$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143571.roa File: AS143571.roa (raw, json) Hash identifier: GJ2uAeAfqU3ldGkGloIxjkMPiNi1nVKKXjCeAwo82Jo= Subject key identifier: 5C:A7:AA:09:81:54:C2:0B:0C:91:1B:30:40:88:06:EF:41:49:91:27 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 68BCA0C78E4E63B0F7E9CB07D04CD25662209DC5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143571.roa Signing time: Wed 04 Mar 2026 06:12:55 +0000 ROA not before: Wed 04 Mar 2026 06:07:55 +0000 ROA not after: Wed 03 Mar 2027 06:12:55 +0000 asID: 143571 IP address blocks: 240a:a399::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:bc:a0:c7:8e:4e:63:b0:f7:e9:cb:07:d0:4c:d2:56:62:20:9d:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:55 2026 GMT Not After : Mar 3 06:12:55 2027 GMT Subject: CN=5CA7AA098154C20B0C911B30408806EF41499127 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:9d:0a:6d:7e:6c:50:fa:04:96:d7:05:7c:fe: de:31:1b:e2:82:a0:5b:54:db:16:bd:37:0c:51:db: 60:2b:e5:d1:ae:2e:53:42:47:55:44:a0:8b:6a:3a: 3a:0e:b5:4a:76:2c:dc:4b:2b:a5:dd:8f:5c:6d:53: 2e:c9:5a:01:25:1f:67:3f:4e:54:90:fa:8c:6e:1c: a9:61:30:07:b8:24:e1:e5:46:4a:d1:39:a1:ec:e6: 24:da:99:96:44:72:c8:8e:f6:46:96:ab:b0:4e:bd: ea:1f:ba:43:b8:69:f7:56:b9:10:21:a9:51:d4:d3: e9:f4:e9:c1:df:10:23:d0:cf:46:a6:43:ae:79:7b: 9a:d5:72:b3:2d:52:8e:f5:7e:8c:b5:bb:4e:8f:69: cf:ca:2f:91:90:36:fb:f9:be:7a:79:3f:4c:b4:e9: c5:84:ef:2e:84:b8:49:c3:36:f4:34:0c:51:f5:cd: 8b:32:0c:5d:0d:ea:36:08:a6:f6:5d:b6:46:ca:2f: 78:3f:74:21:e2:bc:7d:33:cd:e2:bd:0f:f6:03:2b: 45:0e:9b:18:bc:ab:23:81:b5:2b:52:87:16:85:bd: ae:0a:3d:02:c9:54:19:40:c5:28:07:2f:d8:d1:11: b1:4c:f7:ff:ec:89:8a:d2:1e:cb:49:29:b1:b6:08: 85:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A7:AA:09:81:54:C2:0B:0C:91:1B:30:40:88:06:EF:41:49:91:27 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143571.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a399::/32 Signature Algorithm: sha256WithRSAEncryption 33:46:56:d6:32:b7:72:0a:95:a9:05:ad:88:e6:48:14:d2:0c: 24:0f:26:cf:07:c6:5a:60:5e:53:98:84:23:14:51:37:c0:74: cd:bb:b6:ab:62:bb:8d:39:90:7d:af:10:a4:f9:93:26:24:59: 66:4e:3b:e8:6a:52:bc:fd:ce:cf:45:f7:f8:16:c8:41:8b:8d: 25:f5:e2:24:53:38:42:2b:88:b2:ab:60:6a:83:86:93:e8:45: 0a:9b:8c:fc:ea:7a:24:c2:6a:2f:cb:3d:5f:5a:89:88:c9:c0: a6:bf:6e:e1:3d:a1:19:01:d4:6a:9d:11:ea:4e:50:a7:b2:a4: 28:01:5b:6c:11:cc:d8:60:d1:7f:98:3c:00:26:fb:2e:e3:ad: 5c:c0:c2:46:a9:c4:f5:51:8e:f1:b3:b7:f5:f2:45:03:10:d7: 25:03:45:09:df:89:3c:37:79:9d:b7:d5:c4:bc:4b:a2:64:2c: 50:e5:7f:b9:03:89:fd:15:44:50:1e:d5:7e:82:8f:8c:b7:93: 93:a7:ac:d1:57:94:52:db:79:f7:a4:44:60:2c:8d:ee:66:17: 3d:68:b6:5c:ee:59:a9:14:d4:93:a9:ae:04:db:dc:80:f6:c3: a6:c5:35:96:85:dd:4e:20:a2:c3:14:71:53:58:f1:bd:55:6d: d5:4c:30:0c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaLygx45OY7D36csH0EzSVmIgncUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1NVoX DTI3MDMwMzA2MTI1NVowMzExMC8GA1UEAxMoNUNBN0FBMDk4MTU0QzIwQjBDOTEx QjMwNDA4ODA2RUY0MTQ5OTEyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOadCm1+bFD6BJbXBXz+3jEb4oKgW1TbFr03DFHbYCvl0a4uU0JHVUSgi2o6 Og61SnYs3Esrpd2PXG1TLslaASUfZz9OVJD6jG4cqWEwB7gk4eVGStE5oezmJNqZ lkRyyI72RparsE696h+6Q7hp91a5ECGpUdTT6fTpwd8QI9DPRqZDrnl7mtVysy1S jvV+jLW7To9pz8ovkZA2+/m+enk/TLTpxYTvLoS4ScM29DQMUfXNizIMXQ3qNgim 9l22RsoveD90IeK8fTPN4r0P9gMrRQ6bGLyrI4G1K1KHFoW9rgo9AslUGUDFKAcv 2NERsUz3/+yJitIey0kpsbYIhZMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRcp6oJ gVTCCwyRGzBAiAbvQUmRJzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o5kwDQYJKoZIhvcNAQELBQADggEBADNGVtYyt3IKlakFrYjmSBTSDCQPJs8Hxlpg XlOYhCMUUTfAdM27tqtiu405kH2vEKT5kyYkWWZOO+hqUrz9zs9F9/gWyEGLjSX1 4iRTOEIriLKrYGqDhpPoRQqbjPzqeiTCai/LPV9aiYjJwKa/buE9oRkB1GqdEepO UKeypCgBW2wRzNhg0X+YPAAm+y7jrVzAwkapxPVRjvGzt/XyRQMQ1yUDRQnfiTw3 eZ231cS8S6JkLFDlf7kDif0VRFAe1X6Cj4y3k5OnrNFXlFLbefekRGAsje5mFz1o tlzuWakU1JOprgTb3ID2w6bFNZaF3U4gosMUcVNY8b1VbdVMMAw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:19 2026 by rpki-client