$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143501.roa File: AS143501.roa (raw, json) Hash identifier: ARLEfys/zrpOEYnhQ+bT2dUrIebITRjyo8pAz/ntlOA= Subject key identifier: 92:D7:6D:E2:8E:B5:FC:2D:B9:D9:FC:3B:0F:E2:5D:FC:28:F2:32:3D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4844CF37695C74CA914E94D931EEA1DCFC253726 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143501.roa Signing time: Wed 04 Mar 2026 06:05:50 +0000 ROA not before: Wed 04 Mar 2026 06:00:50 +0000 ROA not after: Wed 03 Mar 2027 06:05:50 +0000 asID: 143501 IP address blocks: 240a:a353::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:44:cf:37:69:5c:74:ca:91:4e:94:d9:31:ee:a1:dc:fc:25:37:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:50 2026 GMT Not After : Mar 3 06:05:50 2027 GMT Subject: CN=92D76DE28EB5FC2DB9D9FC3B0FE25DFC28F2323D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:41:60:7d:db:94:da:0e:4d:21:0f:99:b0:9f: 3c:94:df:63:27:46:9c:9b:81:78:a7:4d:d4:9a:1f: 01:22:89:65:49:be:cc:7b:81:7e:d3:b7:50:5e:56: 17:04:9e:4a:43:18:d0:e5:02:db:e0:28:1e:bf:34: 0c:1e:60:1c:7d:9d:10:ac:1e:5a:2d:a9:e4:12:26: 97:58:ca:01:57:db:51:b7:e5:42:1c:90:e1:be:ea: 8f:dd:11:30:05:10:77:93:17:61:05:4d:35:f8:f0: b6:be:83:92:6d:77:f5:01:94:72:31:52:5e:f0:60: 8d:36:68:38:1d:6e:86:b0:ba:23:d8:04:39:5e:cf: 8e:8d:a4:de:26:27:a8:a0:f1:a9:42:e1:40:f0:a4: 8b:d3:54:bf:ac:40:2b:25:04:78:92:11:66:5f:42: d9:7f:63:01:c6:d2:fd:cf:86:f9:00:29:1d:af:71: 1c:9e:3d:04:12:54:fc:01:25:e7:7d:38:31:bf:1b: 96:b5:6b:40:1f:bd:1d:f2:30:96:f8:c6:a1:ba:91: 99:01:80:3a:66:31:b5:78:e4:13:32:7c:0c:4a:40: 33:ab:d2:b7:03:90:d9:06:ed:94:48:fb:96:b8:17: 4a:e5:f2:44:63:c5:c2:4a:9b:79:33:f8:54:d5:c2: 2d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:D7:6D:E2:8E:B5:FC:2D:B9:D9:FC:3B:0F:E2:5D:FC:28:F2:32:3D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143501.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a353::/32 Signature Algorithm: sha256WithRSAEncryption b6:ee:4d:3d:e0:4c:8a:1a:48:4f:77:86:99:07:73:fd:c1:f7: 66:b5:c5:6a:dd:f6:f1:98:bf:35:72:81:40:53:3b:f1:0e:05: dd:9f:12:a2:7e:c3:6a:a7:19:d2:f9:b1:41:ca:41:67:25:73: eb:17:a1:68:cd:a2:e9:6b:25:85:86:48:4d:30:60:d0:36:d5: 83:a2:94:f0:ff:b8:c6:9f:0a:b6:bd:89:7c:f6:dc:fd:ee:52: 2e:b1:90:75:88:5a:e9:ce:41:d2:ec:f7:41:c9:03:63:6c:d2: 77:ab:2f:04:61:f6:6c:cf:6b:0a:5d:38:08:1c:f0:bb:79:22: cf:60:85:6a:25:7a:02:fd:65:22:95:7d:0a:52:b8:31:0d:be: de:9c:8b:d1:8f:ad:cd:5f:2d:a7:37:fa:2a:44:4a:97:8b:db: 0a:f9:0a:d1:0f:49:51:60:d6:01:b4:69:a9:ee:e1:35:b7:78: 3d:04:f2:20:97:f2:cf:99:f8:8a:e0:27:2a:3b:db:f9:55:85: 76:73:81:c8:75:4f:0f:92:2f:fb:b7:a3:9f:e7:71:df:af:2e: b7:f4:a1:75:65:99:2c:93:21:0c:e9:9f:89:dd:70:bf:d0:0a: 90:76:ba:ae:ed:f2:8b:7c:0d:aa:54:46:be:d4:df:5b:72:38: fb:f3:c4:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSETPN2lcdMqRTpTZMe6h3PwlNyYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1MFoX DTI3MDMwMzA2MDU1MFowMzExMC8GA1UEAxMoOTJENzZERTI4RUI1RkMyREI5RDlG QzNCMEZFMjVERkMyOEYyMzIzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANBBYH3blNoOTSEPmbCfPJTfYydGnJuBeKdN1JofASKJZUm+zHuBftO3UF5W FwSeSkMY0OUC2+AoHr80DB5gHH2dEKweWi2p5BIml1jKAVfbUbflQhyQ4b7qj90R MAUQd5MXYQVNNfjwtr6Dkm139QGUcjFSXvBgjTZoOB1uhrC6I9gEOV7Pjo2k3iYn qKDxqULhQPCki9NUv6xAKyUEeJIRZl9C2X9jAcbS/c+G+QApHa9xHJ49BBJU/AEl 5304Mb8blrVrQB+9HfIwlvjGobqRmQGAOmYxtXjkEzJ8DEpAM6vStwOQ2QbtlEj7 lrgXSuXyRGPFwkqbeTP4VNXCLWsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSS123i jrX8LbnZ/DsP4l38KPIyPTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o1MwDQYJKoZIhvcNAQELBQADggEBALbuTT3gTIoaSE93hpkHc/3B92a1xWrd9vGY vzVygUBTO/EOBd2fEqJ+w2qnGdL5sUHKQWclc+sXoWjNoulrJYWGSE0wYNA21YOi lPD/uMafCra9iXz23P3uUi6xkHWIWunOQdLs90HJA2Ns0nerLwRh9mzPawpdOAgc 8Lt5Is9ghWolegL9ZSKVfQpSuDENvt6ci9GPrc1fLac3+ipESpeL2wr5CtEPSVFg 1gG0aanu4TW3eD0E8iCX8s+Z+IrgJyo72/lVhXZzgch1Tw+SL/u3o5/ncd+vLrf0 oXVlmSyTIQzpn4ndcL/QCpB2uq7t8ot8DapURr7U31tyOPvzxCQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:16 2026 by rpki-client