$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143559.roa File: AS143559.roa (raw, json) Hash identifier: cVfGGyfLZqAlJ88iIIwbEzBGjmi7dPp4v5Kr1vRZyKw= Subject key identifier: FA:5B:41:1B:87:E3:BB:05:DC:1D:18:43:E7:A5:A8:86:EC:56:A1:C4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6FDE68F3FFD300D584379A8E12560BBB2D06931C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143559.roa Signing time: Wed 04 Mar 2026 06:15:01 +0000 ROA not before: Wed 04 Mar 2026 06:10:01 +0000 ROA not after: Wed 03 Mar 2027 06:15:01 +0000 asID: 143559 IP address blocks: 240a:a38d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:de:68:f3:ff:d3:00:d5:84:37:9a:8e:12:56:0b:bb:2d:06:93:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:01 2026 GMT Not After : Mar 3 06:15:01 2027 GMT Subject: CN=FA5B411B87E3BB05DC1D1843E7A5A886EC56A1C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e2:3b:3b:f4:fa:c0:cd:d0:14:c3:d9:c0:29: 96:8c:67:a2:3c:6a:5e:63:65:0d:5b:60:09:a8:b0: ba:4b:0b:c3:19:e4:7c:bc:89:23:97:e1:1f:aa:92: 31:ef:47:be:c1:89:8b:0a:c3:43:49:48:48:17:c5: bd:f0:0d:f4:ab:0c:89:ed:eb:6e:e5:04:1a:54:04: b7:c0:81:ae:07:58:90:ce:87:c0:c4:63:be:82:85: b5:72:24:44:56:fd:f7:88:1c:12:26:a4:8c:3d:24: d4:77:89:b2:e7:d1:82:3b:01:1e:e1:ce:52:9f:e2: 33:00:94:25:82:8e:ca:dc:2c:e1:cf:16:24:73:d4: 6e:98:c0:c0:65:df:23:2f:ea:1f:6d:54:35:b8:e9: 01:3a:a7:eb:67:eb:8e:f4:9d:d9:45:32:96:c3:c5: 50:cf:8b:74:c2:1e:18:95:11:04:ff:6f:02:81:aa: 51:f2:10:17:32:39:93:f3:25:6b:0d:3a:0d:a5:c8: 8f:fa:27:01:a2:3b:6c:1f:58:fb:ca:89:22:dd:2e: 3c:3a:f8:8b:f3:a0:e1:42:b9:86:93:4b:6f:5c:78: b9:0b:3e:21:59:48:25:3d:ff:ee:c6:38:ae:e2:7c: e3:97:90:f5:cf:c1:44:b9:56:93:7e:2a:2d:c9:f3: 49:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:5B:41:1B:87:E3:BB:05:DC:1D:18:43:E7:A5:A8:86:EC:56:A1:C4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143559.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a38d::/32 Signature Algorithm: sha256WithRSAEncryption 64:2a:17:b3:48:6c:cd:ad:65:d5:19:7d:01:81:a1:af:bc:8d: 93:74:1a:ee:66:04:c7:81:fd:30:98:77:10:22:0a:bf:65:c6: 56:37:42:de:78:9b:d9:c5:19:bb:cb:79:ef:ae:bc:74:c8:8f: e1:91:d8:97:37:9c:7e:62:0e:aa:04:4d:42:b5:75:fd:02:10: aa:98:cf:a6:fd:3f:3d:de:0e:7f:42:11:6c:02:61:6d:a5:78: b8:fd:ea:7f:24:3c:8e:38:ee:41:40:b1:54:e2:26:69:e2:54: a7:ea:80:6a:e7:ad:71:0c:77:38:b4:ea:01:c3:eb:da:e8:1f: 23:c1:4b:17:b6:40:dc:eb:db:3e:ed:38:35:a1:af:fb:01:9e: 19:2f:cb:50:38:e6:af:1b:7e:ef:2e:47:dd:1f:49:85:8f:17: 28:ab:66:e1:b6:e8:14:3d:8c:a9:69:31:f6:a2:0a:72:13:ae: a1:c0:91:83:e9:c8:1b:97:40:8c:16:f4:f6:ce:49:23:fd:5c: 52:d5:91:ae:41:cc:df:5e:52:d2:3b:04:35:b8:e9:31:b1:83: bf:39:f7:13:96:9b:4e:ab:d2:84:6f:ef:08:4c:5d:55:31:e1: 23:47:b0:2b:0c:72:93:cb:8b:de:42:5c:50:b2:13:57:e4:41: 69:f8:68:56 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUb95o8//TANWEN5qOElYLuy0GkxwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwMVoX DTI3MDMwMzA2MTUwMVowMzExMC8GA1UEAxMoRkE1QjQxMUI4N0UzQkIwNURDMUQx ODQzRTdBNUE4ODZFQzU2QTFDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKviOzv0+sDN0BTD2cAploxnojxqXmNlDVtgCaiwuksLwxnkfLyJI5fhH6qS Me9HvsGJiwrDQ0lISBfFvfAN9KsMie3rbuUEGlQEt8CBrgdYkM6HwMRjvoKFtXIk RFb994gcEiakjD0k1HeJsufRgjsBHuHOUp/iMwCUJYKOytws4c8WJHPUbpjAwGXf Iy/qH21UNbjpATqn62frjvSd2UUylsPFUM+LdMIeGJURBP9vAoGqUfIQFzI5k/Ml aw06DaXIj/onAaI7bB9Y+8qJIt0uPDr4i/Og4UK5hpNLb1x4uQs+IVlIJT3/7sY4 ruJ845eQ9c/BRLlWk34qLcnzSf0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT6W0Eb h+O7BdwdGEPnpaiG7FahxDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o40wDQYJKoZIhvcNAQELBQADggEBAGQqF7NIbM2tZdUZfQGBoa+8jZN0Gu5mBMeB /TCYdxAiCr9lxlY3Qt54m9nFGbvLee+uvHTIj+GR2Jc3nH5iDqoETUK1df0CEKqY z6b9Pz3eDn9CEWwCYW2leLj96n8kPI447kFAsVTiJmniVKfqgGrnrXEMdzi06gHD 69roHyPBSxe2QNzr2z7tODWhr/sBnhkvy1A45q8bfu8uR90fSYWPFyirZuG26BQ9 jKlpMfaiCnITrqHAkYPpyBuXQIwW9PbOSSP9XFLVka5BzN9eUtI7BDW46TGxg785 9xOWm06r0oRv7whMXVUx4SNHsCsMcpPLi95CXFCyE1fkQWn4aFY= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:42 2026 by rpki-client