8vPU6 lZGFGP9BdPyySYJV7xdHDJ4ncXrT15++wG5dmSr7VqfC9DLpT0+PjHfd5vDM7mI8 hC/D0n4i1If0vEYIAlOVuz67FheXwGQt+0x20Wph3coTEd1z0MCQp6JMb5g6l/H1 f0OxC0rFa4M7qULgmAfqYk66NK1NeF21qtYFJ2Dk9pyKOYU59iYtUhSZihFr8Rlb GbUSHVImarlvBoaXWWl18qMWtwevPwso8Kq/eKJqcfbJnps2jyphnNw6su2SQ0G3 Z4IxyJbmGckes4u4/vFmVJhVF9kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQTX1J0 /c/HJcHh29+VDtM52K/1aTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pT0wDQYJKoZIhvcNAQELBQADggEBAFxyJbCHk3S7s16woEKOKjFsxmmLEEcKPh0g WvA4S7VRushR43mL7PBl9OJgYawucVpDG16DPl+XfdEZU/cr20TtdUFHGkzrWzAK EWvsaZ1oxReMWFBf1/xuk82OMBD7QltyFVe2Gn4PGEQU7erkeDbazrGB9U8Zv6UN DNbX9yUPijDD9zt0xIo1xcnbPsDEO0MIwkvTqA2RR8Tt+sEyqHVqw18CVVxVOSM3 +ebOaDoPJjgkEmPbYCQ49pzmKxy0Eu6rB6fNl+NJqep7wjQhX/rqqTNiW23jbAFn E8G4cJcdtieX9S2/Fy1GC+DW8LcuUFE18zT5zdDMDpnCooOqiXA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:02 2026 by rpki-client