$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143598.roa File: AS143598.roa (raw, json) Hash identifier: NlXGDxjq/7YQ/v2XAhbEUzXsQoqvmpCPV8DTSXQ9pFo= Subject key identifier: 25:B5:9C:F8:53:A1:56:53:63:55:1D:ED:DA:7D:32:53:3F:E6:77:D1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4A0421E2FE9835B98C10A44B279E131042848830 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143598.roa Signing time: Wed 04 Mar 2026 06:15:07 +0000 ROA not before: Wed 04 Mar 2026 06:10:07 +0000 ROA not after: Wed 03 Mar 2027 06:15:07 +0000 asID: 143598 IP address blocks: 240a:a3b4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:04:21:e2:fe:98:35:b9:8c:10:a4:4b:27:9e:13:10:42:84:88:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:07 2026 GMT Not After : Mar 3 06:15:07 2027 GMT Subject: CN=25B59CF853A1565363551DEDDA7D32533FE677D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:94:4b:0d:bb:66:d9:a1:45:de:07:7e:ad:cc: 34:cb:b2:b0:0c:39:24:c7:ec:f9:1a:42:94:36:b6: ce:fb:cb:e9:dc:35:c6:f3:fa:28:ea:85:94:9a:7d: 86:12:0e:7a:43:46:a1:2a:15:96:17:b2:96:7e:ff: 98:97:79:5c:4f:b9:91:54:e8:eb:9e:90:92:23:41: 4f:5c:84:cd:01:fc:34:89:95:81:a2:9f:5e:28:3c: 08:ec:25:8d:dc:8f:c8:e1:3b:8e:85:97:0e:75:32: 3a:c4:01:a1:69:58:3d:98:22:92:26:1e:f3:03:d9: dd:df:99:2d:13:9c:bc:18:2e:77:8e:9d:b1:44:db: 3d:7b:31:4d:d4:9c:3c:01:cc:e2:e2:f3:87:c9:45: f9:74:2f:a1:6c:27:16:64:03:82:5b:45:65:85:55: 33:41:69:29:6b:7c:3a:d4:99:22:92:b8:13:6d:c6: 01:41:92:9d:ec:4e:59:18:3e:e5:0c:40:f7:73:07: 5c:f4:b1:83:52:06:6d:aa:d7:4b:76:3d:56:42:80: 98:38:4d:bc:97:11:38:4f:98:30:49:30:cc:cd:b1: 2d:8e:ca:a0:20:78:38:30:33:08:b0:43:2d:72:1a: b6:c8:1e:44:fe:cb:82:73:f8:3b:94:62:80:88:1f: 41:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:B5:9C:F8:53:A1:56:53:63:55:1D:ED:DA:7D:32:53:3F:E6:77:D1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143598.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3b4::/32 Signature Algorithm: sha256WithRSAEncryption 32:4d:cf:64:79:eb:3f:95:a3:9a:53:1f:7d:ab:45:d6:df:d4: 13:d0:9b:12:c6:3b:18:24:1c:59:21:fd:3c:eb:d7:5c:a0:25: 49:2f:84:9a:97:ea:fa:a3:6d:66:19:1f:15:7f:c3:f5:7d:b6: f4:8f:f6:99:6e:14:bf:39:d2:9e:78:5f:6c:b9:79:4e:9c:17: a8:b6:db:45:9c:85:b6:05:00:16:ad:44:61:d7:c6:e3:f7:b9: d9:9d:c9:ff:b4:6f:9f:b9:0e:42:26:b2:91:3d:64:26:ba:40: a9:ec:03:35:90:12:ae:a7:81:b5:22:dd:09:ed:53:89:ab:67: 19:cb:41:8c:ad:e6:59:d9:4f:5b:cf:13:12:6e:4f:a3:45:02: e6:dd:36:6f:82:bf:7e:4e:27:0d:79:eb:e8:42:32:86:34:0e: b2:52:d8:5a:4c:f6:bf:17:93:29:43:c3:8f:a7:35:23:b5:fd: f9:f1:77:c6:bf:f6:b6:a5:e2:9f:be:70:c8:c5:10:68:d8:4a: 00:f8:97:2b:70:82:52:0e:4f:8a:a3:99:17:1f:83:61:a3:6b: dd:df:13:d0:7a:03:7e:cd:f5:bc:17:56:1a:ba:d3:e7:03:fb: c6:1c:2a:86:ac:a9:1a:21:2e:5f:ac:a1:01:8e:49:5b:2c:4c: 59:2d:96:ab -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSgQh4v6YNbmMEKRLJ54TEEKEiDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwN1oX DTI3MDMwMzA2MTUwN1owMzExMC8GA1UEAxMoMjVCNTlDRjg1M0ExNTY1MzYzNTUx REVEREE3RDMyNTMzRkU2NzdEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN2USw27ZtmhRd4Hfq3MNMuysAw5JMfs+RpClDa2zvvL6dw1xvP6KOqFlJp9 hhIOekNGoSoVlheyln7/mJd5XE+5kVTo656QkiNBT1yEzQH8NImVgaKfXig8COwl jdyPyOE7joWXDnUyOsQBoWlYPZgikiYe8wPZ3d+ZLROcvBgud46dsUTbPXsxTdSc PAHM4uLzh8lF+XQvoWwnFmQDgltFZYVVM0FpKWt8OtSZIpK4E23GAUGSnexOWRg+ 5QxA93MHXPSxg1IGbarXS3Y9VkKAmDhNvJcROE+YMEkwzM2xLY7KoCB4ODAzCLBD LXIatsgeRP7LgnP4O5RigIgfQQkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQltZz4 U6FWU2NVHe3afTJTP+Z30TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o7QwDQYJKoZIhvcNAQELBQADggEBADJNz2R56z+Vo5pTH32rRdbf1BPQmxLGOxgk HFkh/Tzr11ygJUkvhJqX6vqjbWYZHxV/w/V9tvSP9pluFL850p54X2y5eU6cF6i2 20WchbYFABatRGHXxuP3udmdyf+0b5+5DkImspE9ZCa6QKnsAzWQEq6ngbUi3Qnt U4mrZxnLQYyt5lnZT1vPExJuT6NFAubdNm+Cv35OJw156+hCMoY0DrJS2FpM9r8X kylDw4+nNSO1/fnxd8a/9ral4p++cMjFEGjYSgD4lytwglIOT4qjmRcfg2Gja93f E9B6A37N9bwXVhq60+cD+8YcKoasqRohLl+soQGOSVssTFktlqs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:48 2026 by rpki-client