$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143587.roa File: AS143587.roa (raw, json) Hash identifier: L8ZYTRJIZFlE43eAxOICs1nSHbcVistocHQxZbsuDtQ= Subject key identifier: CA:FC:22:F2:7B:5B:B3:AD:A9:A4:28:55:2B:52:52:F2:75:1B:BB:42 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7F63CCA2AB38210B5CA87924408005CA3830295C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143587.roa Signing time: Wed 04 Mar 2026 06:13:07 +0000 ROA not before: Wed 04 Mar 2026 06:08:07 +0000 ROA not after: Wed 03 Mar 2027 06:13:07 +0000 asID: 143587 IP address blocks: 240a:a3a9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:63:cc:a2:ab:38:21:0b:5c:a8:79:24:40:80:05:ca:38:30:29:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:07 2026 GMT Not After : Mar 3 06:13:07 2027 GMT Subject: CN=CAFC22F27B5BB3ADA9A428552B5252F2751BBB42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:64:59:e0:93:c0:3e:33:3e:c3:5b:68:78:90: bf:42:e4:c5:18:2d:46:de:5d:6c:cd:e2:7a:c6:65: c9:15:33:4c:76:4a:91:2f:d8:04:cb:89:a8:ed:d0: 10:24:50:fc:1f:67:67:b4:76:9b:7b:4b:1e:35:eb: 7b:85:ea:48:f3:66:b1:82:35:f9:cf:61:82:64:ef: a9:5f:bb:e4:7e:25:d2:73:43:54:89:88:d5:b2:fd: 22:04:59:c1:2f:7f:27:a6:3a:c3:f8:fc:52:fa:08: 48:fd:54:f2:b0:7e:57:2b:f7:e7:ad:6a:bd:ea:3a: eb:dd:03:f4:48:14:e2:93:90:c4:34:71:30:1c:1b: 43:4e:6b:3e:85:c4:95:1f:37:bb:86:48:b1:e5:ff: ed:e1:a5:be:6b:e6:c9:55:71:5f:c7:d9:2b:8c:95: 5c:c1:4b:ef:fd:97:4f:1d:05:1c:35:cb:2a:09:e5: 82:45:15:7b:6a:a1:2d:f8:da:95:53:fb:9d:76:64: 7a:67:7a:0a:cf:c2:34:82:0e:58:e0:24:79:04:96: a3:19:1b:fa:3e:90:3e:27:20:2b:07:a1:55:46:47: b0:41:7b:50:bf:95:90:6d:b7:15:9e:cf:74:8e:56: bd:ee:fe:df:0a:ee:5d:5c:20:d9:39:c2:0e:dc:7e: 4f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:FC:22:F2:7B:5B:B3:AD:A9:A4:28:55:2B:52:52:F2:75:1B:BB:42 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143587.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3a9::/32 Signature Algorithm: sha256WithRSAEncryption 16:e7:d3:d0:c5:1b:68:73:28:c0:05:06:e5:e3:d9:05:9b:ff: 6a:77:85:5d:88:2d:b8:b6:36:33:09:46:51:5b:99:d6:55:ae: b5:a1:15:5d:58:12:35:1c:a9:55:1a:21:04:d0:08:0a:8b:14: 05:d7:1e:d4:1b:a1:b6:98:41:6f:6a:bf:a9:bc:4c:5b:32:90: a7:68:42:e0:50:27:82:52:d7:46:da:9d:c7:3e:3b:5a:ef:94: f8:f2:db:4d:d4:28:2c:be:5e:21:d6:a2:d2:ef:5e:36:34:03: d0:ae:bd:50:04:8f:0f:b6:12:01:f3:60:83:f1:d0:dc:e0:54: aa:a0:06:93:38:b2:17:50:3a:72:90:5c:7b:76:75:0c:ef:06: a7:3f:62:68:cb:55:ce:d8:99:79:b4:06:70:64:27:60:3c:de: fe:23:27:2a:3e:81:de:ab:5b:7d:67:9a:5b:5d:38:c3:04:e5: d8:c5:85:f9:1d:0a:e2:79:17:87:a5:d7:a8:5a:46:b0:f8:92: 54:14:85:ec:42:81:e7:69:ce:5a:17:21:16:e2:5f:ea:d4:f7: 6c:ef:cc:f8:86:e7:1b:b7:e6:62:42:0a:66:f4:35:e7:06:4e: 04:fb:31:c1:1f:f4:c0:eb:e2:9d:4a:86:b3:e5:bf:fa:d8:94: 4f:0f:49:89 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUf2PMoqs4IQtcqHkkQIAFyjgwKVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwN1oX DTI3MDMwMzA2MTMwN1owMzExMC8GA1UEAxMoQ0FGQzIyRjI3QjVCQjNBREE5QTQy ODU1MkI1MjUyRjI3NTFCQkI0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANlkWeCTwD4zPsNbaHiQv0LkxRgtRt5dbM3iesZlyRUzTHZKkS/YBMuJqO3Q ECRQ/B9nZ7R2m3tLHjXre4XqSPNmsYI1+c9hgmTvqV+75H4l0nNDVImI1bL9IgRZ wS9/J6Y6w/j8UvoISP1U8rB+Vyv3561qveo6690D9EgU4pOQxDRxMBwbQ05rPoXE lR83u4ZIseX/7eGlvmvmyVVxX8fZK4yVXMFL7/2XTx0FHDXLKgnlgkUVe2qhLfja lVP7nXZkemd6Cs/CNIIOWOAkeQSWoxkb+j6QPicgKwehVUZHsEF7UL+VkG23FZ7P dI5Wve7+3wruXVwg2TnCDtx+T1cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTK/CLy e1uzramkKFUrUlLydRu7QjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o6kwDQYJKoZIhvcNAQELBQADggEBABbn09DFG2hzKMAFBuXj2QWb/2p3hV2ILbi2 NjMJRlFbmdZVrrWhFV1YEjUcqVUaIQTQCAqLFAXXHtQbobaYQW9qv6m8TFsykKdo QuBQJ4JS10bancc+O1rvlPjy203UKCy+XiHWotLvXjY0A9CuvVAEjw+2EgHzYIPx 0NzgVKqgBpM4shdQOnKQXHt2dQzvBqc/YmjLVc7YmXm0BnBkJ2A83v4jJyo+gd6r W31nmltdOMME5djFhfkdCuJ5F4el16haRrD4klQUhexCgedpzloXIRbiX+rU92zv zPiG5xu35mJCCmb0NecGTgT7McEf9MDr4p1KhrPlv/rYlE8PSYk= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:31 2026 by rpki-client