$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143521.roa File: AS143521.roa (raw, json) Hash identifier: 9ZWNYlcqv7GzzNXEclxoMbqzZVkj4hof7W4twvQ5XU0= Subject key identifier: 28:8B:D4:D5:D4:09:AE:4D:71:03:D9:93:D2:71:B4:54:69:18:90:FE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 154910141E3809BF886D14ABB903CBBC3D9AB1BC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143521.roa Signing time: Wed 04 Mar 2026 06:14:11 +0000 ROA not before: Wed 04 Mar 2026 06:09:11 +0000 ROA not after: Wed 03 Mar 2027 06:14:11 +0000 asID: 143521 IP address blocks: 240a:a367::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:49:10:14:1e:38:09:bf:88:6d:14:ab:b9:03:cb:bc:3d:9a:b1:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:11 2026 GMT Not After : Mar 3 06:14:11 2027 GMT Subject: CN=288BD4D5D409AE4D7103D993D271B454691890FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ac:4d:5c:8e:44:34:69:88:56:5e:12:af:1f: 2d:f5:03:b0:41:ad:d3:80:7c:e2:e3:10:2e:6b:4f: 2a:dd:dc:26:e2:74:24:49:d9:d1:5b:81:bb:ae:37: b8:dd:84:dc:c8:eb:b7:b6:95:a4:dd:4a:8f:2c:6e: 98:76:bb:dc:68:42:e7:ce:45:16:4c:34:a2:aa:25: 79:96:8f:f3:ee:22:12:94:d3:38:12:52:7d:6f:13: 4c:5d:e1:72:ae:30:d6:9d:63:b1:bf:94:ad:b9:8c: ff:31:8c:86:aa:10:e6:32:94:16:ef:c7:ae:e7:01: a4:0c:d4:8a:87:d1:b9:7a:07:1b:d3:31:19:df:17: ff:88:c4:e2:73:f8:df:9a:5b:bd:fc:46:a9:df:1b: da:c4:59:7b:cc:b6:d0:58:e2:13:43:4a:55:0d:9f: 0b:06:7c:69:f0:64:f1:0e:81:4c:3a:89:d2:da:08: 65:e9:e7:78:93:fc:b1:4b:b1:99:aa:24:9a:50:c7: b5:98:0e:88:45:01:c0:05:33:1f:e1:81:23:3c:83: af:49:87:c4:6e:ec:13:e9:16:e8:d7:a3:af:e6:dc: 87:eb:dd:98:1a:e0:9c:a6:57:b6:04:83:ce:7f:5b: 20:c4:7a:42:e9:5d:c9:fc:2c:73:79:f0:94:0c:e3: d0:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:8B:D4:D5:D4:09:AE:4D:71:03:D9:93:D2:71:B4:54:69:18:90:FE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a367::/32 Signature Algorithm: sha256WithRSAEncryption 95:96:87:3a:32:3b:af:db:e8:2c:83:26:8a:2f:2d:2d:5e:cd: 39:ff:30:a3:7c:87:01:a0:cb:b6:db:39:0a:0b:6c:22:7f:c6: 03:3f:0e:f7:05:97:7a:04:bc:49:56:1f:91:e8:57:b4:7b:51: bc:c7:b2:fc:cf:53:92:f3:57:b7:a5:32:c8:47:e9:20:3c:0f: 99:b7:4f:58:e3:de:ed:2a:6f:b9:ed:19:ad:0a:59:83:e9:25: 34:41:81:b7:e5:89:54:b2:86:19:10:63:76:43:8b:df:1b:d8: 9e:1e:c0:83:81:46:05:aa:3d:a6:9d:4c:a1:fd:44:eb:d8:bc: 5f:08:0e:67:d6:ea:1c:5c:34:1d:49:f8:28:3d:1b:54:b8:73: 1e:94:9d:50:8c:6d:e3:35:4c:7e:4e:80:2c:2b:60:fd:de:12: 9f:80:07:f8:53:6a:e8:bb:67:59:de:8f:3f:c9:99:19:31:eb: 6d:1f:85:c9:ce:ef:0d:4a:70:ba:b7:37:26:7d:68:91:6c:e4: 8c:fe:83:2e:5f:c7:3b:6f:01:18:a4:17:9c:8e:8b:31:46:d0: 74:61:61:1f:4d:67:93:4d:b6:fe:33:04:43:01:97:cf:8f:d4: 23:ab:7a:d3:2f:83:fd:3f:ef:b3:8e:90:0b:e2:be:cc:b7:76: 27:6e:d5:89 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFUkQFB44Cb+IbRSruQPLvD2asbwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxMVoX DTI3MDMwMzA2MTQxMVowMzExMC8GA1UEAxMoMjg4QkQ0RDVENDA5QUU0RDcxMDNE OTkzRDI3MUI0NTQ2OTE4OTBGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6sTVyORDRpiFZeEq8fLfUDsEGt04B84uMQLmtPKt3cJuJ0JEnZ0VuBu643 uN2E3Mjrt7aVpN1KjyxumHa73GhC585FFkw0oqoleZaP8+4iEpTTOBJSfW8TTF3h cq4w1p1jsb+UrbmM/zGMhqoQ5jKUFu/HrucBpAzUiofRuXoHG9MxGd8X/4jE4nP4 35pbvfxGqd8b2sRZe8y20FjiE0NKVQ2fCwZ8afBk8Q6BTDqJ0toIZenneJP8sUux maokmlDHtZgOiEUBwAUzH+GBIzyDr0mHxG7sE+kW6Nejr+bch+vdmBrgnKZXtgSD zn9bIMR6Quldyfwsc3nwlAzj0JMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQoi9TV 1AmuTXED2ZPScbRUaRiQ/jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o2cwDQYJKoZIhvcNAQELBQADggEBAJWWhzoyO6/b6CyDJoovLS1ezTn/MKN8hwGg y7bbOQoLbCJ/xgM/DvcFl3oEvElWH5HoV7R7UbzHsvzPU5LzV7elMshH6SA8D5m3 T1jj3u0qb7ntGa0KWYPpJTRBgbfliVSyhhkQY3ZDi98b2J4ewIOBRgWqPaadTKH9 ROvYvF8IDmfW6hxcNB1J+Cg9G1S4cx6UnVCMbeM1TH5OgCwrYP3eEp+AB/hTaui7 Z1nejz/JmRkx620fhcnO7w1KcLq3NyZ9aJFs5Iz+gy5fxztvARikF5yOizFG0HRh YR9NZ5NNtv4zBEMBl8+P1COretMvg/0/77OOkAvivsy3didu1Yk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:28 2026 by rpki-client