$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143561.roa File: AS143561.roa (raw, json) Hash identifier: HOPqkBMUxrGtHvKvM6jk4SIaJVqPxxpsDdpHnbdWn7k= Subject key identifier: F3:AC:A4:EF:39:DD:2B:4E:2D:61:69:38:D3:F2:AE:DE:71:E0:71:C2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 16E5F0EAFD3AA4A2E92EEB96EAAADD992A0BA4AD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143561.roa Signing time: Wed 04 Mar 2026 06:14:00 +0000 ROA not before: Wed 04 Mar 2026 06:09:00 +0000 ROA not after: Wed 03 Mar 2027 06:14:00 +0000 asID: 143561 IP address blocks: 240a:a38f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:e5:f0:ea:fd:3a:a4:a2:e9:2e:eb:96:ea:aa:dd:99:2a:0b:a4:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:00 2026 GMT Not After : Mar 3 06:14:00 2027 GMT Subject: CN=F3ACA4EF39DD2B4E2D616938D3F2AEDE71E071C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:c3:b5:e5:9c:9a:7e:6a:83:e2:ca:0a:6d:35: 19:d1:08:fe:a0:34:9b:bc:33:da:10:20:27:36:c3: 7b:b3:cf:f7:c3:a8:78:e4:fd:b6:a0:9f:8e:46:1e: 3a:e0:91:30:72:0e:a3:90:56:20:03:87:e9:b1:1b: 82:ad:e4:16:4a:1a:af:43:7c:22:78:0e:10:cf:d1: 67:90:43:fd:a6:55:d7:75:f2:fd:d9:ec:5a:e8:4c: f7:e3:d4:58:8f:20:1c:71:11:b4:bf:47:61:80:4c: cc:df:7d:3e:d4:30:8b:50:c8:bf:77:56:dc:53:1b: d7:cb:bb:e5:31:78:a3:3d:eb:12:eb:63:99:a3:7a: f8:58:e1:e6:5d:a1:6a:cc:46:4a:56:76:c5:d1:cc: 6a:ec:21:1b:7f:2d:c8:d1:80:e2:3f:fb:31:13:bb: 00:61:bf:9d:fb:2d:85:02:35:55:67:0b:57:15:6a: bb:af:38:e6:64:50:5b:6b:1e:24:04:9e:ef:55:81: 33:5b:66:b4:c6:a1:ed:16:d1:5c:2c:9a:a4:55:29: f1:a8:e8:c9:0e:9c:b8:7f:ef:88:82:3d:c8:eb:4f: e5:8f:80:31:64:39:a6:4e:fa:60:94:3f:12:b2:a1: 33:a0:8a:cb:46:c3:60:50:4b:e9:7e:cb:f9:03:a3: 51:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:AC:A4:EF:39:DD:2B:4E:2D:61:69:38:D3:F2:AE:DE:71:E0:71:C2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143561.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a38f::/32 Signature Algorithm: sha256WithRSAEncryption 3a:32:07:a3:bc:b9:19:bf:a9:07:f7:ec:e2:b2:5f:7c:3d:be: 6d:2c:f3:6c:eb:a5:c5:9e:11:28:9b:af:6f:57:4f:1f:52:18: a5:14:91:6f:61:af:7e:8c:6a:4d:1b:c5:8f:db:d1:94:a2:66: cc:40:80:a4:1c:48:34:a9:c7:24:90:fd:c7:a3:35:72:a4:25: 80:de:71:8f:8a:63:d0:37:9b:6e:4c:d9:ad:5f:a2:48:df:72: 78:3b:c3:50:3d:f6:f1:f6:f0:6f:b2:67:e6:19:a5:72:ba:2d: 4c:b2:de:2a:0e:70:37:70:d0:f6:98:19:54:e6:22:78:74:cc: b6:58:61:02:97:85:ef:01:9b:d2:fb:11:82:00:7c:2b:f0:92: c7:b0:4d:5e:bd:b4:b9:17:59:1b:78:26:e5:68:27:e7:a5:d3: 68:b0:64:d9:f0:c8:d4:44:02:e5:fc:49:b5:23:e4:15:60:72: c9:b4:ae:7c:43:e5:49:7e:67:23:94:8c:c5:cf:07:05:49:cc: 68:f5:c5:a8:35:00:7a:49:c5:c7:fa:88:b4:4e:97:05:60:97: fd:06:ad:82:c7:38:e1:c3:61:81:eb:33:05:9b:bb:51:03:6a: 85:8c:2c:f5:8f:1d:a5:fc:b3:02:f7:39:e7:28:bb:2c:08:88: 79:7f:32:7a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFuXw6v06pKLpLuuW6qrdmSoLpK0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwMFoX DTI3MDMwMzA2MTQwMFowMzExMC8GA1UEAxMoRjNBQ0E0RUYzOUREMkI0RTJENjE2 OTM4RDNGMkFFREU3MUUwNzFDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXDteWcmn5qg+LKCm01GdEI/qA0m7wz2hAgJzbDe7PP98OoeOT9tqCfjkYe OuCRMHIOo5BWIAOH6bEbgq3kFkoar0N8IngOEM/RZ5BD/aZV13Xy/dnsWuhM9+PU WI8gHHERtL9HYYBMzN99PtQwi1DIv3dW3FMb18u75TF4oz3rEutjmaN6+Fjh5l2h asxGSlZ2xdHMauwhG38tyNGA4j/7MRO7AGG/nfsthQI1VWcLVxVqu6845mRQW2se JASe71WBM1tmtMah7RbRXCyapFUp8ajoyQ6cuH/viII9yOtP5Y+AMWQ5pk76YJQ/ ErKhM6CKy0bDYFBL6X7L+QOjUaECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTzrKTv Od0rTi1haTjT8q7eceBxwjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o48wDQYJKoZIhvcNAQELBQADggEBADoyB6O8uRm/qQf37OKyX3w9vm0s82zrpcWe ESibr29XTx9SGKUUkW9hr36Mak0bxY/b0ZSiZsxAgKQcSDSpxySQ/cejNXKkJYDe cY+KY9A3m25M2a1fokjfcng7w1A99vH28G+yZ+YZpXK6LUyy3ioOcDdw0PaYGVTm Inh0zLZYYQKXhe8Bm9L7EYIAfCvwksewTV69tLkXWRt4JuVoJ+el02iwZNnwyNRE AuX8SbUj5BVgcsm0rnxD5Ul+ZyOUjMXPBwVJzGj1xag1AHpJxcf6iLROlwVgl/0G rYLHOOHDYYHrMwWbu1EDaoWMLPWPHaX8swL3OecouywIiHl/Mno= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:00 2026 by rpki-client