$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143522.roa File: AS143522.roa (raw, json) Hash identifier: 36Z/y/nCn1FZyojaYGpxAiK/Ytgtco1Rxxig76qQQfQ= Subject key identifier: 7E:C1:02:BF:6C:3F:EF:04:61:A8:99:59:D1:68:54:20:C2:3C:90:09 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 556CF738CD5DCAC513C57BEF4DE1E79DD6E5D6A6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143522.roa Signing time: Wed 04 Mar 2026 06:13:00 +0000 ROA not before: Wed 04 Mar 2026 06:08:00 +0000 ROA not after: Wed 03 Mar 2027 06:13:00 +0000 asID: 143522 IP address blocks: 240a:a368::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:6c:f7:38:cd:5d:ca:c5:13:c5:7b:ef:4d:e1:e7:9d:d6:e5:d6:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:00 2026 GMT Not After : Mar 3 06:13:00 2027 GMT Subject: CN=7EC102BF6C3FEF0461A89959D1685420C23C9009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:5c:3e:25:08:71:c4:f5:6f:48:f0:af:bf:47: e8:af:c6:40:b0:39:bc:37:d3:51:9a:50:79:27:fd: e3:41:d8:36:ea:2b:11:72:e6:a7:75:96:94:d2:0e: ae:e3:bd:b3:2b:78:4b:06:af:b9:e5:59:31:f5:64: cf:80:df:7e:47:52:d6:9a:e6:16:91:ee:55:8a:5a: 5f:c7:49:51:85:d6:72:b6:c8:11:92:c9:8d:b6:18: 98:0f:cc:39:56:80:b7:b1:d8:87:12:44:4e:55:83: 26:1a:a7:9b:6d:28:24:01:90:03:36:26:f5:92:4c: e7:cb:4e:7a:57:cc:3f:78:d5:bb:59:c6:b3:c4:81: 84:a6:7e:49:04:a6:26:41:ab:80:79:59:ee:20:d8: dd:18:69:36:a0:e3:fa:62:f6:65:69:a4:b6:48:74: 50:40:b0:7d:ca:f7:f5:cc:b1:8e:9e:0b:d7:59:86: e2:c9:40:e4:5a:32:85:f8:a5:83:cb:57:9f:a0:05: a9:d6:b9:db:99:ce:a9:ab:37:4d:c5:d9:a5:1b:bf: b8:58:91:81:31:52:d9:50:bf:c5:fe:a6:c4:48:16: a1:de:fa:b8:d5:07:f4:14:13:91:12:a5:4c:76:d1: 8e:58:67:ea:eb:49:d2:0d:ac:88:af:b6:e7:ac:b8: b5:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:C1:02:BF:6C:3F:EF:04:61:A8:99:59:D1:68:54:20:C2:3C:90:09 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143522.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a368::/32 Signature Algorithm: sha256WithRSAEncryption 13:f7:ab:b7:3e:04:06:17:b1:71:0e:13:75:24:09:fd:32:be: c0:33:d3:aa:d2:ec:91:62:62:f8:6f:dd:4c:cf:40:cf:1c:a2: 8b:81:b2:ef:22:62:f9:e0:da:0c:bc:20:38:ab:6e:dc:ed:92: 33:ac:63:12:0d:67:6e:b4:bf:6d:17:93:46:a7:98:d7:6b:97: 8a:41:f4:ed:7e:63:bd:18:e7:73:c4:e5:6c:7b:d1:f1:14:76: 50:b4:5d:a2:2a:b5:77:47:38:e7:a7:7f:7b:0e:89:dc:65:51: 79:45:24:34:90:3a:17:20:a5:82:f2:10:2b:ef:5d:e3:cd:df: 2a:94:f9:20:e1:9e:21:11:bc:17:e9:04:e7:72:0b:71:1d:66: b5:3f:c2:34:e5:93:52:88:95:ca:32:6d:12:20:dc:d8:d8:18: 09:f3:d6:47:a4:89:69:60:6e:03:41:fa:c4:9b:bd:24:a8:c4: e7:53:1a:63:f5:51:97:52:aa:c3:83:7b:16:f5:fc:b4:07:ed: 4d:ae:ee:e6:90:9a:b2:18:5f:f8:75:2e:38:c7:db:54:7d:d0: e5:fd:8d:37:e2:7e:ec:ac:b3:64:82:04:8d:f0:a7:0f:8f:f5: 38:c7:4d:ce:51:7a:5d:eb:5d:d9:26:d2:b7:70:0e:06:dd:9a: eb:4d:6d:71 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVWz3OM1dysUTxXvvTeHnndbl1qYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwMFoX DTI3MDMwMzA2MTMwMFowMzExMC8GA1UEAxMoN0VDMTAyQkY2QzNGRUYwNDYxQTg5 OTU5RDE2ODU0MjBDMjNDOTAwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANBcPiUIccT1b0jwr79H6K/GQLA5vDfTUZpQeSf940HYNuorEXLmp3WWlNIO ruO9syt4SwavueVZMfVkz4DffkdS1prmFpHuVYpaX8dJUYXWcrbIEZLJjbYYmA/M OVaAt7HYhxJETlWDJhqnm20oJAGQAzYm9ZJM58tOelfMP3jVu1nGs8SBhKZ+SQSm JkGrgHlZ7iDY3RhpNqDj+mL2ZWmktkh0UECwfcr39cyxjp4L11mG4slA5Foyhfil g8tXn6AFqda525nOqas3TcXZpRu/uFiRgTFS2VC/xf6mxEgWod76uNUH9BQTkRKl THbRjlhn6utJ0g2siK+256y4td8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR+wQK/ bD/vBGGomVnRaFQgwjyQCTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o2gwDQYJKoZIhvcNAQELBQADggEBABP3q7c+BAYXsXEOE3UkCf0yvsAz06rS7JFi Yvhv3UzPQM8coouBsu8iYvng2gy8IDirbtztkjOsYxINZ260v20Xk0anmNdrl4pB 9O1+Y70Y53PE5Wx70fEUdlC0XaIqtXdHOOenf3sOidxlUXlFJDSQOhcgpYLyECvv XePN3yqU+SDhniERvBfpBOdyC3EdZrU/wjTlk1KIlcoybRIg3NjYGAnz1kekiWlg bgNB+sSbvSSoxOdTGmP1UZdSqsODexb1/LQH7U2u7uaQmrIYX/h1LjjH21R90OX9 jTfifuyss2SCBI3wpw+P9TjHTc5Rel3rXdkm0rdwDgbdmutNbXE= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:47 2026 by rpki-client