$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143575.roa File: AS143575.roa (raw, json) Hash identifier: Ykg7wWcN6ftPqaCP3TOvSX7O4YYuNTI0c45Cc2zqIQc= Subject key identifier: 35:6E:89:70:4A:35:5E:41:88:89:A7:1A:E1:67:7B:B9:7D:1F:70:72 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 654F6D678FC95BD35860085372BA5C318F8F0C08 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143575.roa Signing time: Wed 04 Mar 2026 06:12:49 +0000 ROA not before: Wed 04 Mar 2026 06:07:49 +0000 ROA not after: Wed 03 Mar 2027 06:12:49 +0000 asID: 143575 IP address blocks: 240a:a39d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:4f:6d:67:8f:c9:5b:d3:58:60:08:53:72:ba:5c:31:8f:8f:0c:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:49 2026 GMT Not After : Mar 3 06:12:49 2027 GMT Subject: CN=356E89704A355E418889A71AE1677BB97D1F7072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:0b:d2:03:5d:6f:fe:cc:c4:16:97:0b:22:42: 43:9e:94:51:68:2e:22:0d:46:bd:75:d5:65:18:b0: 16:35:d7:b7:54:ec:4f:b9:2b:85:27:6b:37:17:5e: 64:19:79:e1:06:80:57:45:ec:3a:f1:96:89:84:32: 99:b5:94:9b:de:e3:b4:23:ae:70:b1:d7:55:27:0b: bf:58:a1:3e:c5:eb:5a:f9:09:21:e9:92:40:c7:44: 61:93:5e:24:7b:4e:bd:fc:85:67:6a:b2:ab:34:fd: 06:d1:58:0d:97:68:52:c3:e5:14:6e:bc:9c:36:f6: cb:82:99:ac:b3:88:40:8e:78:7b:5c:b6:59:1b:96: 08:79:18:ee:5d:1e:09:cd:19:d3:35:63:46:e9:1e: ff:24:65:f2:99:68:81:9a:51:60:1d:ab:06:0c:c8: b0:0a:89:59:5b:10:d8:ee:c9:22:1c:89:60:05:08: f8:b5:03:ab:06:a4:a9:b2:b4:a9:37:70:22:88:a5: 99:7b:91:95:22:ab:e9:81:d7:cb:42:1f:6e:21:ce: 59:e1:55:40:7b:6a:c1:7b:32:b6:1a:67:f6:d6:96: 9c:c5:51:6f:5a:57:67:e6:83:85:3d:4e:db:8e:4f: 58:c5:83:78:b1:dd:ec:84:6a:9b:0a:65:62:16:0c: 67:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:6E:89:70:4A:35:5E:41:88:89:A7:1A:E1:67:7B:B9:7D:1F:70:72 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143575.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a39d::/32 Signature Algorithm: sha256WithRSAEncryption 95:df:bf:90:47:4a:aa:8e:18:4a:f4:28:26:24:a1:d5:c4:bc: 10:40:74:07:f1:87:1b:d9:1e:c9:2a:bf:c9:26:85:76:9b:da: b7:05:b5:60:78:76:b4:16:11:d4:8e:df:e5:38:09:50:00:af: 8a:24:53:cb:13:6e:b3:b1:40:f0:eb:81:32:3e:48:6c:ce:3b: 93:c2:e3:bf:ff:2c:f0:5b:0c:4f:fa:ff:0d:72:c7:52:b0:41: 41:06:65:a5:08:fa:58:94:2c:5b:7a:72:7b:a9:94:9f:6d:2f: 4c:bc:f4:74:5d:f4:63:b5:84:95:0d:f4:64:8d:73:99:6f:2b: 57:da:a9:d8:2f:d8:78:9a:c6:e6:34:b8:45:e0:dc:e0:1b:21: 4d:6d:bd:c9:e3:c8:57:13:e5:cd:b5:cf:ae:d5:2f:c9:5e:24: a7:ae:9e:80:8f:4f:09:ec:b4:0d:8d:bc:c7:bf:5f:59:b1:82: 6d:d4:3f:ae:36:e2:24:a0:92:05:ce:c2:ce:cd:d7:04:b6:fb: 3b:e4:96:95:03:74:b8:d7:cc:90:92:e7:85:8f:1d:5b:97:18: 8d:b7:20:da:72:db:cf:cd:06:32:5e:ea:62:0f:96:e6:c4:13: 0e:00:f4:b7:e3:d5:0e:44:d5:a7:26:48:3e:31:6f:7f:45:6d: 67:3b:38:e8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZU9tZ4/JW9NYYAhTcrpcMY+PDAgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0OVoX DTI3MDMwMzA2MTI0OVowMzExMC8GA1UEAxMoMzU2RTg5NzA0QTM1NUU0MTg4ODlB NzFBRTE2NzdCQjk3RDFGNzA3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJwL0gNdb/7MxBaXCyJCQ56UUWguIg1GvXXVZRiwFjXXt1TsT7krhSdrNxde ZBl54QaAV0XsOvGWiYQymbWUm97jtCOucLHXVScLv1ihPsXrWvkJIemSQMdEYZNe JHtOvfyFZ2qyqzT9BtFYDZdoUsPlFG68nDb2y4KZrLOIQI54e1y2WRuWCHkY7l0e Cc0Z0zVjRuke/yRl8plogZpRYB2rBgzIsAqJWVsQ2O7JIhyJYAUI+LUDqwakqbK0 qTdwIoilmXuRlSKr6YHXy0IfbiHOWeFVQHtqwXsythpn9taWnMVRb1pXZ+aDhT1O 245PWMWDeLHd7IRqmwplYhYMZ2sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1bolw SjVeQYiJpxrhZ3u5fR9wcjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o50wDQYJKoZIhvcNAQELBQADggEBAJXfv5BHSqqOGEr0KCYkodXEvBBAdAfxhxvZ Hskqv8kmhXab2rcFtWB4drQWEdSO3+U4CVAAr4okU8sTbrOxQPDrgTI+SGzOO5PC 47//LPBbDE/6/w1yx1KwQUEGZaUI+liULFt6cnuplJ9tL0y89HRd9GO1hJUN9GSN c5lvK1faqdgv2HiaxuY0uEXg3OAbIU1tvcnjyFcT5c21z67VL8leJKeunoCPTwns tA2NvMe/X1mxgm3UP6424iSgkgXOws7N1wS2+zvklpUDdLjXzJCS54WPHVuXGI23 INpy28/NBjJe6mIPlubEEw4A9Lfj1Q5E1acmSD4xb39FbWc7OOg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:46 2026 by rpki-client