$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143570.roa File: AS143570.roa (raw, json) Hash identifier: kDeMfw76CWVCQFBBak0CYUaqEeVmYOSdiA+P0zpFpI4= Subject key identifier: C2:33:02:ED:E3:F4:9C:24:BF:86:B4:35:5F:84:2B:13:28:07:6A:A4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 51B71EE83D067D56B61495BC58AFFF0ACCBB6CEF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143570.roa Signing time: Wed 04 Mar 2026 06:12:52 +0000 ROA not before: Wed 04 Mar 2026 06:07:52 +0000 ROA not after: Wed 03 Mar 2027 06:12:52 +0000 asID: 143570 IP address blocks: 240a:a398::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:b7:1e:e8:3d:06:7d:56:b6:14:95:bc:58:af:ff:0a:cc:bb:6c:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:52 2026 GMT Not After : Mar 3 06:12:52 2027 GMT Subject: CN=C23302EDE3F49C24BF86B4355F842B1328076AA4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:06:5d:b0:e0:46:06:e6:9f:be:1e:d5:c1:2f: 83:c9:90:48:a7:54:28:a3:e2:5d:6d:36:5e:f8:75: 9a:78:0f:12:35:38:57:ac:4a:d4:7a:4f:ae:be:a3: b6:96:e0:df:e3:21:16:08:94:e4:b8:29:9f:b1:07: 85:9e:4f:c7:51:a4:d6:51:36:12:d0:eb:83:eb:7e: 5f:2a:ff:2b:90:61:1f:f6:8d:5c:6f:47:7d:fc:c0: b9:44:f0:ee:59:5d:13:27:b8:1e:8b:9d:67:f8:e8: 03:72:a3:5f:a6:5d:b9:56:08:73:a6:2e:2d:6b:99: b6:64:d5:05:52:6c:1d:6b:cb:8d:0e:e7:b3:94:53: 66:b4:58:fc:82:f8:3f:84:f7:50:33:07:10:16:22: 65:94:0c:37:99:bf:df:b0:f7:26:b1:a2:67:1d:14: 63:5b:3d:0d:21:3c:fa:23:3f:25:5d:c6:36:fa:36: d3:24:4a:89:73:45:74:90:59:8c:b4:99:89:0c:a0: a5:08:54:7d:12:78:07:2a:a0:ea:87:56:25:07:0f: 49:e8:72:ce:5b:85:a9:c2:41:a4:a6:62:a0:d3:0b: 23:ac:2c:53:ae:19:1a:89:a6:6b:fa:bc:55:55:a0: aa:7e:0d:61:28:2b:c6:ca:b0:2e:31:42:fb:49:cf: 21:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:33:02:ED:E3:F4:9C:24:BF:86:B4:35:5F:84:2B:13:28:07:6A:A4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143570.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a398::/32 Signature Algorithm: sha256WithRSAEncryption 9a:6e:31:82:ce:0b:c1:25:a5:a5:ee:42:c8:42:e3:12:28:52: e8:0b:20:af:08:d4:ab:f9:6c:ba:ba:dd:dc:f3:f9:f2:74:32: c1:68:38:7d:ba:a6:e9:97:a1:43:dc:93:ae:57:52:44:46:2f: 7f:fd:2b:5b:c1:05:d4:2d:81:a3:4d:e1:14:92:87:94:6c:4c: e2:6d:bb:1d:92:12:65:33:3d:7c:c1:0b:f7:49:17:f0:f6:28: 4c:49:6f:26:1d:0c:2f:5f:e3:69:2b:af:d9:ef:3d:c4:84:d4: 83:f2:9a:f8:04:12:1e:b6:05:36:b5:15:61:d0:99:d8:d9:62: 56:f3:c0:2c:c4:bb:5b:03:8f:d7:00:35:7b:a2:9f:d2:4a:08: 3f:aa:8b:7a:6c:27:85:ce:6f:18:c5:c7:0b:18:e2:80:7c:68: b1:16:ef:31:46:19:6d:68:9f:e6:69:99:c4:7e:a6:b9:a3:6f: f6:aa:87:e7:f7:0a:4b:e7:8e:39:cc:ad:9e:72:2f:31:1e:df: e1:73:88:40:78:b7:f8:89:e4:e9:2f:30:ef:51:09:f0:a0:f4: c3:3a:56:1f:be:40:77:9c:21:12:e6:82:5b:7d:d7:4d:b6:03: 55:18:52:a3:b1:94:45:ce:13:17:40:9b:08:c6:17:8a:21:a7: e3:22:69:05 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUbce6D0GfVa2FJW8WK//Csy7bO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1MloX DTI3MDMwMzA2MTI1MlowMzExMC8GA1UEAxMoQzIzMzAyRURFM0Y0OUMyNEJGODZC NDM1NUY4NDJCMTMyODA3NkFBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO0GXbDgRgbmn74e1cEvg8mQSKdUKKPiXW02Xvh1mngPEjU4V6xK1HpPrr6j tpbg3+MhFgiU5Lgpn7EHhZ5Px1Gk1lE2EtDrg+t+Xyr/K5BhH/aNXG9HffzAuUTw 7lldEye4HoudZ/joA3KjX6ZduVYIc6YuLWuZtmTVBVJsHWvLjQ7ns5RTZrRY/IL4 P4T3UDMHEBYiZZQMN5m/37D3JrGiZx0UY1s9DSE8+iM/JV3GNvo20yRKiXNFdJBZ jLSZiQygpQhUfRJ4Byqg6odWJQcPSehyzluFqcJBpKZioNMLI6wsU64ZGomma/q8 VVWgqn4NYSgrxsqwLjFC+0nPIe0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTCMwLt 4/ScJL+GtDVfhCsTKAdqpDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o5gwDQYJKoZIhvcNAQELBQADggEBAJpuMYLOC8ElpaXuQshC4xIoUugLIK8I1Kv5 bLq63dzz+fJ0MsFoOH26pumXoUPck65XUkRGL3/9K1vBBdQtgaNN4RSSh5RsTOJt ux2SEmUzPXzBC/dJF/D2KExJbyYdDC9f42krr9nvPcSE1IPymvgEEh62BTa1FWHQ mdjZYlbzwCzEu1sDj9cANXuin9JKCD+qi3psJ4XObxjFxwsY4oB8aLEW7zFGGW1o n+ZpmcR+prmjb/aqh+f3CkvnjjnMrZ5yLzEe3+FziEB4t/iJ5OkvMO9RCfCg9MM6 Vh++QHecIRLmglt91022A1UYUqOxlEXOExdAmwjGF4ohp+MiaQU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:34 2026 by rpki-client