$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143538.roa File: AS143538.roa (raw, json) Hash identifier: u3b3cuQNukDc1Es/eqTlZk8/ev71KBm2Sv7brshvrM4= Subject key identifier: CD:99:B6:38:CB:7A:13:06:C9:9C:71:DC:1C:E0:57:A9:4C:07:2E:C0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6F5EE7F3BBA5EED7047CDB7024560F97CAD4E1A9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143538.roa Signing time: Wed 04 Mar 2026 06:14:14 +0000 ROA not before: Wed 04 Mar 2026 06:09:14 +0000 ROA not after: Wed 03 Mar 2027 06:14:14 +0000 asID: 143538 IP address blocks: 240a:a378::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:5e:e7:f3:bb:a5:ee:d7:04:7c:db:70:24:56:0f:97:ca:d4:e1:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:14 2026 GMT Not After : Mar 3 06:14:14 2027 GMT Subject: CN=CD99B638CB7A1306C99C71DC1CE057A94C072EC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:33:e4:5c:4f:26:46:f1:20:6b:02:3b:be:4f: bc:6a:35:e3:5a:68:2e:8e:c6:0b:f2:f0:48:6c:6f: a2:b6:70:d7:22:0a:63:6e:ee:b9:d0:bd:22:67:50: 52:34:90:3e:05:9c:a3:93:cd:13:bd:2d:37:27:bf: 0b:ba:0e:90:b2:9d:d4:f1:98:19:f6:ef:66:21:79: 27:f8:d2:12:13:69:e8:0d:00:49:29:a9:9b:c8:26: d4:3d:3c:14:f3:96:b6:fa:00:55:5c:c9:db:3a:7f: e6:44:4e:1e:09:c5:cf:af:67:97:98:9e:57:aa:9d: 6c:f0:b5:b9:3d:c7:47:63:08:54:00:3a:4c:52:fe: 84:79:ba:09:46:fb:7b:73:ec:59:94:ab:82:b2:67: f3:0e:71:ac:00:94:f5:8f:c6:a7:fe:fa:57:9c:7c: bc:65:7e:13:81:de:24:b8:f2:0b:18:62:ab:0c:04: c7:f5:e8:85:e6:10:2e:91:bd:02:6b:3d:6f:99:dc: 5a:7f:a9:1e:0c:08:af:1b:89:7d:c9:8b:b2:3a:99: 5d:ff:ac:e4:fb:02:5b:3d:0c:5a:bd:d8:24:fa:60: c6:24:93:73:87:b6:ef:cc:7e:c1:57:87:92:d7:4c: a7:4a:ba:e3:45:1f:5e:55:53:57:c5:5d:80:cc:df: 09:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:99:B6:38:CB:7A:13:06:C9:9C:71:DC:1C:E0:57:A9:4C:07:2E:C0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a378::/32 Signature Algorithm: sha256WithRSAEncryption cb:b2:52:43:d1:8b:25:a3:02:10:d6:f9:c9:8f:e7:2e:94:73: 6e:b1:5c:26:dd:7d:37:0a:39:31:68:d1:40:6c:96:ed:9c:a1: b9:69:5b:de:6e:16:25:ec:ac:21:75:5a:c9:7d:83:fa:3e:4c: 5c:5c:cf:01:a7:3c:19:d1:1e:d1:cc:70:b0:b3:8d:99:0c:54: 3c:68:34:eb:18:85:f6:17:5b:40:30:d8:5c:c4:10:e8:b0:2b: 19:79:cb:34:d9:ed:0f:ea:40:cd:07:84:47:64:89:ba:eb:ee: c1:f5:2f:0d:fa:b1:eb:b5:e5:1c:68:6b:dc:64:31:e9:2b:87: c9:c5:7c:c2:e2:21:1b:36:19:90:27:16:62:02:7e:74:58:8a: 71:f2:58:d9:5e:f2:6d:26:ea:74:84:63:20:68:c1:79:7d:d0: 55:55:ed:90:53:b4:24:b5:58:6a:d7:fa:5e:2a:2d:60:67:1f: fd:ec:7e:79:ed:e3:61:dc:c0:b4:6c:4d:b7:11:e5:4e:c9:6c: ed:82:b0:92:3d:3b:f7:ea:e4:50:8c:00:9e:bf:9a:69:e7:77: 66:4e:44:d0:2d:d2:d5:38:52:09:79:ac:cb:25:c7:25:15:b5: 08:31:0b:92:87:d3:8f:f4:ef:21:3b:19:d9:ff:0b:9e:15:ca: 08:e4:c1:87 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUb17n87ul7tcEfNtwJFYPl8rU4akwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxNFoX DTI3MDMwMzA2MTQxNFowMzExMC8GA1UEAxMoQ0Q5OUI2MzhDQjdBMTMwNkM5OUM3 MURDMUNFMDU3QTk0QzA3MkVDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcz5FxPJkbxIGsCO75PvGo141poLo7GC/LwSGxvorZw1yIKY27uudC9ImdQ UjSQPgWco5PNE70tNye/C7oOkLKd1PGYGfbvZiF5J/jSEhNp6A0ASSmpm8gm1D08 FPOWtvoAVVzJ2zp/5kROHgnFz69nl5ieV6qdbPC1uT3HR2MIVAA6TFL+hHm6CUb7 e3PsWZSrgrJn8w5xrACU9Y/Gp/76V5x8vGV+E4HeJLjyCxhiqwwEx/XoheYQLpG9 Ams9b5ncWn+pHgwIrxuJfcmLsjqZXf+s5PsCWz0MWr3YJPpgxiSTc4e278x+wVeH ktdMp0q640UfXlVTV8VdgMzfCRsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNmbY4 y3oTBsmccdwc4FepTAcuwDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o3gwDQYJKoZIhvcNAQELBQADggEBAMuyUkPRiyWjAhDW+cmP5y6Uc26xXCbdfTcK OTFo0UBslu2coblpW95uFiXsrCF1Wsl9g/o+TFxczwGnPBnRHtHMcLCzjZkMVDxo NOsYhfYXW0Aw2FzEEOiwKxl5yzTZ7Q/qQM0HhEdkibrr7sH1Lw36seu15Rxoa9xk Mekrh8nFfMLiIRs2GZAnFmICfnRYinHyWNle8m0m6nSEYyBowXl90FVV7ZBTtCS1 WGrX+l4qLWBnH/3sfnnt42HcwLRsTbcR5U7JbO2CsJI9O/fq5FCMAJ6/mmnnd2ZO RNAt0tU4Ugl5rMslxyUVtQgxC5KH04/07yE7Gdn/C54VygjkwYc= -----END CERTIFICATE-----Generated at Sat Mar 28 14:31:31 2026 by rpki-client