$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143527.roa File: AS143527.roa (raw, json) Hash identifier: eX2kWnOpeqi6oPO8Aa2H8j5H8wiNhmsJKZ3skPkwa3o= Subject key identifier: 2C:DB:80:33:E8:EF:37:89:AA:9D:AD:5C:49:27:87:03:D5:66:3A:D9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 08F9B5106106DEE77D1D58784F7C938DF702DE2C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143527.roa Signing time: Wed 04 Mar 2026 06:12:35 +0000 ROA not before: Wed 04 Mar 2026 06:07:35 +0000 ROA not after: Wed 03 Mar 2027 06:12:35 +0000 asID: 143527 IP address blocks: 240a:a36d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:f9:b5:10:61:06:de:e7:7d:1d:58:78:4f:7c:93:8d:f7:02:de:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:35 2026 GMT Not After : Mar 3 06:12:35 2027 GMT Subject: CN=2CDB8033E8EF3789AA9DAD5C49278703D5663AD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:04:ca:d1:cd:ea:70:d5:65:7d:da:e5:fd:a2: a1:f2:f2:1b:b3:ec:6b:a1:40:c4:68:c6:d0:23:36: 10:c3:5b:36:2a:ea:92:78:e9:f8:4a:23:15:6f:3e: 52:69:e3:ca:67:27:56:db:6a:df:31:78:7e:dd:04: 87:a2:ba:04:96:1e:04:1b:3e:44:4e:55:1e:06:af: 6a:1f:06:4a:8c:18:4b:ac:6e:fc:9d:f9:c6:85:28: f8:c1:d0:8e:e1:36:5e:09:49:ac:1f:ca:ff:cb:5f: 08:dc:b6:0f:57:17:cc:af:f7:fb:f3:5e:48:36:7d: cb:8b:c3:84:73:60:d5:65:fc:1d:ea:04:c4:2d:da: 80:a0:66:83:fa:08:6f:f6:9b:7f:dc:fc:70:f4:4a: a7:14:e7:1f:65:45:1c:8f:e7:ea:31:35:62:1e:3c: 36:d4:fd:f3:41:6a:99:8e:f8:64:a8:43:91:e9:78: 6f:be:0e:52:e8:8e:06:db:04:40:29:33:d1:f0:0e: b1:a9:81:dd:37:b8:52:ec:6c:b2:84:c7:2c:3f:aa: f1:e7:fe:4e:55:ad:11:27:10:1d:5e:86:51:46:2b: 9a:a9:16:4d:a3:84:ab:db:49:54:c4:3c:fd:18:25: 4c:3e:30:c6:ef:1d:fd:86:06:c2:1b:32:3a:3b:2a: b1:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:DB:80:33:E8:EF:37:89:AA:9D:AD:5C:49:27:87:03:D5:66:3A:D9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143527.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a36d::/32 Signature Algorithm: sha256WithRSAEncryption 78:77:0b:9b:c5:b0:d6:c3:5a:2b:6a:6b:80:a0:f7:08:be:74: c1:b8:56:d1:6d:a0:14:98:e9:5b:3c:9d:de:bb:08:67:eb:04: 5b:4b:f9:f1:e2:28:da:5f:8b:75:f5:14:a1:b9:83:82:cb:6b: f6:4b:c8:67:46:a4:6b:1f:3c:20:5f:56:02:8e:d2:67:38:a1: aa:5b:91:45:68:3b:4f:07:0a:30:aa:43:95:47:14:6a:9f:4c: e3:91:29:e6:a9:07:32:ef:77:9c:71:71:54:90:99:ae:a4:ad: e8:d9:7d:3f:2c:a5:be:75:ae:1c:31:58:60:66:f7:8f:4f:00: 91:d5:47:f3:31:d8:b1:69:3e:73:a3:82:fc:30:29:0d:c8:ef: 14:9f:71:af:db:f4:99:14:c0:43:c6:7b:eb:6b:1a:b6:16:74: d7:ee:9b:9d:a7:ac:43:1e:3f:67:21:b9:9b:a2:d5:17:57:74: 07:a6:86:04:72:e4:22:cb:da:45:98:f1:b1:b8:e3:01:85:25: 89:ab:a0:80:bd:7d:31:df:06:5c:b6:42:aa:cb:44:36:78:b1: 6e:84:7b:90:a9:f3:5a:19:f1:e0:4c:03:e0:20:49:d8:5f:04: f8:71:7f:66:75:d4:4d:64:21:7b:38:79:2b:96:48:a8:1d:37: 0f:75:34:6d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCPm1EGEG3ud9HVh4T3yTjfcC3iwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczNVoX DTI3MDMwMzA2MTIzNVowMzExMC8GA1UEAxMoMkNEQjgwMzNFOEVGMzc4OUFBOURB RDVDNDkyNzg3MDNENTY2M0FEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKIEytHN6nDVZX3a5f2iofLyG7Psa6FAxGjG0CM2EMNbNirqknjp+EojFW8+ UmnjymcnVttq3zF4ft0Eh6K6BJYeBBs+RE5VHgavah8GSowYS6xu/J35xoUo+MHQ juE2XglJrB/K/8tfCNy2D1cXzK/3+/NeSDZ9y4vDhHNg1WX8HeoExC3agKBmg/oI b/abf9z8cPRKpxTnH2VFHI/n6jE1Yh48NtT980FqmY74ZKhDkel4b74OUuiOBtsE QCkz0fAOsamB3Te4UuxssoTHLD+q8ef+TlWtEScQHV6GUUYrmqkWTaOEq9tJVMQ8 /RglTD4wxu8d/YYGwhsyOjsqsf0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQs24Az 6O83iaqdrVxJJ4cD1WY62TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o20wDQYJKoZIhvcNAQELBQADggEBAHh3C5vFsNbDWitqa4Cg9wi+dMG4VtFtoBSY 6Vs8nd67CGfrBFtL+fHiKNpfi3X1FKG5g4LLa/ZLyGdGpGsfPCBfVgKO0mc4oapb kUVoO08HCjCqQ5VHFGqfTOORKeapBzLvd5xxcVSQma6krejZfT8spb51rhwxWGBm 949PAJHVR/Mx2LFpPnOjgvwwKQ3I7xSfca/b9JkUwEPGe+trGrYWdNfum52nrEMe P2chuZui1RdXdAemhgRy5CLL2kWY8bG44wGFJYmroIC9fTHfBly2QqrLRDZ4sW6E e5Cp81oZ8eBMA+AgSdhfBPhxf2Z11E1kIXs4eSuWSKgdNw91NG0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:04 2026 by rpki-client