$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143548.roa File: AS143548.roa (raw, json) Hash identifier: uTZUC/kltVyp6EWcvrxoCQcQPiZMUqo6SIvgRS/AQ0c= Subject key identifier: 17:86:BE:0C:8A:2F:A2:88:33:5F:59:FB:E0:38:C3:A3:AC:F5:9F:4A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2E145355566DBCAE07DF3199AC26BCB1977DD4AB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143548.roa Signing time: Wed 04 Mar 2026 06:15:52 +0000 ROA not before: Wed 04 Mar 2026 06:10:52 +0000 ROA not after: Wed 03 Mar 2027 06:15:52 +0000 asID: 143548 IP address blocks: 240a:a382::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:14:53:55:56:6d:bc:ae:07:df:31:99:ac:26:bc:b1:97:7d:d4:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:52 2026 GMT Not After : Mar 3 06:15:52 2027 GMT Subject: CN=1786BE0C8A2FA288335F59FBE038C3A3ACF59F4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ae:21:db:fd:ca:d0:b2:65:25:ac:06:37:6d: 11:ac:7f:f4:dc:f0:f2:e2:c0:aa:28:b2:11:63:9f: 00:69:24:c1:44:09:e4:2e:a9:9d:6c:19:51:cc:dd: 39:d1:4f:fc:77:e2:f0:89:dc:2d:18:3d:37:3b:10: ad:4e:50:63:75:5e:f7:ce:0d:22:68:9b:2a:fb:22: 47:9d:cc:95:24:8d:d3:54:da:b9:57:1c:7c:21:87: e8:a2:7c:f5:fe:53:57:16:5e:04:28:0e:ef:50:03: 6d:09:0f:75:18:cd:f6:97:85:59:0b:4e:fc:50:bc: 1c:66:c4:20:6b:05:41:dd:d7:a8:ac:80:9c:f0:56: 91:e6:e7:93:c2:e5:cb:96:6b:ad:32:ab:00:3e:11: 2d:c8:90:27:d7:b1:bb:50:77:74:c6:f4:93:ca:bf: a2:5e:bd:64:55:98:5a:ce:ba:e0:17:7f:30:39:76: ed:c4:4d:a2:d0:71:c0:31:05:c3:d1:8b:7f:3f:ac: 74:5f:1a:d4:3b:c6:94:01:fc:c5:6b:6a:2d:2a:be: 7e:27:e1:94:bb:b6:c4:1f:73:5d:f5:07:3d:e9:c2: 81:df:3d:37:56:e3:97:e9:04:d1:45:fe:08:16:72: 7b:43:56:7b:8c:32:5a:f6:9e:7a:0d:bf:9f:04:9c: f7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:86:BE:0C:8A:2F:A2:88:33:5F:59:FB:E0:38:C3:A3:AC:F5:9F:4A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143548.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a382::/32 Signature Algorithm: sha256WithRSAEncryption a9:b2:1f:cd:13:d4:22:ed:24:5c:d7:9d:3d:01:f9:f4:0e:43: 1e:28:34:70:a5:ea:b5:d8:b8:f9:08:15:00:cd:fc:fe:e3:90: 23:f7:58:f1:28:09:02:94:2d:69:c9:2e:ec:83:9e:27:ec:33: 84:4b:e8:4d:9a:64:fb:60:60:72:53:d0:a3:f2:a8:07:a1:de: b6:24:6b:f9:85:03:67:e4:fd:d6:bf:86:aa:5c:6d:f2:bd:db: 9b:e6:a8:9e:89:03:ea:3b:eb:40:68:11:0a:4f:e0:8c:02:6a: 11:6c:c3:b2:17:10:49:b9:9c:e3:a9:ef:16:0e:d0:dd:34:fb: eb:10:7b:1d:b3:a9:01:73:30:ba:f4:45:30:33:f4:f5:e0:c0: be:86:f4:93:38:46:c4:03:4f:b2:e2:ad:49:f0:c6:7e:07:c4: f2:d8:a8:61:66:e4:f1:d3:da:81:09:8c:2c:5b:db:01:63:48: 5b:8f:4c:15:e9:1a:e2:1e:40:55:21:e7:ec:b5:f1:42:10:0a: cd:a8:f4:99:5c:4a:41:9f:0d:64:ee:47:8a:31:41:6d:7f:73: ad:08:4a:ec:1d:56:c4:25:07:6e:c0:71:07:3a:61:12:0c:9a: 2d:b3:a8:67:41:96:3a:b5:ce:e0:79:e8:65:5f:8b:8b:05:fe: 94:fb:7d:d2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULhRTVVZtvK4H3zGZrCa8sZd91KswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA1MloX DTI3MDMwMzA2MTU1MlowMzExMC8GA1UEAxMoMTc4NkJFMEM4QTJGQTI4ODMzNUY1 OUZCRTAzOEMzQTNBQ0Y1OUY0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmuIdv9ytCyZSWsBjdtEax/9Nzw8uLAqiiyEWOfAGkkwUQJ5C6pnWwZUczd OdFP/Hfi8IncLRg9NzsQrU5QY3Ve984NImibKvsiR53MlSSN01TauVccfCGH6KJ8 9f5TVxZeBCgO71ADbQkPdRjN9peFWQtO/FC8HGbEIGsFQd3XqKyAnPBWkebnk8Ll y5ZrrTKrAD4RLciQJ9exu1B3dMb0k8q/ol69ZFWYWs664Bd/MDl27cRNotBxwDEF w9GLfz+sdF8a1DvGlAH8xWtqLSq+fifhlLu2xB9zXfUHPenCgd89N1bjl+kE0UX+ CBZye0NWe4wyWvaeeg2/nwSc9z8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQXhr4M ii+iiDNfWfvgOMOjrPWfSjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU0OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o4IwDQYJKoZIhvcNAQELBQADggEBAKmyH80T1CLtJFzXnT0B+fQOQx4oNHCl6rXY uPkIFQDN/P7jkCP3WPEoCQKULWnJLuyDnifsM4RL6E2aZPtgYHJT0KPyqAeh3rYk a/mFA2fk/da/hqpcbfK925vmqJ6JA+o760BoEQpP4IwCahFsw7IXEEm5nOOp7xYO 0N00++sQex2zqQFzMLr0RTAz9PXgwL6G9JM4RsQDT7LirUnwxn4HxPLYqGFm5PHT 2oEJjCxb2wFjSFuPTBXpGuIeQFUh5+y18UIQCs2o9JlcSkGfDWTuR4oxQW1/c60I SuwdVsQlB27AcQc6YRIMmi2zqGdBljq1zuB56GVfi4sF/pT7fdI= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:04 2026 by rpki-client