$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143569.roa File: AS143569.roa (raw, json) Hash identifier: qsI9FcwtHbsC0B3t9wW3mhhYGIicnEvU1GwyPF4vjHY= Subject key identifier: 42:0E:00:94:27:36:83:8C:50:E9:BA:26:3A:35:31:70:7D:C2:31:DE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E34B766DAD9F38E31CC20CF49EBFFB216FCC5EC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143569.roa Signing time: Wed 04 Mar 2026 06:15:52 +0000 ROA not before: Wed 04 Mar 2026 06:10:52 +0000 ROA not after: Wed 03 Mar 2027 06:15:52 +0000 asID: 143569 IP address blocks: 240a:a397::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:34:b7:66:da:d9:f3:8e:31:cc:20:cf:49:eb:ff:b2:16:fc:c5:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:52 2026 GMT Not After : Mar 3 06:15:52 2027 GMT Subject: CN=420E00942736838C50E9BA263A3531707DC231DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:c0:e7:d6:fb:b4:f0:ae:fc:14:ea:3c:b9:40: 3f:f4:3b:63:25:df:6d:1d:9c:2b:d4:27:95:36:bf: e7:b8:1b:6d:0f:55:c8:40:2b:58:68:af:9e:3d:b0: 60:c0:48:0f:50:9a:db:e4:b0:2a:ba:0b:f1:61:6a: 28:48:d1:e8:3e:9b:95:11:90:55:10:56:48:c8:91: b7:48:26:d2:21:67:d1:5f:9d:f7:29:29:4f:9e:4f: 3a:8f:b7:95:79:7a:fb:6e:15:c9:91:22:5e:b1:8c: 74:b2:5c:cc:3d:97:2a:d5:fd:94:d3:8d:36:76:12: 22:35:40:cb:d7:87:1b:77:bf:63:cc:c8:af:11:d1: 29:6e:d9:e8:b3:b0:59:e9:88:a0:f2:20:57:b1:24: 38:25:c7:f2:95:2a:3b:65:8d:3c:55:88:ee:94:77: f1:78:5a:6c:86:68:cd:af:3a:a3:8e:e5:2d:4e:65: 49:5c:0f:49:7c:fd:89:9f:67:f5:d8:24:47:e1:65: 10:a4:f7:31:f4:68:4b:f9:9a:2f:eb:b1:f9:e7:2c: 9a:d6:8b:dd:c7:20:dd:fd:f9:bb:24:a5:a0:d3:b1: f1:87:a8:f1:c6:ce:5f:72:c7:0c:de:90:9c:a3:75: 37:53:f7:c6:4d:a9:4d:15:53:d4:56:f0:a3:86:44: 55:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:0E:00:94:27:36:83:8C:50:E9:BA:26:3A:35:31:70:7D:C2:31:DE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143569.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a397::/32 Signature Algorithm: sha256WithRSAEncryption 11:77:d4:7a:7b:99:0e:8f:52:a1:a8:a9:8b:04:a9:71:d5:ba: bb:ec:c8:55:9c:73:3c:69:38:ff:4e:4a:98:b2:6b:62:27:2b: db:78:ed:29:5f:3d:6b:bf:00:e7:d1:08:f5:bf:2c:94:ca:f8: 81:57:4e:b4:4e:1f:25:40:8a:5f:43:28:d9:af:7e:b9:80:a2: 44:33:f5:e2:c7:14:79:96:d8:18:a1:5c:3c:b4:3c:b7:f2:ee: d8:35:61:05:33:fd:4a:d7:83:45:bb:d8:6f:9e:b9:ee:eb:2d: b0:cf:90:b2:7a:67:eb:72:69:34:fe:b1:4b:51:46:fe:83:c7: 9e:6e:5c:2b:fc:57:ce:88:0c:3e:b8:2c:ca:de:52:ea:bc:fa: fd:71:88:f6:20:c0:a5:a7:c9:35:5f:92:c8:73:39:e6:ac:d1: 38:ae:75:89:46:12:89:fe:b1:2c:1a:44:e3:60:16:18:3c:43: 83:05:ca:82:ee:ce:a8:01:d1:70:c6:a6:85:4d:18:12:54:83: f2:f6:0b:01:03:60:72:ac:ec:bf:35:6d:0b:d7:19:9b:5f:c2: d7:ed:0f:64:f3:aa:57:ac:fb:c6:d5:99:30:92:e5:71:b9:fd: 68:12:02:c1:25:a7:ea:93:1d:31:ea:12:4a:f4:bc:f2:d3:77: 0c:d4:fe:06 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPjS3ZtrZ844xzCDPSev/shb8xewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA1MloX DTI3MDMwMzA2MTU1MlowMzExMC8GA1UEAxMoNDIwRTAwOTQyNzM2ODM4QzUwRTlC QTI2M0EzNTMxNzA3REMyMzFERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI3A59b7tPCu/BTqPLlAP/Q7YyXfbR2cK9QnlTa/57gbbQ9VyEArWGivnj2w YMBID1Ca2+SwKroL8WFqKEjR6D6blRGQVRBWSMiRt0gm0iFn0V+d9ykpT55POo+3 lXl6+24VyZEiXrGMdLJczD2XKtX9lNONNnYSIjVAy9eHG3e/Y8zIrxHRKW7Z6LOw WemIoPIgV7EkOCXH8pUqO2WNPFWI7pR38XhabIZoza86o47lLU5lSVwPSXz9iZ9n 9dgkR+FlEKT3MfRoS/maL+ux+ecsmtaL3ccg3f35uySloNOx8Yeo8cbOX3LHDN6Q nKN1N1P3xk2pTRVT1Fbwo4ZEVYUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRCDgCU JzaDjFDpuiY6NTFwfcIx3jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o5cwDQYJKoZIhvcNAQELBQADggEBABF31Hp7mQ6PUqGoqYsEqXHVurvsyFWcczxp OP9OSpiya2InK9t47SlfPWu/AOfRCPW/LJTK+IFXTrROHyVAil9DKNmvfrmAokQz 9eLHFHmW2BihXDy0PLfy7tg1YQUz/UrXg0W72G+eue7rLbDPkLJ6Z+tyaTT+sUtR Rv6Dx55uXCv8V86IDD64LMreUuq8+v1xiPYgwKWnyTVfkshzOeas0TiudYlGEon+ sSwaRONgFhg8Q4MFyoLuzqgB0XDGpoVNGBJUg/L2CwEDYHKs7L81bQvXGZtfwtft D2Tzqles+8bVmTCS5XG5/WgSAsElp+qTHTHqEkr0vPLTdwzU/gY= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:03 2026 by rpki-client