$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143591.roa File: AS143591.roa (raw, json) Hash identifier: 3SGETJcxtfxLZQpAhmwA7tAOFu14B/GFpTFWqE33udk= Subject key identifier: 3E:17:42:82:6A:30:F1:9D:63:6F:39:98:6D:97:04:D2:F1:42:EB:15 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 501D08A5E041CE1CABF983AF7B6598EBE5F7C1AF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143591.roa Signing time: Wed 04 Mar 2026 06:14:31 +0000 ROA not before: Wed 04 Mar 2026 06:09:31 +0000 ROA not after: Wed 03 Mar 2027 06:14:31 +0000 asID: 143591 IP address blocks: 240a:a3ad::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:1d:08:a5:e0:41:ce:1c:ab:f9:83:af:7b:65:98:eb:e5:f7:c1:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:31 2026 GMT Not After : Mar 3 06:14:31 2027 GMT Subject: CN=3E1742826A30F19D636F39986D9704D2F142EB15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:16:e3:c6:19:73:90:94:44:e2:a4:f0:9f:c2: 27:fd:0e:a3:a2:cd:e6:a4:94:30:f9:29:6b:ed:9a: a6:62:54:1e:da:e7:c7:49:e8:48:f1:14:2d:f4:7d: 7f:f9:ca:ff:9b:4c:49:bf:73:a0:06:99:00:bc:b8: 57:75:ce:d1:c3:ad:65:18:f9:52:ac:6e:f5:38:73: c0:66:aa:0e:53:dc:10:0d:91:3c:aa:35:66:6c:d9: 5b:b1:7a:2d:d3:69:f2:9b:04:87:86:be:b2:8a:e5: ea:db:0a:5b:5f:ce:51:8b:6a:fd:07:f2:d2:98:6e: 10:03:d3:76:7b:1e:26:5e:ee:b7:07:40:2c:c4:8c: 37:48:29:51:09:f7:68:f8:a8:ee:53:2f:00:fc:29: fb:ba:a9:de:fe:27:d9:6c:50:72:de:90:f2:c5:f1: c0:8b:22:5b:f0:8f:da:a3:aa:c1:3d:c3:d8:08:96: 2c:6d:e2:84:34:ba:cc:42:8f:59:58:a7:f5:35:0d: 4c:34:f7:6e:37:ea:5b:d2:b9:72:cc:78:e8:0a:37: eb:75:65:5a:d6:33:36:38:5c:dc:75:3e:75:1f:4b: bb:2d:d6:65:bb:77:a2:d7:d2:55:5e:b0:17:20:c0: e1:35:92:a9:67:3b:6c:1e:d0:f7:cd:30:4b:4a:bd: cd:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:17:42:82:6A:30:F1:9D:63:6F:39:98:6D:97:04:D2:F1:42:EB:15 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143591.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3ad::/32 Signature Algorithm: sha256WithRSAEncryption 63:53:46:0f:89:f2:2a:48:5c:33:01:8a:d8:e7:f2:c3:0a:c2: 2f:dd:c7:35:55:9c:68:47:21:55:32:10:c6:47:8e:15:7a:77: 47:e6:24:8f:0f:f5:b9:02:45:4b:47:61:1d:b8:69:73:8e:89: a5:d6:e9:5d:2d:64:9b:d7:e9:0b:9c:7b:91:a5:00:d3:5f:04: 7f:ee:eb:f4:57:e1:95:a6:19:25:5a:a0:4d:8a:fc:df:cf:f4: d4:cc:af:2c:9d:80:02:0b:f5:1f:d5:c3:46:f8:e7:e9:a2:da: 84:e8:79:cd:d2:c1:da:ad:2f:2d:9c:0d:fc:08:f2:ea:e3:da: 77:c5:17:5e:c4:39:60:d0:79:6d:4c:29:b4:45:b9:e2:12:43: 2a:67:0d:02:d4:f3:3c:a1:cc:4e:35:06:17:64:03:5a:1d:76: ff:64:dc:86:e5:b5:45:8f:ba:82:1a:04:76:e7:fe:e0:72:00: 28:19:04:d3:f8:33:6b:b9:ff:88:2d:6c:fd:40:a8:8c:d5:cf: 4f:43:27:97:b4:08:4b:99:da:98:5a:71:06:c4:5f:f1:b9:60: b4:b9:ee:4a:15:3d:4d:91:42:3b:d8:0b:ac:87:e8:42:b6:2e: 3e:cf:4f:f5:11:b9:b9:cf:11:8e:79:05:20:34:d1:51:0d:da: 3f:78:0b:5a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUB0IpeBBzhyr+YOve2WY6+X3wa8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzMVoX DTI3MDMwMzA2MTQzMVowMzExMC8GA1UEAxMoM0UxNzQyODI2QTMwRjE5RDYzNkYz OTk4NkQ5NzA0RDJGMTQyRUIxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0W48YZc5CUROKk8J/CJ/0Oo6LN5qSUMPkpa+2apmJUHtrnx0noSPEULfR9 f/nK/5tMSb9zoAaZALy4V3XO0cOtZRj5Uqxu9ThzwGaqDlPcEA2RPKo1ZmzZW7F6 LdNp8psEh4a+sorl6tsKW1/OUYtq/Qfy0phuEAPTdnseJl7utwdALMSMN0gpUQn3 aPio7lMvAPwp+7qp3v4n2WxQct6Q8sXxwIsiW/CP2qOqwT3D2AiWLG3ihDS6zEKP WVin9TUNTDT3bjfqW9K5csx46Ao363VlWtYzNjhc3HU+dR9Luy3WZbt3otfSVV6w FyDA4TWSqWc7bB7Q980wS0q9zTMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ+F0KC ajDxnWNvOZhtlwTS8ULrFTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o60wDQYJKoZIhvcNAQELBQADggEBAGNTRg+J8ipIXDMBitjn8sMKwi/dxzVVnGhH IVUyEMZHjhV6d0fmJI8P9bkCRUtHYR24aXOOiaXW6V0tZJvX6Quce5GlANNfBH/u 6/RX4ZWmGSVaoE2K/N/P9NTMryydgAIL9R/Vw0b45+mi2oToec3SwdqtLy2cDfwI 8urj2nfFF17EOWDQeW1MKbRFueISQypnDQLU8zyhzE41BhdkA1oddv9k3IbltUWP uoIaBHbn/uByACgZBNP4M2u5/4gtbP1AqIzVz09DJ5e0CEuZ2phacQbEX/G5YLS5 7koVPU2RQjvYC6yH6EK2Lj7PT/URubnPEY55BSA00VEN2j94C1o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:09 2026 by rpki-client