$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143596.roa File: AS143596.roa (raw, json) Hash identifier: c9BsNthfhuWKJ/uMKi0OQ5E4BTmOkta7fKz4y16PZM8= Subject key identifier: A1:E5:CA:8F:5E:76:91:18:D8:6D:5F:CD:68:9D:41:5D:36:59:3A:41 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5DD1EF296719C708FAB3D194D8F163A6A4AB0B03 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143596.roa Signing time: Wed 04 Mar 2026 06:15:25 +0000 ROA not before: Wed 04 Mar 2026 06:10:25 +0000 ROA not after: Wed 03 Mar 2027 06:15:25 +0000 asID: 143596 IP address blocks: 240a:a3b2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:d1:ef:29:67:19:c7:08:fa:b3:d1:94:d8:f1:63:a6:a4:ab:0b:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:25 2026 GMT Not After : Mar 3 06:15:25 2027 GMT Subject: CN=A1E5CA8F5E769118D86D5FCD689D415D36593A41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:21:4b:81:c2:78:78:e4:4e:ed:4d:8f:43:20: d0:15:eb:4a:f7:88:6b:cd:89:50:2c:ea:d6:3d:18: 39:b8:c9:df:3d:ad:4a:29:8e:43:05:3f:f7:00:ce: 71:c0:4e:fe:d6:07:e3:b0:61:8c:2a:40:03:76:7b: 42:ae:c4:d9:87:c8:40:3f:a7:20:de:5b:01:c8:1f: 52:4f:e1:2d:76:b3:68:d9:e7:09:a5:5f:48:7b:0e: 74:8d:e6:c6:2a:4b:2e:99:5a:88:e9:89:3c:bc:31: b6:f4:95:d6:ed:db:9b:c8:e8:5f:a2:8c:98:ef:49: 0f:30:c3:5e:0b:47:ac:98:ce:26:6d:62:58:9c:ed: a5:3a:e2:7e:62:7a:0a:02:c3:f4:1a:3f:07:55:80: 11:64:88:0a:5f:8b:7f:e1:92:dd:21:36:32:52:ad: df:ec:55:f8:94:ae:64:ec:65:34:5e:8b:e0:43:40: d3:5e:44:d7:71:91:b0:13:b8:57:4c:c7:f1:71:d1: 6f:d5:0a:63:f6:67:9a:e0:97:67:95:11:ad:18:65: e7:b9:e8:78:cb:ab:d5:f8:14:c5:d8:9f:bf:88:1b: 3f:d8:4f:57:1d:4d:df:d1:07:01:e2:ed:df:66:94: 95:be:d3:c4:34:4e:23:cb:51:00:76:5d:b1:b4:8b: d2:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:E5:CA:8F:5E:76:91:18:D8:6D:5F:CD:68:9D:41:5D:36:59:3A:41 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143596.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3b2::/32 Signature Algorithm: sha256WithRSAEncryption 6b:92:09:57:d2:b3:ba:7f:78:1c:0b:07:31:bd:b8:8f:01:e4: c0:de:b9:61:f4:f8:c4:2e:25:c7:b1:35:c9:c2:79:7a:b0:a8: a1:be:30:f2:54:c5:2b:f1:c0:7d:12:4c:80:75:47:23:4d:1d: 8a:aa:6a:1d:6a:70:cb:f4:5c:5e:ce:ed:9d:9c:47:26:36:b6: fc:2b:c6:99:1f:64:40:9f:1e:72:98:f6:e4:17:11:54:04:84: 29:41:83:c3:11:7b:81:54:ae:c4:81:1c:65:8b:1b:c3:08:1f: 21:1a:e4:10:03:e7:5a:47:9d:7c:80:03:fe:1c:c4:22:36:d6: 92:00:07:27:20:ea:81:11:cd:64:42:67:1c:69:48:06:cb:e7: 4a:47:a0:a4:dd:9b:2f:35:23:f7:f8:81:3b:13:6e:34:b1:e8: 7d:11:61:e8:4d:3b:42:f9:13:3e:4e:06:47:be:f5:cb:c6:31: ad:36:3e:2f:2b:70:57:3a:0d:fc:3e:08:36:91:86:23:86:0a: 25:0e:c4:ac:ad:d8:ae:b7:21:07:26:b4:31:93:50:47:1a:fa: d5:d1:2b:ae:1f:2b:a2:4d:0f:6c:4f:36:f9:27:8a:24:a0:9a: a8:d7:35:78:49:61:36:ef:4e:19:f9:97:9f:2d:8c:e6:38:1f: d6:6f:26:b6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXdHvKWcZxwj6s9GU2PFjpqSrCwMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyNVoX DTI3MDMwMzA2MTUyNVowMzExMC8GA1UEAxMoQTFFNUNBOEY1RTc2OTExOEQ4NkQ1 RkNENjg5RDQxNUQzNjU5M0E0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANshS4HCeHjkTu1Nj0Mg0BXrSveIa82JUCzq1j0YObjJ3z2tSimOQwU/9wDO ccBO/tYH47BhjCpAA3Z7Qq7E2YfIQD+nIN5bAcgfUk/hLXazaNnnCaVfSHsOdI3m xipLLplaiOmJPLwxtvSV1u3bm8joX6KMmO9JDzDDXgtHrJjOJm1iWJztpTrifmJ6 CgLD9Bo/B1WAEWSICl+Lf+GS3SE2MlKt3+xV+JSuZOxlNF6L4ENA015E13GRsBO4 V0zH8XHRb9UKY/ZnmuCXZ5URrRhl57noeMur1fgUxdifv4gbP9hPVx1N39EHAeLt 32aUlb7TxDROI8tRAHZdsbSL0uUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSh5cqP XnaRGNhtX81onUFdNlk6QTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o7IwDQYJKoZIhvcNAQELBQADggEBAGuSCVfSs7p/eBwLBzG9uI8B5MDeuWH0+MQu JcexNcnCeXqwqKG+MPJUxSvxwH0STIB1RyNNHYqqah1qcMv0XF7O7Z2cRyY2tvwr xpkfZECfHnKY9uQXEVQEhClBg8MRe4FUrsSBHGWLG8MIHyEa5BAD51pHnXyAA/4c xCI21pIABycg6oERzWRCZxxpSAbL50pHoKTdmy81I/f4gTsTbjSx6H0RYehNO0L5 Ez5OBke+9cvGMa02Pi8rcFc6Dfw+CDaRhiOGCiUOxKyt2K63IQcmtDGTUEca+tXR K64fK6JND2xPNvkniiSgmqjXNXhJYTbvThn5l58tjOY4H9ZvJrY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:32 2026 by rpki-client