$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143564.roa File: AS143564.roa (raw, json) Hash identifier: 3HFq5Anrx9MxkDcm396srwrK03oPmImzlNA6sys5fBY= Subject key identifier: DB:A7:6E:E3:64:70:47:D9:39:39:2C:B4:E4:0D:0E:2A:6C:91:73:9C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4EA3E8CBF662A3A3D2DA003EEEA58B6DF0CD97AE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143564.roa Signing time: Wed 04 Mar 2026 06:15:11 +0000 ROA not before: Wed 04 Mar 2026 06:10:11 +0000 ROA not after: Wed 03 Mar 2027 06:15:11 +0000 asID: 143564 IP address blocks: 240a:a392::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:a3:e8:cb:f6:62:a3:a3:d2:da:00:3e:ee:a5:8b:6d:f0:cd:97:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:11 2026 GMT Not After : Mar 3 06:15:11 2027 GMT Subject: CN=DBA76EE3647047D939392CB4E40D0E2A6C91739C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c9:0e:fc:cd:7a:29:57:20:82:13:d4:93:1a: 54:08:aa:53:9e:b2:33:62:68:ec:dd:3f:d0:d1:a9: bf:b9:3d:40:d4:28:6e:50:ab:74:98:d6:6b:57:b3: 97:0e:c8:8a:8a:a2:b3:a9:4e:bc:bd:1f:c2:a2:2d: 0b:31:5d:ea:72:a7:fd:64:e1:d3:1d:b5:d9:cc:a2: 0a:e2:e2:9f:d4:68:df:3f:25:bb:fa:91:2e:25:62: 89:ba:cd:27:1c:ef:4f:68:27:30:d4:ac:49:8d:45: 71:6d:9b:54:58:09:3a:e5:b8:df:f8:ea:b1:03:c5: 1d:64:3f:15:02:d0:c0:b6:8e:b3:2b:ea:00:32:68: a0:b1:b9:6d:d6:18:51:64:21:f3:84:61:07:b3:57: 59:ad:54:8c:14:a4:84:6a:dd:e8:54:53:33:fa:38: a6:ca:24:b5:29:73:82:f4:8d:8a:95:3c:20:dc:fe: bf:33:93:81:fc:2f:b4:d2:57:54:f4:ed:38:2e:8b: 3e:e0:d9:f5:58:bb:36:dd:d0:a7:ae:55:74:89:d8: 88:ce:1c:37:b4:95:7c:8a:5a:4b:b7:f2:4f:2b:73: 58:2d:5e:1a:65:68:99:6f:d4:39:b9:dc:a0:68:89: cf:80:42:4a:70:17:b0:1e:b2:19:15:28:47:c5:44: f5:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:A7:6E:E3:64:70:47:D9:39:39:2C:B4:E4:0D:0E:2A:6C:91:73:9C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143564.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a392::/32 Signature Algorithm: sha256WithRSAEncryption 96:0d:ef:31:75:46:a0:3c:97:b9:96:d6:b0:6a:7d:7e:63:66: 97:5b:e0:6e:e5:99:75:c6:ef:37:17:91:b4:94:f1:94:84:36: 17:d8:0e:7a:bc:fa:d1:d0:27:af:0f:79:52:e4:db:fc:22:99: 59:32:12:b4:6a:8e:da:bf:5c:d6:80:88:fd:e0:b0:59:b3:8a: 79:95:c3:9b:37:b8:1b:7a:3b:d9:c1:21:19:b6:77:df:af:11: 9b:43:e5:9c:80:c4:33:d0:f3:39:77:70:b2:9a:67:8f:f6:4f: 49:36:ca:4b:21:46:9c:77:3b:97:fd:1e:56:c9:ca:f0:2b:1d: f0:6a:23:c1:9b:b1:fb:35:99:ed:cf:86:b8:1a:84:36:9d:1f: b8:ff:e0:5d:c4:f7:41:4a:d7:58:df:58:6b:00:47:4d:94:2a: 4d:31:0c:8d:de:53:6c:ba:c0:00:31:e8:5b:a9:df:9c:f5:5a: d7:87:c9:4b:4b:e6:d8:ad:19:2f:4d:99:e1:0a:cb:5b:46:78: 2a:7c:cb:04:21:a3:d2:70:8e:67:14:ce:f7:43:f5:93:e9:e4: 99:bb:ed:7d:89:3e:60:cc:64:df:77:d5:69:63:8d:7a:ca:2c: 01:32:ef:d6:c2:b2:5f:81:b3:44:4c:83:ce:ca:f1:f3:f8:7e: 1b:55:2c:54 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTqPoy/Zio6PS2gA+7qWLbfDNl64wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxMVoX DTI3MDMwMzA2MTUxMVowMzExMC8GA1UEAxMoREJBNzZFRTM2NDcwNDdEOTM5Mzky Q0I0RTQwRDBFMkE2QzkxNzM5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJzJDvzNeilXIIIT1JMaVAiqU56yM2Jo7N0/0NGpv7k9QNQoblCrdJjWa1ez lw7Iioqis6lOvL0fwqItCzFd6nKn/WTh0x212cyiCuLin9Ro3z8lu/qRLiViibrN JxzvT2gnMNSsSY1FcW2bVFgJOuW43/jqsQPFHWQ/FQLQwLaOsyvqADJooLG5bdYY UWQh84RhB7NXWa1UjBSkhGrd6FRTM/o4psoktSlzgvSNipU8INz+vzOTgfwvtNJX VPTtOC6LPuDZ9Vi7Nt3Qp65VdInYiM4cN7SVfIpaS7fyTytzWC1eGmVomW/UObnc oGiJz4BCSnAXsB6yGRUoR8VE9b0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTbp27j ZHBH2Tk5LLTkDQ4qbJFznDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU2NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o5IwDQYJKoZIhvcNAQELBQADggEBAJYN7zF1RqA8l7mW1rBqfX5jZpdb4G7lmXXG 7zcXkbSU8ZSENhfYDnq8+tHQJ68PeVLk2/wimVkyErRqjtq/XNaAiP3gsFmzinmV w5s3uBt6O9nBIRm2d9+vEZtD5ZyAxDPQ8zl3cLKaZ4/2T0k2ykshRpx3O5f9HlbJ yvArHfBqI8Gbsfs1me3PhrgahDadH7j/4F3E90FK11jfWGsAR02UKk0xDI3eU2y6 wAAx6Fup35z1WteHyUtL5titGS9NmeEKy1tGeCp8ywQho9JwjmcUzvdD9ZPp5Jm7 7X2JPmDMZN931WljjXrKLAEy79bCsl+Bs0RMg87K8fP4fhtVLFQ= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:35 2026 by rpki-client