$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143582.roa File: AS143582.roa (raw, json) Hash identifier: psRvHI93VVkTvpbGpei5bKpggRitgeDxx4ZsVrmFExE= Subject key identifier: 9B:F1:7D:A6:3A:5E:19:D2:BF:00:69:C3:B2:6C:8F:A9:A4:91:BF:8D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 595598DEA714F32C26A1A37C2761BA8061D7B651 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143582.roa Signing time: Wed 04 Mar 2026 06:15:25 +0000 ROA not before: Wed 04 Mar 2026 06:10:25 +0000 ROA not after: Wed 03 Mar 2027 06:15:25 +0000 asID: 143582 IP address blocks: 240a:a3a4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:55:98:de:a7:14:f3:2c:26:a1:a3:7c:27:61:ba:80:61:d7:b6:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:25 2026 GMT Not After : Mar 3 06:15:25 2027 GMT Subject: CN=9BF17DA63A5E19D2BF0069C3B26C8FA9A491BF8D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e2:2f:ef:2e:6b:65:a3:d7:2b:ad:28:9c:47: a5:e2:35:37:a7:ca:07:a9:13:aa:84:50:ee:10:2d: 43:79:ac:2e:fe:01:b3:a8:45:8f:db:94:c4:be:83: 90:a0:0d:c6:58:2b:5e:eb:5a:79:77:c2:cc:f8:02: d7:83:82:8d:13:ac:9b:cd:a3:4e:1a:8d:6a:3f:1c: 5e:29:50:3a:57:e2:f4:85:04:07:b0:8e:c6:94:c1: 73:36:76:30:7b:8a:de:ef:91:e7:ff:85:85:7e:44: a7:41:9c:f1:d1:ce:91:03:5a:29:31:01:e0:e6:98: aa:11:7e:9c:11:97:7f:65:8f:a3:99:80:2c:83:84: fd:84:d0:d1:dc:c9:96:9d:7c:5f:53:0f:32:c7:14: c4:ec:4f:18:a9:0b:8f:ae:2d:28:42:a0:66:6b:0e: d9:db:78:47:fc:99:70:94:df:d8:6d:28:3c:da:00: 17:04:8f:20:a6:8e:f2:e9:eb:99:0e:d5:de:42:39: ad:ed:d0:2c:b9:a7:f9:ea:18:f9:91:e8:0e:89:2d: 6f:59:47:e9:46:84:0d:71:a6:5e:ad:c0:8f:f3:04: 82:0a:27:d0:c5:c4:8a:b1:ec:d9:5b:61:ae:f7:37: f4:3a:7a:50:3b:fe:0a:66:70:37:bd:58:11:db:23: f6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:F1:7D:A6:3A:5E:19:D2:BF:00:69:C3:B2:6C:8F:A9:A4:91:BF:8D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143582.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3a4::/32 Signature Algorithm: sha256WithRSAEncryption be:aa:27:3d:3e:70:ff:60:c9:e1:43:3b:38:2a:b8:a9:e8:19: 3f:92:9e:4f:c7:62:f5:7a:10:fe:a9:32:ab:70:a4:de:16:9b: 8e:48:43:40:59:65:ab:7c:ae:12:83:63:df:74:b3:74:0d:48: 73:9c:b1:71:67:ff:3a:c1:54:4b:e4:72:2c:1e:65:35:e4:c8: 18:95:ae:95:ee:df:38:bd:86:f9:1d:78:1d:05:33:93:4f:98: 6c:78:7a:08:bd:c5:3c:46:10:04:ff:bc:fb:85:ea:e2:a9:7c: d9:9f:cf:b6:5a:53:cf:83:43:a4:cc:7c:db:94:65:0c:65:47: d9:39:9c:b2:13:fa:8c:58:8b:f2:d8:8b:a7:43:3a:e4:e1:b8: 97:e4:2d:66:ce:38:17:f0:43:b8:b1:18:df:d2:e0:b6:4e:4a: f3:09:3a:91:3c:ff:6c:d2:aa:87:53:a0:33:15:b9:88:37:7c: 17:1b:fb:bf:12:1a:e0:15:a3:05:c8:17:cd:c6:2d:98:82:e1: 5f:da:62:9c:32:db:5d:89:9f:3d:8d:f4:d9:75:7f:11:8e:8e: eb:05:0e:b2:b7:41:48:ad:b7:d9:12:c4:6d:a7:96:35:5c:fd: d6:10:db:39:cd:bf:5a:02:c8:99:e4:3c:72:6a:cd:d4:4a:b9: f3:d1:e7:da -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWVWY3qcU8ywmoaN8J2G6gGHXtlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyNVoX DTI3MDMwMzA2MTUyNVowMzExMC8GA1UEAxMoOUJGMTdEQTYzQTVFMTlEMkJGMDA2 OUMzQjI2QzhGQTlBNDkxQkY4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMziL+8ua2Wj1yutKJxHpeI1N6fKB6kTqoRQ7hAtQ3msLv4Bs6hFj9uUxL6D kKANxlgrXutaeXfCzPgC14OCjROsm82jThqNaj8cXilQOlfi9IUEB7COxpTBczZ2 MHuK3u+R5/+FhX5Ep0Gc8dHOkQNaKTEB4OaYqhF+nBGXf2WPo5mALIOE/YTQ0dzJ lp18X1MPMscUxOxPGKkLj64tKEKgZmsO2dt4R/yZcJTf2G0oPNoAFwSPIKaO8unr mQ7V3kI5re3QLLmn+eoY+ZHoDoktb1lH6UaEDXGmXq3Aj/MEggon0MXEirHs2Vth rvc39Dp6UDv+CmZwN71YEdsj9qkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSb8X2m Ol4Z0r8AacOybI+ppJG/jTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU4Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o6QwDQYJKoZIhvcNAQELBQADggEBAL6qJz0+cP9gyeFDOzgquKnoGT+Snk/HYvV6 EP6pMqtwpN4Wm45IQ0BZZat8rhKDY990s3QNSHOcsXFn/zrBVEvkciweZTXkyBiV rpXu3zi9hvkdeB0FM5NPmGx4egi9xTxGEAT/vPuF6uKpfNmfz7ZaU8+DQ6TMfNuU ZQxlR9k5nLIT+oxYi/LYi6dDOuThuJfkLWbOOBfwQ7ixGN/S4LZOSvMJOpE8/2zS qodToDMVuYg3fBcb+78SGuAVowXIF83GLZiC4V/aYpwy212Jnz2N9Nl1fxGOjusF DrK3QUitt9kSxG2nljVc/dYQ2znNv1oCyJnkPHJqzdRKufPR59o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:33 2026 by rpki-client