$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143599.roa File: AS143599.roa (raw, json) Hash identifier: rrqW5xTpwFQz/5Ib82BgnZwuTdP8KtcYfRpQUtaX/5E= Subject key identifier: B4:98:97:90:27:DC:77:6C:79:A2:A8:A8:24:BB:21:CB:AF:83:89:EF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15E33F4901FE8F9D9F0CFE9A0D2FB159B8685835 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143599.roa Signing time: Wed 04 Mar 2026 06:14:48 +0000 ROA not before: Wed 04 Mar 2026 06:09:48 +0000 ROA not after: Wed 03 Mar 2027 06:14:48 +0000 asID: 143599 IP address blocks: 240a:a3b5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:e3:3f:49:01:fe:8f:9d:9f:0c:fe:9a:0d:2f:b1:59:b8:68:58:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:48 2026 GMT Not After : Mar 3 06:14:48 2027 GMT Subject: CN=B498979027DC776C79A2A8A824BB21CBAF8389EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:0e:76:99:8c:44:5d:40:7e:79:fd:06:81:c0: 14:61:47:4e:1a:84:17:43:fa:d8:9a:2b:75:a5:2f: 43:ea:32:35:9b:33:74:d6:30:06:fb:ed:1f:57:4c: 3e:27:94:f6:26:ef:5d:8c:60:25:7b:81:9a:41:63: a8:12:a6:a8:c4:63:f2:72:27:5f:ea:3e:e7:dc:85: 26:c9:76:42:e0:7a:10:d9:71:8d:76:c7:ab:9b:b3: db:d8:e2:4f:15:18:40:3a:4a:e1:59:da:cf:4f:28: 11:d2:21:bb:ed:34:de:a3:bf:6a:59:2d:02:35:d5: 28:4b:1a:79:4e:3e:5d:55:00:ca:44:a0:da:ca:d2: d1:46:45:24:e9:49:81:a9:7a:36:79:ea:af:5d:5d: 1f:0e:c6:26:cc:2d:f9:7d:d7:c5:8d:1c:13:fa:88: ee:60:a9:ab:60:0b:6b:e1:97:20:5f:0e:1d:43:4a: aa:72:3d:05:aa:f0:94:4c:5b:01:07:9d:54:79:63: 08:1b:2b:d5:14:c7:72:c6:af:cc:86:e4:00:2f:a1: 7d:93:ec:37:bd:4c:b5:74:6b:56:2b:cb:fa:34:7f: a6:60:01:5a:cd:d6:12:2f:71:26:5d:01:f1:12:ad: ed:df:1c:f7:89:b7:74:ce:28:de:84:5a:6a:1c:0a: 20:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:98:97:90:27:DC:77:6C:79:A2:A8:A8:24:BB:21:CB:AF:83:89:EF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143599.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3b5::/32 Signature Algorithm: sha256WithRSAEncryption 4d:47:4d:49:f7:b1:73:8d:56:f8:43:85:22:44:51:74:b4:4c: 72:8c:6a:ba:8b:e4:48:91:5e:31:6c:d1:9f:c2:49:96:3a:3a: 57:63:c7:92:8e:a7:76:73:dc:36:c0:67:53:16:06:ed:65:d7: 00:0b:55:57:bb:4f:2b:2e:51:3e:01:09:38:b8:c6:17:fc:18: 44:29:c9:8d:1b:bd:ff:0e:6b:6e:a5:89:92:04:04:0a:a8:e9: dd:0f:4b:e6:95:fc:92:2c:e0:79:29:73:38:6e:13:16:32:47: bd:ea:76:d6:ee:6d:ae:b6:40:fe:90:9b:1a:13:07:7d:4b:ee: d3:25:0f:7b:c9:3e:7f:24:16:91:60:40:ca:a9:47:99:c7:d6: 41:d3:21:77:d4:13:ac:fe:f6:ce:98:25:01:62:0d:fa:18:05: cf:06:1c:15:d8:d9:a7:51:78:8c:0c:6c:f8:89:eb:54:eb:8d: 92:ba:ab:00:e3:a6:3c:3f:29:9a:1f:bd:75:ea:ba:b6:50:ab: c8:49:ad:83:5f:70:24:3a:8a:06:54:63:6e:82:ce:89:9f:b8: bf:a0:f9:b9:49:25:54:dd:db:bd:40:45:0f:90:87:0a:04:eb: 66:09:67:b6:b0:bb:b7:00:dd:a7:ef:ad:d0:94:95:94:f2:cd: 12:54:19:f1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFeM/SQH+j52fDP6aDS+xWbhoWDUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0OFoX DTI3MDMwMzA2MTQ0OFowMzExMC8GA1UEAxMoQjQ5ODk3OTAyN0RDNzc2Qzc5QTJB OEE4MjRCQjIxQ0JBRjgzODlFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPUOdpmMRF1Afnn9BoHAFGFHThqEF0P62JordaUvQ+oyNZszdNYwBvvtH1dM PieU9ibvXYxgJXuBmkFjqBKmqMRj8nInX+o+59yFJsl2QuB6ENlxjXbHq5uz29ji TxUYQDpK4Vnaz08oEdIhu+003qO/alktAjXVKEsaeU4+XVUAykSg2srS0UZFJOlJ gal6Nnnqr11dHw7GJswt+X3XxY0cE/qI7mCpq2ALa+GXIF8OHUNKqnI9BarwlExb AQedVHljCBsr1RTHcsavzIbkAC+hfZPsN71MtXRrVivL+jR/pmABWs3WEi9xJl0B 8RKt7d8c94m3dM4o3oRaahwKIOUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS0mJeQ J9x3bHmiqKgkuyHLr4OJ7zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzU5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o7UwDQYJKoZIhvcNAQELBQADggEBAE1HTUn3sXONVvhDhSJEUXS0THKMarqL5EiR XjFs0Z/CSZY6Oldjx5KOp3Zz3DbAZ1MWBu1l1wALVVe7TysuUT4BCTi4xhf8GEQp yY0bvf8Oa26liZIEBAqo6d0PS+aV/JIs4HkpczhuExYyR73qdtbuba62QP6QmxoT B31L7tMlD3vJPn8kFpFgQMqpR5nH1kHTIXfUE6z+9s6YJQFiDfoYBc8GHBXY2adR eIwMbPiJ61TrjZK6qwDjpjw/KZofvXXqurZQq8hJrYNfcCQ6igZUY26CzomfuL+g +blJJVTd271ARQ+QhwoE62YJZ7awu7cA3afvrdCUlZTyzRJUGfE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:37 2026 by rpki-client