$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143994.roa File: AS143994.roa (raw, json) Hash identifier: PqQLizonaKZRRwDnetpJECUZDpwoQyYfOxMuTxLDW9g= Subject key identifier: 0F:05:48:35:A6:F4:C0:1B:05:09:F2:C9:EC:45:01:F1:D0:0A:1D:C9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 06367A3E6F516B7AED4DF7D7DCCF7A93E5E2FE75 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143994.roa Signing time: Wed 04 Mar 2026 06:15:15 +0000 ROA not before: Wed 04 Mar 2026 06:10:15 +0000 ROA not after: Wed 03 Mar 2027 06:15:15 +0000 asID: 143994 IP address blocks: 240a:a540::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:36:7a:3e:6f:51:6b:7a:ed:4d:f7:d7:dc:cf:7a:93:e5:e2:fe:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:15 2026 GMT Not After : Mar 3 06:15:15 2027 GMT Subject: CN=0F054835A6F4C01B0509F2C9EC4501F1D00A1DC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:f3:58:b1:b8:d7:6c:03:03:f3:91:46:fe:86: e2:1b:61:5e:bf:ae:d6:a6:27:a3:7e:e0:3e:9c:d3: c2:8e:1f:22:e2:ae:00:c5:f8:32:4c:47:ba:09:62: 63:5c:80:2a:7a:58:39:25:67:dd:e1:7a:c2:6e:83: 71:35:4b:53:8c:f4:02:14:aa:86:df:0d:64:05:f1: 96:b7:f4:2d:8b:53:a9:c7:0f:bf:ea:2d:27:f5:f6: 77:47:a7:bb:14:72:63:03:f6:bf:61:94:f8:68:e6: a6:f8:f5:82:b0:e1:73:0a:12:a8:02:2a:96:ee:2c: 93:d3:30:67:51:9c:aa:e6:25:e6:c0:b8:fc:f1:fd: f7:0a:d5:91:f8:a0:b2:4a:f5:7a:e2:ba:72:8b:50: 36:bb:a3:4d:4e:67:95:73:25:8f:8a:12:c4:78:20: 51:1c:26:ce:a3:1e:43:8f:de:3a:be:bb:5e:fb:65: 51:45:16:16:63:4b:b9:00:2b:a5:66:64:50:0f:53: 57:3d:24:53:c9:37:e3:88:c5:79:26:37:9b:9a:07: e8:60:e0:11:38:e6:2c:f5:e0:34:46:cb:a1:eb:c0: 9d:f5:b5:36:22:51:41:5a:75:46:05:70:21:5e:8e: 81:e0:cb:23:48:0c:6c:09:a0:d7:5e:d3:ae:30:4c: ca:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:05:48:35:A6:F4:C0:1B:05:09:F2:C9:EC:45:01:F1:D0:0A:1D:C9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143994.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a540::/32 Signature Algorithm: sha256WithRSAEncryption 20:b2:0f:15:11:04:b5:88:16:72:e5:6f:2f:75:3c:6c:bb:72: 92:09:7a:22:c5:11:e9:6a:12:e1:22:e0:a1:d3:e1:d1:c3:9a: 87:23:71:61:db:b8:92:2e:cc:b9:98:af:66:25:87:54:3c:a4: 0c:1d:01:4e:31:a5:14:20:ac:36:b8:da:7c:68:26:da:82:e1: 0f:7d:3e:1e:44:d2:d5:82:c6:59:47:39:80:1f:f5:b8:f9:e4: 31:3c:f3:0a:03:dc:80:57:7e:85:74:49:c1:e9:76:11:c3:8f: e8:35:6e:30:78:21:7d:70:aa:24:e4:b3:23:fc:b5:1e:21:8d: a3:2c:2d:f4:0c:e3:70:a3:5b:e2:2d:4f:3a:9f:83:56:0c:40: 16:ac:2f:ff:96:64:90:06:af:31:26:14:07:0b:bc:47:35:3a: 92:37:25:1b:11:7b:3f:b7:5d:73:23:33:f5:a9:8d:35:53:23: eb:46:06:91:4f:3d:bf:fc:03:12:56:50:9a:c4:e5:b6:07:6a: 7f:bc:f8:b6:19:3b:ce:18:d3:68:a1:e1:fb:81:b0:5c:0b:3d: 2a:01:9a:fd:70:53:68:a7:c1:a1:12:a2:0f:f4:d4:fa:52:75: 29:a7:13:d0:e7:8d:74:f7:85:17:67:95:75:81:0e:27:5b:b1: fe:d8:bc:78 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBjZ6Pm9Ra3rtTffX3M96k+Xi/nUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxNVoX DTI3MDMwMzA2MTUxNVowMzExMC8GA1UEAxMoMEYwNTQ4MzVBNkY0QzAxQjA1MDlG MkM5RUM0NTAxRjFEMDBBMURDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJHzWLG412wDA/ORRv6G4hthXr+u1qYno37gPpzTwo4fIuKuAMX4MkxHugli Y1yAKnpYOSVn3eF6wm6DcTVLU4z0AhSqht8NZAXxlrf0LYtTqccPv+otJ/X2d0en uxRyYwP2v2GU+Gjmpvj1grDhcwoSqAIqlu4sk9MwZ1GcquYl5sC4/PH99wrVkfig skr1euK6cotQNrujTU5nlXMlj4oSxHggURwmzqMeQ4/eOr67XvtlUUUWFmNLuQAr pWZkUA9TVz0kU8k344jFeSY3m5oH6GDgETjmLPXgNEbLoevAnfW1NiJRQVp1RgVw IV6OgeDLI0gMbAmg117TrjBMysMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQPBUg1 pvTAGwUJ8snsRQHx0AodyTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pUAwDQYJKoZIhvcNAQELBQADggEBACCyDxURBLWIFnLlby91PGy7cpIJeiLFEelq EuEi4KHT4dHDmocjcWHbuJIuzLmYr2Ylh1Q8pAwdAU4xpRQgrDa42nxoJtqC4Q99 Ph5E0tWCxllHOYAf9bj55DE88woD3IBXfoV0ScHpdhHDj+g1bjB4IX1wqiTksyP8 tR4hjaMsLfQM43CjW+ItTzqfg1YMQBasL/+WZJAGrzEmFAcLvEc1OpI3JRsRez+3 XXMjM/WpjTVTI+tGBpFPPb/8AxJWUJrE5bYHan+8+LYZO84Y02ih4fuBsFwLPSoB mv1wU2inwaESog/01PpSdSmnE9DnjXT3hRdnlXWBDidbsf7YvHg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:53 2026 by rpki-client