$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143546.roa File: AS143546.roa (raw, json) Hash identifier: YBRdE9+St76RvtGynJ7wqbnCBZFGPbJ138oA69in7I8= Subject key identifier: A9:F7:CA:D5:FA:9B:96:B9:62:74:DA:A8:FA:4D:91:72:FC:72:F9:2A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 273D930553A27DA31A4CF2966C7C724B105CDED2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143546.roa Signing time: Wed 04 Mar 2026 06:12:55 +0000 ROA not before: Wed 04 Mar 2026 06:07:55 +0000 ROA not after: Wed 03 Mar 2027 06:12:55 +0000 asID: 143546 IP address blocks: 240a:a380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:3d:93:05:53:a2:7d:a3:1a:4c:f2:96:6c:7c:72:4b:10:5c:de:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:55 2026 GMT Not After : Mar 3 06:12:55 2027 GMT Subject: CN=A9F7CAD5FA9B96B96274DAA8FA4D9172FC72F92A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:0a:d1:de:dd:d3:80:11:ac:18:3d:2f:37:a0: a0:06:7a:c6:f7:fc:6c:a8:bf:1b:de:71:96:55:9f: 25:ef:bb:94:47:b8:37:70:dc:fc:1b:1d:03:3b:6d: 9f:d9:0a:a0:c5:98:6e:7f:bd:9a:e4:dc:2f:b0:bd: ba:47:ef:16:f5:af:c0:3c:5c:ba:62:2b:8f:09:43: 11:df:f3:a2:60:c7:15:9f:4d:df:7b:71:53:34:ae: ce:74:74:c4:a2:f0:7a:f5:e7:dc:0e:67:01:40:ef: 39:84:2b:ee:82:23:72:5d:26:27:51:53:64:00:75: 93:14:41:06:f2:fb:7c:0b:e4:65:5e:ca:3e:f9:28: 7b:ff:72:bd:0c:c0:f5:7f:ae:97:be:c0:48:49:63: df:a5:65:ff:2f:60:ca:8c:af:30:c8:23:21:63:10: f0:c9:3a:8d:08:96:74:c8:ff:aa:87:76:fe:25:3a: c1:a8:81:d2:60:b3:26:f1:24:49:61:7e:aa:63:ae: a1:48:02:9f:33:37:2c:7e:da:e8:8b:9b:7f:e6:a8: 69:27:25:e2:ca:6f:7e:db:96:d3:24:9f:15:14:cd: 22:56:c8:36:7f:98:d7:61:73:d3:22:6a:ca:21:7d: fd:40:23:56:e7:6f:35:b0:3d:d6:b6:c2:1a:f4:51: 34:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:F7:CA:D5:FA:9B:96:B9:62:74:DA:A8:FA:4D:91:72:FC:72:F9:2A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143546.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a380::/32 Signature Algorithm: sha256WithRSAEncryption 7e:6e:0d:8f:99:27:02:8c:2b:f7:ec:3c:c2:88:7e:cf:64:45: 87:0d:cc:b2:c5:d9:c4:26:b2:46:88:a3:b5:5c:4d:19:41:df: a3:55:73:90:18:8f:9a:91:b9:82:12:e9:1c:00:6b:a9:7a:0e: 63:e1:84:7b:8c:60:5f:6c:c7:f6:0f:06:52:9f:76:4a:85:7e: 47:99:68:f5:43:81:22:f4:b4:fa:c7:ff:18:da:40:4c:5c:18: 77:7f:2e:2e:a6:b4:9f:b3:a4:6f:2c:1e:51:4e:30:df:00:ae: f6:58:fe:e2:88:83:bd:6b:e6:0a:79:68:aa:67:e4:17:03:ea: 2b:1a:ac:c6:5d:9b:d1:13:3c:2d:8d:f1:0b:12:b8:e5:0e:d1: 80:9e:a8:2a:b8:17:be:17:ce:96:dc:c2:5f:d2:24:97:57:7d: 5a:8b:da:5b:81:8b:04:52:61:c9:05:52:77:6d:a8:6f:f7:fb: 59:a7:7f:52:96:37:ab:f0:7b:7d:c5:16:9d:7a:67:3f:8f:cc: 26:3b:f0:c8:0d:c1:3c:1e:ac:bf:84:27:09:8f:56:e9:cb:ca: 2e:fd:66:3e:55:1d:ae:6b:7d:df:fc:a7:2d:7a:7e:7c:7a:78: 70:d4:e3:eb:5b:b3:ef:1c:fd:8b:bd:17:b4:b3:97:17:64:21: 68:83:12:d1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJz2TBVOifaMaTPKWbHxySxBc3tIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1NVoX DTI3MDMwMzA2MTI1NVowMzExMC8GA1UEAxMoQTlGN0NBRDVGQTlCOTZCOTYyNzRE QUE4RkE0RDkxNzJGQzcyRjkyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJoK0d7d04ARrBg9LzegoAZ6xvf8bKi/G95xllWfJe+7lEe4N3Dc/BsdAztt n9kKoMWYbn+9muTcL7C9ukfvFvWvwDxcumIrjwlDEd/zomDHFZ9N33txUzSuznR0 xKLwevXn3A5nAUDvOYQr7oIjcl0mJ1FTZAB1kxRBBvL7fAvkZV7KPvkoe/9yvQzA 9X+ul77ASElj36Vl/y9gyoyvMMgjIWMQ8Mk6jQiWdMj/qod2/iU6waiB0mCzJvEk SWF+qmOuoUgCnzM3LH7a6Iubf+aoaScl4spvftuW0ySfFRTNIlbINn+Y12Fz0yJq yiF9/UAjVudvNbA91rbCGvRRNL0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSp98rV +puWuWJ02qj6TZFy/HL5KjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o4AwDQYJKoZIhvcNAQELBQADggEBAH5uDY+ZJwKMK/fsPMKIfs9kRYcNzLLF2cQm skaIo7VcTRlB36NVc5AYj5qRuYIS6RwAa6l6DmPhhHuMYF9sx/YPBlKfdkqFfkeZ aPVDgSL0tPrH/xjaQExcGHd/Li6mtJ+zpG8sHlFOMN8ArvZY/uKIg71r5gp5aKpn 5BcD6isarMZdm9ETPC2N8QsSuOUO0YCeqCq4F74Xzpbcwl/SJJdXfVqL2luBiwRS YckFUndtqG/3+1mnf1KWN6vwe33FFp16Zz+PzCY78MgNwTwerL+EJwmPVunLyi79 Zj5VHa5rfd/8py16fnx6eHDU4+tbs+8c/Yu9F7SzlxdkIWiDEtE= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:32 2026 by rpki-client