$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143593.roa File: AS143593.roa (raw, json) Hash identifier: 4kQaWmBCdtOBY8k/b9VI9UPyXyVHUeepMlvV6xWDRno= Subject key identifier: A7:88:D1:B2:C4:94:70:6B:AE:9F:E2:3E:81:69:F6:48:02:69:A2:9B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1F5059334D9A85F551FA71E9055835577BA2329F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143593.roa Signing time: Wed 04 Mar 2026 06:13:53 +0000 ROA not before: Wed 04 Mar 2026 06:08:53 +0000 ROA not after: Wed 03 Mar 2027 06:13:53 +0000 asID: 143593 IP address blocks: 240a:a3af::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:50:59:33:4d:9a:85:f5:51:fa:71:e9:05:58:35:57:7b:a2:32:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:53 2026 GMT Not After : Mar 3 06:13:53 2027 GMT Subject: CN=A788D1B2C494706BAE9FE23E8169F6480269A29B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:41:64:43:ac:0f:a3:67:6b:6e:de:b7:88:a3: 51:a9:e3:18:89:50:fe:93:32:5c:7f:61:73:53:5d: 6f:c8:90:b2:20:3d:ee:15:81:a4:c6:c0:83:13:b8: 4c:5e:45:f0:39:f5:0d:4f:0d:ee:4b:f4:58:08:3f: ff:de:8b:b3:ad:39:83:ce:f8:d3:7f:97:c5:06:92: 51:10:6c:49:e0:91:cc:cb:24:57:77:89:82:57:9c: 90:c5:44:4b:29:e5:b1:e6:6e:d1:d6:fe:9e:81:55: d8:50:d6:aa:95:44:bb:86:6f:e1:3f:28:4d:40:d5: 6c:d3:10:e0:0a:37:cd:22:62:b8:e8:b3:30:79:b6: 75:5f:4a:ae:6d:6a:b2:a9:07:69:53:31:f7:e6:87: 7f:bf:99:93:fa:ae:8d:7d:85:d2:11:a8:5e:59:3f: f2:e7:48:b0:a4:e8:9a:3a:8d:83:71:da:87:86:a2: 9c:e4:07:81:bc:64:48:ca:6d:9e:37:77:0c:ed:75: 32:fe:98:8a:3b:2c:1d:61:08:59:67:d2:ef:ce:fb: 44:47:22:f0:04:05:74:b6:7d:55:b5:6f:93:30:42: 72:e8:43:62:34:d7:49:55:ef:4b:48:d4:59:6b:62: 20:2c:ef:a7:e1:2f:ce:2d:33:fe:59:bd:3a:61:f4: a3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:88:D1:B2:C4:94:70:6B:AE:9F:E2:3E:81:69:F6:48:02:69:A2:9B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143593.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3af::/32 Signature Algorithm: sha256WithRSAEncryption 8d:97:64:77:31:73:54:c2:bf:d1:9d:6d:bc:e9:25:15:56:6d: b8:47:4f:d9:9c:d1:54:6f:bb:a8:eb:f9:68:06:28:38:47:83: a5:75:74:4f:ca:27:da:fe:c6:8b:ee:fc:e7:8e:81:e8:96:ec: 37:35:60:9c:54:f2:38:a8:d2:13:0a:ec:7b:84:d0:1a:e1:d1: 1c:3f:76:9b:f1:a2:63:3c:97:4c:73:5c:a0:f6:13:ea:da:1a: 1b:9c:f6:71:95:4f:69:8b:21:68:27:82:c7:52:a9:c9:ab:85: e5:74:6b:b5:dd:1c:d6:c7:46:76:18:e7:a9:45:ae:d5:1e:15: 24:8e:27:b4:2b:08:b7:7a:57:a5:24:c2:b1:25:ce:16:b7:5e: 97:c8:5c:cb:d7:24:f6:e9:8a:92:c5:37:83:65:86:8a:c0:0d: f5:96:c8:98:30:2e:6a:51:2c:02:ed:42:cf:b6:d4:f8:70:b3: 22:8a:9b:cb:14:7e:87:c8:1f:2c:da:95:b7:83:76:8b:59:05: c0:a1:02:8f:6f:e0:c1:02:31:7e:55:b7:d4:57:bf:f6:ad:82: 56:d7:2a:0f:e8:bf:b9:a1:2c:12:1b:60:5e:b3:73:0c:e9:34: 07:d6:59:4b:7d:c7:b0:68:e5:13:c4:ee:77:58:65:da:fa:a2: 46:61:f9:68 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUH1BZM02ahfVR+nHpBVg1V3uiMp8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1M1oX DTI3MDMwMzA2MTM1M1owMzExMC8GA1UEAxMoQTc4OEQxQjJDNDk0NzA2QkFFOUZF MjNFODE2OUY2NDgwMjY5QTI5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFBZEOsD6Nna27et4ijUanjGIlQ/pMyXH9hc1Ndb8iQsiA97hWBpMbAgxO4 TF5F8Dn1DU8N7kv0WAg//96Ls605g87403+XxQaSURBsSeCRzMskV3eJgleckMVE SynlseZu0db+noFV2FDWqpVEu4Zv4T8oTUDVbNMQ4Ao3zSJiuOizMHm2dV9Krm1q sqkHaVMx9+aHf7+Zk/qujX2F0hGoXlk/8udIsKTomjqNg3Hah4ainOQHgbxkSMpt njd3DO11Mv6YijssHWEIWWfS7877REci8AQFdLZ9VbVvkzBCcuhDYjTXSVXvS0jU WWtiICzvp+Evzi0z/lm9OmH0o7UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSniNGy xJRwa66f4j6BafZIAmmimzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU5My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o68wDQYJKoZIhvcNAQELBQADggEBAI2XZHcxc1TCv9GdbbzpJRVWbbhHT9mc0VRv u6jr+WgGKDhHg6V1dE/KJ9r+xovu/OeOgeiW7Dc1YJxU8jio0hMK7HuE0Brh0Rw/ dpvxomM8l0xzXKD2E+raGhuc9nGVT2mLIWgngsdSqcmrheV0a7XdHNbHRnYY56lF rtUeFSSOJ7QrCLd6V6UkwrElzha3XpfIXMvXJPbpipLFN4NlhorADfWWyJgwLmpR LALtQs+21PhwsyKKm8sUfofIHyzalbeDdotZBcChAo9v4MECMX5Vt9RXv/atglbX Kg/ov7mhLBIbYF6zcwzpNAfWWUt9x7Bo5RPE7ndYZdr6okZh+Wg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:27 2026 by rpki-client