$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143523.roa File: AS143523.roa (raw, json) Hash identifier: smcbVoCM8ddn0Ev/+E9kVkdd99p14MBYkfHnn1HANp4= Subject key identifier: FA:78:DF:02:A5:97:05:52:83:39:89:E2:36:5C:23:2C:8B:EE:61:8F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3B670AB20142DFEFF132E607421A621B1A36CF06 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143523.roa Signing time: Wed 04 Mar 2026 06:13:37 +0000 ROA not before: Wed 04 Mar 2026 06:08:37 +0000 ROA not after: Wed 03 Mar 2027 06:13:37 +0000 asID: 143523 IP address blocks: 240a:a369::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:67:0a:b2:01:42:df:ef:f1:32:e6:07:42:1a:62:1b:1a:36:cf:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:37 2026 GMT Not After : Mar 3 06:13:37 2027 GMT Subject: CN=FA78DF02A5970552833989E2365C232C8BEE618F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:48:5b:97:c4:95:41:65:55:b3:47:f3:60:2f: b6:0e:fb:d0:ec:d7:c1:25:75:73:80:5d:01:f3:db: 33:19:24:07:81:e6:9a:36:ee:81:a4:3c:12:08:35: 80:b2:0e:11:4e:7a:79:4b:a1:f7:a3:d2:9b:50:e7: cf:68:cf:b4:ae:9e:ad:5c:7b:2a:61:1c:59:ab:85: af:63:d0:37:2c:03:9b:27:28:f3:1d:40:8e:83:c9: 2d:02:cb:69:e3:00:7e:ae:9d:81:4e:d4:ef:c1:a4: de:a5:65:ea:e0:30:60:2a:2d:45:2d:a9:12:dd:99: 12:88:ca:68:f6:12:4a:d7:a6:4c:78:5b:84:1a:42: 68:dc:9e:f8:d6:fb:e6:98:75:ec:a9:56:c5:09:bd: 86:d1:0a:c6:f3:af:f7:86:63:61:65:78:ff:d9:0d: 7d:8a:d2:d8:60:22:1a:7a:bf:34:79:c9:c1:60:6b: 97:49:50:dd:e2:4f:0f:2d:9e:aa:8e:64:18:d0:80: 9c:3f:2d:bc:80:4c:7a:46:49:c7:14:76:ec:67:87: 8f:81:71:04:2d:57:4c:44:e1:3a:d4:e4:06:58:2c: f6:bf:ed:50:fb:29:7e:6e:ec:5c:f6:70:7e:6a:5f: 0b:bf:86:d6:ba:e9:ac:3a:a1:89:3b:9d:c3:03:e4: cf:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:78:DF:02:A5:97:05:52:83:39:89:E2:36:5C:23:2C:8B:EE:61:8F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143523.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a369::/32 Signature Algorithm: sha256WithRSAEncryption 9f:25:d7:e8:a4:24:b5:ea:ab:3f:da:da:90:b9:54:d0:b8:ca: e3:78:9d:b9:71:cd:04:0a:77:e5:6b:7e:b2:a5:a8:21:28:74: e2:3f:35:16:c0:54:e8:80:a3:53:80:66:4c:68:4c:7e:f3:b0: fa:e6:bf:e0:b4:18:47:4d:09:4e:e0:58:3f:c4:c1:31:fd:b9: 13:82:50:21:8d:14:e6:89:a0:58:58:d4:45:a6:7f:af:51:77: a0:04:3f:d0:ce:9b:bd:8c:ad:a7:35:f0:b0:61:29:eb:02:83: 46:07:12:e2:67:3e:5a:5d:c7:5d:10:df:48:92:b0:b6:4e:ee: 4e:50:67:57:26:3e:36:34:31:86:5e:47:4b:18:ce:05:d6:a5: d0:f8:31:da:7d:61:c2:5d:de:e4:13:e5:2f:99:eb:87:6f:dc: e3:66:e5:e9:2a:68:c8:d6:65:67:25:a6:53:56:51:0a:d9:7f: 10:d6:e2:9c:a5:7a:fc:49:4a:38:66:86:6e:0f:c2:c0:4c:2b: 52:df:ea:96:f6:3f:35:24:05:fe:66:e5:3a:f1:47:3f:18:89: 31:55:12:22:a6:24:67:8a:38:8c:74:14:b8:18:61:a9:04:2e: c4:80:3f:28:40:55:46:b6:df:1a:e7:6f:64:b7:68:07:d7:8e: 3d:51:9c:60 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUO2cKsgFC3+/xMuYHQhpiGxo2zwYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzN1oX DTI3MDMwMzA2MTMzN1owMzExMC8GA1UEAxMoRkE3OERGMDJBNTk3MDU1MjgzMzk4 OUUyMzY1QzIzMkM4QkVFNjE4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFIW5fElUFlVbNH82Avtg770OzXwSV1c4BdAfPbMxkkB4HmmjbugaQ8Egg1 gLIOEU56eUuh96PSm1Dnz2jPtK6erVx7KmEcWauFr2PQNywDmyco8x1AjoPJLQLL aeMAfq6dgU7U78Gk3qVl6uAwYCotRS2pEt2ZEojKaPYSStemTHhbhBpCaNye+Nb7 5ph17KlWxQm9htEKxvOv94ZjYWV4/9kNfYrS2GAiGnq/NHnJwWBrl0lQ3eJPDy2e qo5kGNCAnD8tvIBMekZJxxR27GeHj4FxBC1XTEThOtTkBlgs9r/tUPspfm7sXPZw fmpfC7+G1rrprDqhiTudwwPkz40CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT6eN8C pZcFUoM5ieI2XCMsi+5hjzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o2kwDQYJKoZIhvcNAQELBQADggEBAJ8l1+ikJLXqqz/a2pC5VNC4yuN4nblxzQQK d+VrfrKlqCEodOI/NRbAVOiAo1OAZkxoTH7zsPrmv+C0GEdNCU7gWD/EwTH9uROC UCGNFOaJoFhY1EWmf69Rd6AEP9DOm72Mrac18LBhKesCg0YHEuJnPlpdx10Q30iS sLZO7k5QZ1cmPjY0MYZeR0sYzgXWpdD4Mdp9YcJd3uQT5S+Z64dv3ONm5ekqaMjW ZWclplNWUQrZfxDW4pylevxJSjhmhm4PwsBMK1Lf6pb2PzUkBf5m5TrxRz8YiTFV EiKmJGeKOIx0FLgYYakELsSAPyhAVUa23xrnb2S3aAfXjj1RnGA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:08 2026 by rpki-client