$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143566.roa File: AS143566.roa (raw, json) Hash identifier: 0MNqiuguHD3AjKKoszFmhE2qIWKVAGDQLHSA5GRVJ0o= Subject key identifier: 27:69:78:AB:D0:D9:45:6C:B8:7E:BF:53:44:01:71:09:66:19:6A:59 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 23475C6D22A0F737F22294489DC9F8495CB5BEBC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143566.roa Signing time: Wed 04 Mar 2026 06:12:40 +0000 ROA not before: Wed 04 Mar 2026 06:07:40 +0000 ROA not after: Wed 03 Mar 2027 06:12:40 +0000 asID: 143566 IP address blocks: 240a:a394::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:47:5c:6d:22:a0:f7:37:f2:22:94:48:9d:c9:f8:49:5c:b5:be:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:40 2026 GMT Not After : Mar 3 06:12:40 2027 GMT Subject: CN=276978ABD0D9456CB87EBF534401710966196A59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f5:db:7b:2b:11:39:c0:2a:17:a0:50:6f:05: 84:02:6d:ce:2b:0c:72:f8:b7:85:ff:e0:44:97:bf: bf:8b:87:0f:d8:b3:ea:17:81:a2:e3:3a:ed:2d:89: f7:27:3d:f3:57:70:eb:a6:bc:19:4d:95:74:eb:a4: b5:ce:ff:af:63:3d:b1:1f:ce:95:d2:9e:72:f3:81: 25:34:8f:0e:f7:7f:3e:40:fb:2c:13:5a:a7:f8:16: 35:19:1d:db:28:f0:6f:ca:4e:d2:0d:12:5f:0e:63: e4:ef:5d:fd:f3:b3:33:e9:47:f0:53:b6:5c:e8:5e: 0b:f8:e4:b8:66:8f:ea:78:5f:e6:6d:85:1e:2d:66: 61:05:28:84:bf:0c:6c:20:d5:0e:bc:4f:b8:99:ca: 2c:ed:5d:e4:fc:83:03:2f:19:9b:5c:a5:10:e9:67: 62:8e:32:4c:f0:0e:04:60:62:23:ed:26:b2:c3:bb: c6:42:bf:2b:ad:3c:b0:a3:67:56:09:f3:98:a6:13: 1e:0f:20:f9:34:55:30:b6:89:c8:5f:20:63:f4:87: f8:19:25:55:8c:79:4d:ed:91:13:50:19:48:3b:3b: 1f:02:4c:70:a1:53:06:a2:64:a9:49:00:20:73:f0: 57:f2:ad:39:c1:ee:02:51:a2:90:4b:70:47:ef:53: 7f:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:69:78:AB:D0:D9:45:6C:B8:7E:BF:53:44:01:71:09:66:19:6A:59 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143566.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a394::/32 Signature Algorithm: sha256WithRSAEncryption 96:cb:22:d1:8b:33:eb:59:0a:12:21:36:8c:23:80:d7:8a:96: 31:22:c5:0d:8d:be:1d:f1:92:40:4f:c9:1b:9a:3c:79:38:54: ac:16:76:ef:17:5c:99:6a:30:ec:aa:c0:18:6d:d3:55:00:2b: 3d:0f:00:b7:8e:fa:14:c8:40:75:be:ac:67:1e:ab:44:2a:15: 4e:ca:ca:b4:b0:7f:ba:e5:7e:00:27:23:06:d7:47:8a:57:44: 75:46:bc:6c:65:4e:ad:e5:d0:cf:38:6b:cf:82:a7:8c:9e:db: 5b:b6:b8:d9:28:5b:cd:14:e3:d9:a5:f1:3c:95:31:d6:54:43: 29:7b:b9:ef:75:b8:57:50:21:1b:a1:26:71:a0:df:af:46:4a: 74:6e:02:b2:f0:4a:57:ec:c2:40:04:b7:25:b3:95:64:f1:87: 2e:9f:75:7c:92:aa:97:0e:f8:8e:42:8e:33:99:d1:2d:9e:a1: 0d:01:9e:86:35:7f:51:ef:15:49:10:8c:e9:fc:c9:9a:a0:95: ad:bd:7d:bd:ed:95:4a:70:6f:67:3b:5c:b2:56:70:8c:d3:53: b7:be:72:43:d4:a5:17:0f:c8:48:e8:b9:15:5d:4c:c2:de:29: 62:9c:91:ca:b0:de:4a:d2:15:77:52:cf:b1:c0:38:b0:1d:03: ac:99:57:d2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI0dcbSKg9zfyIpRIncn4SVy1vrwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0MFoX DTI3MDMwMzA2MTI0MFowMzExMC8GA1UEAxMoMjc2OTc4QUJEMEQ5NDU2Q0I4N0VC RjUzNDQwMTcxMDk2NjE5NkE1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMn123srETnAKhegUG8FhAJtzisMcvi3hf/gRJe/v4uHD9iz6heBouM67S2J 9yc981dw66a8GU2VdOuktc7/r2M9sR/OldKecvOBJTSPDvd/PkD7LBNap/gWNRkd 2yjwb8pO0g0SXw5j5O9d/fOzM+lH8FO2XOheC/jkuGaP6nhf5m2FHi1mYQUohL8M bCDVDrxPuJnKLO1d5PyDAy8Zm1ylEOlnYo4yTPAOBGBiI+0mssO7xkK/K608sKNn VgnzmKYTHg8g+TRVMLaJyF8gY/SH+BklVYx5Te2RE1AZSDs7HwJMcKFTBqJkqUkA IHPwV/KtOcHuAlGikEtwR+9Tf7ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQnaXir 0NlFbLh+v1NEAXEJZhlqWTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU2Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o5QwDQYJKoZIhvcNAQELBQADggEBAJbLItGLM+tZChIhNowjgNeKljEixQ2Nvh3x kkBPyRuaPHk4VKwWdu8XXJlqMOyqwBht01UAKz0PALeO+hTIQHW+rGceq0QqFU7K yrSwf7rlfgAnIwbXR4pXRHVGvGxlTq3l0M84a8+Cp4ye21u2uNkoW80U49ml8TyV MdZUQyl7ue91uFdQIRuhJnGg369GSnRuArLwSlfswkAEtyWzlWTxhy6fdXySqpcO +I5CjjOZ0S2eoQ0BnoY1f1HvFUkQjOn8yZqgla29fb3tlUpwb2c7XLJWcIzTU7e+ ckPUpRcPyEjouRVdTMLeKWKckcqw3krSFXdSz7HAOLAdA6yZV9I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:57 2026 by rpki-client