$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143555.roa File: AS143555.roa (raw, json) Hash identifier: S0yDSj5logV3/+w4Ucj9lPna/RCsa+xzo7Qs9+tvJxg= Subject key identifier: 46:EE:E7:86:B5:0C:81:A5:AA:58:BA:90:24:F0:9E:11:95:96:77:64 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 74DCD86B11F29B39FED3DDE8E57DCE7968288695 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143555.roa Signing time: Wed 04 Mar 2026 06:15:16 +0000 ROA not before: Wed 04 Mar 2026 06:10:16 +0000 ROA not after: Wed 03 Mar 2027 06:15:16 +0000 asID: 143555 IP address blocks: 240a:a389::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:dc:d8:6b:11:f2:9b:39:fe:d3:dd:e8:e5:7d:ce:79:68:28:86:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:16 2026 GMT Not After : Mar 3 06:15:16 2027 GMT Subject: CN=46EEE786B50C81A5AA58BA9024F09E1195967764 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:3d:cf:9d:58:17:07:bd:13:7c:a7:90:44:80: a2:63:ea:85:51:4e:c6:7f:b4:af:ce:6f:87:0e:e7: 3e:36:be:08:77:41:ae:a1:66:6f:d6:29:84:76:58: 91:b2:e9:c8:4e:94:90:4c:8c:8f:77:d2:2c:53:e3: e3:2b:ee:45:7c:b5:ba:82:cf:a3:cc:4d:f8:b9:50: 72:22:4b:cd:71:d3:8f:0e:35:18:76:90:68:c6:19: 5a:a5:e8:ca:32:42:15:5c:c6:4c:9e:be:e3:cd:a9: 1e:7b:5f:27:24:0b:e9:5d:dd:c4:12:1c:20:e3:21: 00:19:fe:ec:5a:c0:cf:4b:14:e1:e2:da:32:fb:6d: 49:ce:b4:9e:57:d0:37:71:e0:db:4d:f5:90:c5:e4: 47:91:04:a8:50:18:08:22:3e:a6:e0:55:00:c0:bf: 76:b4:75:20:54:10:6e:7c:1f:2f:ae:b6:d3:ba:06: 0f:d5:bc:0e:bc:28:03:5b:cf:d5:c4:79:ff:e7:29: 67:a3:c0:6b:e7:65:0a:6f:df:1f:f4:2d:ba:23:10: c0:53:50:36:b7:9c:4c:5b:a9:8a:79:e4:9a:63:89: 47:14:98:71:8d:4e:c2:02:31:13:6d:5f:7e:7e:ae: aa:da:4e:1d:42:de:7f:0e:df:a4:76:ad:2c:8b:5e: 35:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:EE:E7:86:B5:0C:81:A5:AA:58:BA:90:24:F0:9E:11:95:96:77:64 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143555.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a389::/32 Signature Algorithm: sha256WithRSAEncryption 5c:99:84:c4:1e:49:ab:50:f9:2d:00:f9:ab:2e:bd:eb:c7:d3: 82:0a:d0:2a:51:60:67:ed:1c:e9:11:2a:51:ce:f0:1a:92:6a: 0b:dd:62:38:36:4c:9a:b6:04:e5:d8:79:6b:db:2b:8a:4b:86: ad:3e:29:5d:2a:c0:4b:ef:f0:ed:52:73:6b:ad:e0:a5:4a:a0: 85:c4:38:35:de:06:89:74:fc:11:8e:d8:b6:f3:d7:e6:93:ec: 8e:ef:9d:ca:09:48:e6:b1:36:70:10:75:50:6c:c6:0a:c5:d7: d3:07:09:45:d2:1f:a3:0a:97:47:3e:0e:73:eb:89:6f:97:e7: 22:50:2d:46:4d:83:3e:d7:d0:f7:bf:2d:35:8c:01:b4:a6:0c: 1b:a4:d9:ed:92:45:56:f4:98:65:4f:9b:59:bd:08:d7:29:15: 9c:86:ec:ad:b2:59:cf:ae:d4:af:14:7e:36:22:e5:80:81:05: 2d:a4:59:e2:26:66:44:42:e9:e5:43:b2:a2:a3:c2:04:97:f3: 20:e9:37:e9:9f:85:11:15:59:f0:be:b8:cc:96:23:cc:37:7c: 6f:1d:d3:f2:d6:1e:a1:c9:e8:6f:b8:d9:41:c6:9b:92:37:c5: 27:8f:e4:51:60:e3:de:14:07:39:21:84:1f:56:b5:d2:5c:3c: f0:ef:a8:07 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdNzYaxHymzn+093o5X3OeWgohpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxNloX DTI3MDMwMzA2MTUxNlowMzExMC8GA1UEAxMoNDZFRUU3ODZCNTBDODFBNUFBNThC QTkwMjRGMDlFMTE5NTk2Nzc2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJU9z51YFwe9E3ynkESAomPqhVFOxn+0r85vhw7nPja+CHdBrqFmb9YphHZY kbLpyE6UkEyMj3fSLFPj4yvuRXy1uoLPo8xN+LlQciJLzXHTjw41GHaQaMYZWqXo yjJCFVzGTJ6+482pHntfJyQL6V3dxBIcIOMhABn+7FrAz0sU4eLaMvttSc60nlfQ N3Hg2031kMXkR5EEqFAYCCI+puBVAMC/drR1IFQQbnwfL66207oGD9W8DrwoA1vP 1cR5/+cpZ6PAa+dlCm/fH/QtuiMQwFNQNrecTFupinnkmmOJRxSYcY1OwgIxE21f fn6uqtpOHULefw7fpHatLIteNacCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRG7ueG tQyBpapYupAk8J4RlZZ3ZDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o4kwDQYJKoZIhvcNAQELBQADggEBAFyZhMQeSatQ+S0A+asuvevH04IK0CpRYGft HOkRKlHO8BqSagvdYjg2TJq2BOXYeWvbK4pLhq0+KV0qwEvv8O1Sc2ut4KVKoIXE ODXeBol0/BGO2Lbz1+aT7I7vncoJSOaxNnAQdVBsxgrF19MHCUXSH6MKl0c+DnPr iW+X5yJQLUZNgz7X0Pe/LTWMAbSmDBuk2e2SRVb0mGVPm1m9CNcpFZyG7K2yWc+u 1K8UfjYi5YCBBS2kWeImZkRC6eVDsqKjwgSX8yDpN+mfhREVWfC+uMyWI8w3fG8d 0/LWHqHJ6G+42UHGm5I3xSeP5FFg494UBzkhhB9WtdJcPPDvqAc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:28 2026 by rpki-client