$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143510.roa File: AS143510.roa (raw, json) Hash identifier: 78XEFuTUud4pXw/Ym+2oZ5qxLRwYTJTf6YXfpOO4Pjc= Subject key identifier: F3:55:BC:C5:E5:2F:29:E2:7C:88:B0:2E:49:AA:BC:DD:DA:61:79:98 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 08257FC0CEEC7152A950C981FB9B9DD9A0133CF6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143510.roa Signing time: Wed 04 Mar 2026 06:13:59 +0000 ROA not before: Wed 04 Mar 2026 06:08:59 +0000 ROA not after: Wed 03 Mar 2027 06:13:59 +0000 asID: 143510 IP address blocks: 240a:a35c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:25:7f:c0:ce:ec:71:52:a9:50:c9:81:fb:9b:9d:d9:a0:13:3c:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:59 2026 GMT Not After : Mar 3 06:13:59 2027 GMT Subject: CN=F355BCC5E52F29E27C88B02E49AABCDDDA617998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:35:84:ed:81:c4:f3:cc:8e:55:c5:69:1b:86: 25:8e:0b:9d:86:c3:37:0c:76:32:ce:75:65:61:58: fa:9f:a4:18:8a:5e:48:d4:0c:3d:4a:8b:86:cc:3c: af:f6:2a:46:8e:75:98:1c:8c:31:a2:1a:e2:ef:7d: 79:b3:f5:f9:1d:72:3f:b3:be:38:71:17:ab:32:3b: 5a:2b:5f:e8:98:b2:5f:a8:eb:8c:77:c6:58:99:9f: 54:72:fb:52:20:8a:9b:9f:a6:6f:df:64:e1:bd:cc: da:01:c3:f6:f0:c2:f1:5b:a9:22:a0:8c:4c:15:39: c7:6f:8c:d7:7b:49:16:d1:a7:4a:1e:de:e2:a8:28: 24:1f:a0:bc:1c:77:80:1c:f2:d0:db:44:38:18:ed: ef:9d:84:0f:10:2e:0c:47:63:72:ba:27:05:e1:de: e7:0c:7f:78:98:9c:bd:8c:fa:b6:52:d8:e7:22:36: 8b:a0:37:04:68:3d:69:4b:b9:f7:e6:d9:3c:eb:88: d9:5d:d0:b2:26:e1:78:9e:e1:fc:7d:65:1d:a7:38: c0:40:cb:5d:5c:bf:25:6d:f6:f0:4f:24:02:cd:7d: 82:93:f3:9d:96:fc:73:9c:c8:e3:56:e7:dd:c3:b4: 1b:05:d5:76:27:69:99:96:af:f8:99:aa:c6:2a:0d: 0d:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:55:BC:C5:E5:2F:29:E2:7C:88:B0:2E:49:AA:BC:DD:DA:61:79:98 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143510.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a35c::/32 Signature Algorithm: sha256WithRSAEncryption b4:a6:aa:0f:06:5d:8d:75:9c:54:e6:1f:3b:68:0c:d2:74:0b: 5d:64:ae:37:e2:95:0a:fc:95:d0:c1:b7:80:e4:a0:01:b7:fc: e2:09:a0:21:72:11:7b:e2:3f:1f:ec:63:16:12:e4:fd:0d:99: 86:db:d0:68:94:51:d4:90:d8:94:bf:db:be:dd:39:bb:36:46: be:38:6b:64:d2:01:b9:c3:cc:d5:0a:16:d1:a0:75:f3:13:73: e4:dd:2b:1d:49:45:d9:d7:e9:67:46:63:28:17:f1:82:b1:06: 55:cc:c0:fa:a2:5d:7d:0c:d3:50:fc:32:32:1d:b0:75:5d:5d: 0c:5d:9d:16:c4:96:b0:8c:77:62:0f:b0:0f:79:08:d9:7e:a3: 03:cc:6e:59:52:00:88:f1:9c:cb:d8:14:61:8c:c9:f0:b1:b6: 52:3f:bf:65:56:3d:c0:53:ea:b6:33:83:95:96:5b:00:73:3a: c1:17:11:1d:72:7f:b4:6f:bf:f5:b0:cc:b9:c2:59:c5:54:3d: 4e:64:3d:dc:de:2a:37:3a:2a:0b:c2:44:c6:52:ab:b2:4f:5b: 3e:2f:ec:12:66:de:57:88:35:96:4f:f3:cb:aa:cb:ca:18:19: 98:5e:58:e5:03:4f:c2:f9:2d:a2:1c:d7:05:88:6d:de:d5:14: c2:d2:3d:e6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCCV/wM7scVKpUMmB+5ud2aATPPYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1OVoX DTI3MDMwMzA2MTM1OVowMzExMC8GA1UEAxMoRjM1NUJDQzVFNTJGMjlFMjdDODhC MDJFNDlBQUJDREREQTYxNzk5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANA1hO2BxPPMjlXFaRuGJY4LnYbDNwx2Ms51ZWFY+p+kGIpeSNQMPUqLhsw8 r/YqRo51mByMMaIa4u99ebP1+R1yP7O+OHEXqzI7Witf6JiyX6jrjHfGWJmfVHL7 UiCKm5+mb99k4b3M2gHD9vDC8VupIqCMTBU5x2+M13tJFtGnSh7e4qgoJB+gvBx3 gBzy0NtEOBjt752EDxAuDEdjcronBeHe5wx/eJicvYz6tlLY5yI2i6A3BGg9aUu5 9+bZPOuI2V3QsibheJ7h/H1lHac4wEDLXVy/JW328E8kAs19gpPznZb8c5zI41bn 3cO0GwXVdidpmZav+JmqxioNDXUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTzVbzF 5S8p4nyIsC5Jqrzd2mF5mDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUxMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o1wwDQYJKoZIhvcNAQELBQADggEBALSmqg8GXY11nFTmHztoDNJ0C11krjfilQr8 ldDBt4DkoAG3/OIJoCFyEXviPx/sYxYS5P0NmYbb0GiUUdSQ2JS/277dObs2Rr44 a2TSAbnDzNUKFtGgdfMTc+TdKx1JRdnX6WdGYygX8YKxBlXMwPqiXX0M01D8MjId sHVdXQxdnRbElrCMd2IPsA95CNl+owPMbllSAIjxnMvYFGGMyfCxtlI/v2VWPcBT 6rYzg5WWWwBzOsEXER1yf7Rvv/WwzLnCWcVUPU5kPdzeKjc6KgvCRMZSq7JPWz4v 7BJm3leINZZP88uqy8oYGZheWOUDT8L5LaIc1wWIbd7VFMLSPeY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:50 2026 by rpki-client