$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143543.roa File: AS143543.roa (raw, json) Hash identifier: iFf7y34CSIesrQF6So5jEgbodnZE4k8y0RZfMU9ziuk= Subject key identifier: 37:61:A3:F4:A5:58:E1:86:66:2E:D7:DF:D4:FF:FF:EF:82:12:48:84 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 347D4BF5BB562E172BCCAA7AB6B82FCA90FE907C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143543.roa Signing time: Wed 04 Mar 2026 06:12:55 +0000 ROA not before: Wed 04 Mar 2026 06:07:55 +0000 ROA not after: Wed 03 Mar 2027 06:12:55 +0000 asID: 143543 IP address blocks: 240a:a37d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:7d:4b:f5:bb:56:2e:17:2b:cc:aa:7a:b6:b8:2f:ca:90:fe:90:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:55 2026 GMT Not After : Mar 3 06:12:55 2027 GMT Subject: CN=3761A3F4A558E186662ED7DFD4FFFFEF82124884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:51:a8:3b:15:a9:5d:35:6e:b8:23:9e:95:d7: 75:ba:dd:19:87:70:45:2c:fd:0b:64:64:0b:81:c4: 6c:95:00:78:c4:89:cc:d1:93:43:4f:5b:d7:a4:3b: 8c:51:b6:8b:c6:0b:6e:2a:b2:65:6f:a7:52:12:92: 2f:ed:56:a9:9b:c3:95:4d:45:a5:1f:b6:43:70:ea: 39:39:37:10:f5:53:94:c8:9e:fc:0d:1a:39:37:a8: 4c:5b:97:c0:43:88:3e:fb:a3:40:4a:5d:e3:1f:cc: 20:ee:82:5e:c8:f6:00:a0:2d:3f:77:34:52:25:25: c0:56:33:5c:d4:f2:dd:f9:bc:04:17:3e:6c:c4:80: 0a:23:9a:b4:30:b4:4a:ee:6f:7f:75:25:be:05:5c: 32:8f:55:ef:25:5e:50:01:b2:08:ea:6e:bb:1b:8a: 6d:dc:16:d8:50:99:7c:88:35:f5:5a:c7:23:10:d8: 76:b5:c7:e9:87:8a:f8:32:2a:ef:e5:83:b6:00:d0: ec:1f:d8:67:c5:9c:08:3b:5e:74:66:ea:8d:95:06: e1:3c:7e:87:2f:48:3e:f2:cd:f6:d5:e3:32:04:f4: 8b:11:59:d9:7d:1f:32:1e:d7:70:5c:2b:00:92:df: 3e:95:55:0e:43:2c:93:99:d9:30:e9:23:7f:ba:55: 9b:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:61:A3:F4:A5:58:E1:86:66:2E:D7:DF:D4:FF:FF:EF:82:12:48:84 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143543.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a37d::/32 Signature Algorithm: sha256WithRSAEncryption 3b:4c:b9:c4:c8:5d:39:59:a0:c7:6c:e0:a9:92:f9:ad:c8:0a: 97:e7:fd:2d:50:b0:25:c7:9c:13:7f:1d:cd:5b:72:91:d6:b2: 5c:1f:7d:68:fe:e5:0c:99:31:4e:7e:4f:48:e0:42:9a:dc:aa: 5d:29:80:71:5d:01:fe:29:7a:fb:2a:36:9b:8e:76:30:ab:cc: 64:46:e7:ce:c8:f3:81:60:77:f2:68:c4:a8:32:3a:7c:45:23: fe:aa:23:4d:00:bb:0f:51:9d:7d:31:8c:c9:c8:b1:22:98:d5: 22:3a:f1:3f:e1:f2:d3:29:6e:92:fe:67:c6:33:41:9a:05:16: 32:05:8b:ee:c3:1d:e3:a1:25:d2:fb:3f:37:40:be:cc:93:38: 0d:50:c4:cc:b2:04:c8:b1:20:5c:95:68:50:d6:98:21:cc:67: 6f:8d:42:44:74:00:83:97:47:48:89:1d:71:cb:2f:f2:9f:db: 5d:80:d7:a4:ce:1c:5d:6d:13:f3:3b:04:7d:ac:0f:af:d1:7e: 57:d1:5e:2d:0f:d0:08:b7:c6:a4:ab:49:ea:31:61:69:78:91: 6e:b3:30:89:9b:02:10:b0:9c:00:c7:6a:e6:81:dd:8a:8d:ed: 32:aa:c8:d1:cc:56:f8:8a:e8:84:82:0d:54:69:c6:75:f4:59: e5:3d:9a:51 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNH1L9btWLhcrzKp6trgvypD+kHwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1NVoX DTI3MDMwMzA2MTI1NVowMzExMC8GA1UEAxMoMzc2MUEzRjRBNTU4RTE4NjY2MkVE N0RGRDRGRkZGRUY4MjEyNDg4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOhRqDsVqV01brgjnpXXdbrdGYdwRSz9C2RkC4HEbJUAeMSJzNGTQ09b16Q7 jFG2i8YLbiqyZW+nUhKSL+1WqZvDlU1FpR+2Q3DqOTk3EPVTlMie/A0aOTeoTFuX wEOIPvujQEpd4x/MIO6CXsj2AKAtP3c0UiUlwFYzXNTy3fm8BBc+bMSACiOatDC0 Su5vf3UlvgVcMo9V7yVeUAGyCOpuuxuKbdwW2FCZfIg19VrHIxDYdrXH6YeK+DIq 7+WDtgDQ7B/YZ8WcCDtedGbqjZUG4Tx+hy9IPvLN9tXjMgT0ixFZ2X0fMh7XcFwr AJLfPpVVDkMsk5nZMOkjf7pVm30CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ3YaP0 pVjhhmYu19/U///vghJIhDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o30wDQYJKoZIhvcNAQELBQADggEBADtMucTIXTlZoMds4KmS+a3ICpfn/S1QsCXH nBN/Hc1bcpHWslwffWj+5QyZMU5+T0jgQprcql0pgHFdAf4pevsqNpuOdjCrzGRG 587I84Fgd/JoxKgyOnxFI/6qI00Auw9RnX0xjMnIsSKY1SI68T/h8tMpbpL+Z8Yz QZoFFjIFi+7DHeOhJdL7PzdAvsyTOA1QxMyyBMixIFyVaFDWmCHMZ2+NQkR0AIOX R0iJHXHLL/Kf212A16TOHF1tE/M7BH2sD6/RflfRXi0P0Ai3xqSrSeoxYWl4kW6z MImbAhCwnADHauaB3YqN7TKqyNHMVviK6ISCDVRpxnX0WeU9mlE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:22 2026 by rpki-client