$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143996.roa File: AS143996.roa (raw, json) Hash identifier: pBQT6tnffURb6YghGqVG1tsmDoUgNKtJCmay4osZR/4= Subject key identifier: B9:61:F3:B0:7A:66:83:3E:63:F0:69:59:83:22:D2:F5:58:12:15:F8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 429B457220C45979F543F16E64BBDDA2399F22A1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143996.roa Signing time: Wed 04 Mar 2026 06:15:13 +0000 ROA not before: Wed 04 Mar 2026 06:10:13 +0000 ROA not after: Wed 03 Mar 2027 06:15:13 +0000 asID: 143996 IP address blocks: 240a:a542::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:9b:45:72:20:c4:59:79:f5:43:f1:6e:64:bb:dd:a2:39:9f:22:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:13 2026 GMT Not After : Mar 3 06:15:13 2027 GMT Subject: CN=B961F3B07A66833E63F069598322D2F5581215F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:d0:ec:8c:f2:c7:05:75:3d:d9:c0:66:41:3f: 76:e0:1b:48:52:57:1c:bb:bd:a5:d2:b1:a7:20:34: 66:2a:6b:41:0a:1a:09:56:f3:c5:75:ce:21:1a:44: a5:a9:9b:5e:f3:1f:fb:58:5b:c4:ed:3d:f9:2d:ee: f6:45:c8:5e:99:9f:96:7b:85:b8:f7:47:a0:ba:14: 9a:45:fa:39:19:00:a0:d9:0a:a8:f1:33:50:81:da: d6:d9:98:60:2d:39:b1:b3:08:78:fe:7e:aa:36:37: 6e:ac:74:3b:e3:7a:dc:d4:7f:91:84:ad:31:72:79: 5e:a5:b1:6c:c1:e2:db:b5:64:4f:eb:8c:ea:dc:50: 00:d1:70:2c:39:c1:3a:fb:dc:9a:fe:2b:af:07:c6: 86:35:00:4e:6c:ae:e9:9e:1c:6c:f7:9f:66:97:be: e1:0b:3b:3b:82:b5:a2:04:b1:09:fc:00:73:95:cb: cf:2c:a3:c9:2d:d7:46:d9:cb:5d:7c:47:ee:22:dc: 28:27:e4:b8:a1:f0:2a:3f:dc:28:f5:ef:78:b0:62: e5:9e:44:55:b6:0a:29:48:91:33:02:20:44:e6:4d: 8b:0c:7d:da:50:dd:1e:20:0a:6f:d4:b8:18:2d:28: b8:57:ed:2b:0c:cf:4f:bf:91:b0:0a:a3:94:4f:bd: 0c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:61:F3:B0:7A:66:83:3E:63:F0:69:59:83:22:D2:F5:58:12:15:F8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143996.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a542::/32 Signature Algorithm: sha256WithRSAEncryption a0:b9:3f:7c:99:84:ef:20:0a:91:28:c5:54:07:aa:f7:0f:55: 9d:8b:75:68:c4:75:4b:88:8e:32:29:cf:64:b4:52:32:b3:ab: 81:ca:da:9f:48:3d:62:21:df:73:fc:2f:2e:96:29:76:6a:80: c4:60:94:17:09:91:1d:bc:4c:b1:7c:75:d6:7e:ad:40:4f:c3: 66:ea:96:17:82:29:28:0b:6b:28:ca:1a:8e:29:7c:16:ef:d9: 21:b8:c3:4e:ee:77:ce:d3:97:30:e8:c4:de:3a:39:cc:13:e4: 2e:5b:93:75:bc:19:82:cc:ef:29:b8:14:f8:6e:2c:d3:94:f9: 39:de:58:a7:82:7e:4f:f8:03:28:0c:9c:6d:be:e9:f0:52:ce: 61:a0:76:51:3a:07:02:24:47:03:82:cb:74:21:8c:b3:b2:04: ad:32:c5:a9:00:44:2c:ab:af:49:d8:c9:9d:da:1e:dd:d3:e9: 8b:1e:96:8f:6d:ca:c2:88:1d:f2:af:e1:51:d0:b9:a7:da:e8: bd:01:e6:44:ad:e3:88:a5:9e:7d:b0:2f:8c:14:bb:da:42:a2: a7:d7:3f:0d:68:7f:40:d0:e8:3c:ab:93:ec:46:45:84:6f:4b: 5a:08:3f:2e:a6:0e:04:9e:77:00:2d:35:ff:29:28:01:29:23: 02:89:5e:88 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQptFciDEWXn1Q/FuZLvdojmfIqEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxM1oX DTI3MDMwMzA2MTUxM1owMzExMC8GA1UEAxMoQjk2MUYzQjA3QTY2ODMzRTYzRjA2 OTU5ODMyMkQyRjU1ODEyMTVGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOLQ7IzyxwV1PdnAZkE/duAbSFJXHLu9pdKxpyA0ZiprQQoaCVbzxXXOIRpE pambXvMf+1hbxO09+S3u9kXIXpmflnuFuPdHoLoUmkX6ORkAoNkKqPEzUIHa1tmY YC05sbMIeP5+qjY3bqx0O+N63NR/kYStMXJ5XqWxbMHi27VkT+uM6txQANFwLDnB Ovvcmv4rrwfGhjUATmyu6Z4cbPefZpe+4Qs7O4K1ogSxCfwAc5XLzyyjyS3XRtnL XXxH7iLcKCfkuKHwKj/cKPXveLBi5Z5EVbYKKUiRMwIgROZNiwx92lDdHiAKb9S4 GC0ouFftKwzPT7+RsAqjlE+9DPcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS5YfOw emaDPmPwaVmDItL1WBIV+DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pUIwDQYJKoZIhvcNAQELBQADggEBAKC5P3yZhO8gCpEoxVQHqvcPVZ2LdWjEdUuI jjIpz2S0UjKzq4HK2p9IPWIh33P8Ly6WKXZqgMRglBcJkR28TLF8ddZ+rUBPw2bq lheCKSgLayjKGo4pfBbv2SG4w07ud87TlzDoxN46OcwT5C5bk3W8GYLM7ym4FPhu LNOU+TneWKeCfk/4AygMnG2+6fBSzmGgdlE6BwIkRwOCy3QhjLOyBK0yxakARCyr r0nYyZ3aHt3T6Yselo9tysKIHfKv4VHQuafa6L0B5kSt44ilnn2wL4wUu9pCoqfX Pw1of0DQ6Dyrk+xGRYRvS1oIPy6mDgSedwAtNf8pKAEpIwKJXog= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:45 2026 by rpki-client