$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143511.roa File: AS143511.roa (raw, json) Hash identifier: t7BhrIkcq6YsDgRKQcAGa2YYvcc7IZpwUKta2gTGS0E= Subject key identifier: 6E:93:5D:9C:73:D9:67:E9:EB:1C:0B:F2:75:20:CD:82:FF:5A:B1:6C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6D6166C21EF2020813E9D9DAD4CAB997E9796F70 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143511.roa Signing time: Wed 04 Mar 2026 06:13:48 +0000 ROA not before: Wed 04 Mar 2026 06:08:48 +0000 ROA not after: Wed 03 Mar 2027 06:13:48 +0000 asID: 143511 IP address blocks: 240a:a35d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:61:66:c2:1e:f2:02:08:13:e9:d9:da:d4:ca:b9:97:e9:79:6f:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:48 2026 GMT Not After : Mar 3 06:13:48 2027 GMT Subject: CN=6E935D9C73D967E9EB1C0BF27520CD82FF5AB16C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d5:bb:7a:68:bf:89:4c:1e:e0:5a:e8:48:d8: 21:f7:cf:30:89:80:8a:aa:e4:e3:1e:45:2a:60:2c: c1:a6:fd:76:a4:50:52:2b:b4:86:b6:8b:d9:fb:39: 29:e2:74:7a:5a:bf:5a:ab:b4:08:2c:fe:7f:bc:f2: eb:aa:c2:8d:3f:a1:6c:07:23:2a:91:7e:9e:f7:3c: 63:6f:e8:47:eb:9f:55:58:34:2a:60:41:bd:4e:7c: 3d:46:1c:c2:75:37:7c:f4:0e:98:da:4b:49:b9:01: 04:68:e8:c4:51:21:b9:af:ab:4a:8b:ab:fa:52:28: 1d:d4:86:e1:b4:17:55:58:73:05:45:56:d8:3c:28: b3:1f:a3:55:e8:78:d5:78:62:34:97:e1:ac:c3:d9: d9:ac:4d:62:93:66:a0:01:b4:56:64:39:8f:2d:ae: 5e:0c:28:80:33:45:e4:4d:b9:58:85:1d:3e:2f:bb: 45:8e:6b:93:7d:72:71:ef:3d:6e:b1:19:ff:91:3d: 08:ae:a5:60:af:be:12:95:02:38:2e:14:3d:74:47: d7:15:76:6b:2a:cb:a7:6b:1d:8c:5a:b1:97:bd:b8: 8e:c0:d5:1b:5f:cd:7d:4d:d3:d4:19:30:97:e6:18: 89:8b:be:df:3a:7c:c0:7d:bb:80:1b:6a:c3:2d:e9: c4:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:93:5D:9C:73:D9:67:E9:EB:1C:0B:F2:75:20:CD:82:FF:5A:B1:6C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143511.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a35d::/32 Signature Algorithm: sha256WithRSAEncryption 45:5a:5f:a8:73:19:b5:a1:0b:1d:64:c6:b6:0b:18:a1:21:ed: af:d2:ef:42:06:07:79:4f:84:9a:87:d8:bc:06:f7:b9:a5:11: b8:ac:e9:ea:dc:45:d5:3c:82:aa:bc:77:da:33:82:8d:76:0e: 73:e3:15:6d:36:d0:a7:c5:c5:25:85:10:58:91:a3:4b:11:a9: a6:b4:0a:86:15:ee:1c:43:34:01:f7:e0:8c:3e:7c:2c:22:0c: cd:bd:46:f4:c8:8e:5a:3d:b6:cd:f4:73:50:87:83:63:51:86: 3d:8e:04:82:3c:db:88:fe:e8:eb:b0:1c:4d:81:bd:31:27:7c: 7c:59:a4:41:a4:9d:ed:6a:8c:83:17:7f:04:83:c0:f7:9b:e3: b9:44:9f:d7:c8:50:df:63:3c:78:c7:b6:5a:6c:68:f0:61:b7: 96:05:f8:2a:6f:6b:b9:ff:3d:b4:80:d5:77:38:9e:2c:e6:7b: 5d:d7:b1:2c:31:aa:f2:aa:d2:9b:95:60:4e:91:87:e9:5d:42: 58:17:3f:f9:23:dd:69:71:af:ea:d9:55:ea:2a:7e:e2:b6:5f: 12:21:3b:37:1c:6c:a2:e5:ca:46:12:df:02:93:69:e4:f0:3d: 2a:56:b5:7d:14:9c:6a:75:cf:81:af:ed:d3:2f:59:9a:d3:61: 0d:59:22:46 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbWFmwh7yAggT6dna1Mq5l+l5b3AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0OFoX DTI3MDMwMzA2MTM0OFowMzExMC8GA1UEAxMoNkU5MzVEOUM3M0Q5NjdFOUVCMUMw QkYyNzUyMENEODJGRjVBQjE2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXVu3pov4lMHuBa6EjYIffPMImAiqrk4x5FKmAswab9dqRQUiu0hraL2fs5 KeJ0elq/Wqu0CCz+f7zy66rCjT+hbAcjKpF+nvc8Y2/oR+ufVVg0KmBBvU58PUYc wnU3fPQOmNpLSbkBBGjoxFEhua+rSour+lIoHdSG4bQXVVhzBUVW2Dwosx+jVeh4 1XhiNJfhrMPZ2axNYpNmoAG0VmQ5jy2uXgwogDNF5E25WIUdPi+7RY5rk31yce89 brEZ/5E9CK6lYK++EpUCOC4UPXRH1xV2ayrLp2sdjFqxl724jsDVG1/NfU3T1Bkw l+YYiYu+3zp8wH27gBtqwy3pxA8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRuk12c c9ln6escC/J1IM2C/1qxbDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o10wDQYJKoZIhvcNAQELBQADggEBAEVaX6hzGbWhCx1kxrYLGKEh7a/S70IGB3lP hJqH2LwG97mlEbis6ercRdU8gqq8d9ozgo12DnPjFW020KfFxSWFEFiRo0sRqaa0 CoYV7hxDNAH34Iw+fCwiDM29RvTIjlo9ts30c1CHg2NRhj2OBII824j+6OuwHE2B vTEnfHxZpEGkne1qjIMXfwSDwPeb47lEn9fIUN9jPHjHtlpsaPBht5YF+Cpva7n/ PbSA1Xc4nizme13XsSwxqvKq0puVYE6Rh+ldQlgXP/kj3Wlxr+rZVeoqfuK2XxIh OzccbKLlykYS3wKTaeTwPSpWtX0UnGp1z4Gv7dMvWZrTYQ1ZIkY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:19 2026 by rpki-client