$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143606.roa File: AS143606.roa (raw, json) Hash identifier: 1PvjAS2uoPi1T08mdOyj/TPt5ignuV+6bfzHITGzjJM= Subject key identifier: 72:F2:0B:BC:59:63:5F:04:77:7C:EE:17:BC:07:58:5A:8C:75:BD:70 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 628E057E4251817CCAEE8F3E65EE6EE60F8A4A0B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143606.roa Signing time: Wed 04 Mar 2026 06:14:50 +0000 ROA not before: Wed 04 Mar 2026 06:09:50 +0000 ROA not after: Wed 03 Mar 2027 06:14:50 +0000 asID: 143606 IP address blocks: 240a:a3bc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:8e:05:7e:42:51:81:7c:ca:ee:8f:3e:65:ee:6e:e6:0f:8a:4a:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:50 2026 GMT Not After : Mar 3 06:14:50 2027 GMT Subject: CN=72F20BBC59635F04777CEE17BC07585A8C75BD70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d7:f4:5f:15:16:98:09:ce:dd:5c:a3:0b:93: f0:c3:12:d1:80:11:33:94:18:b3:66:7c:29:f3:af: 2b:00:51:80:77:00:35:14:e7:7c:be:2c:d3:2e:39: 6b:be:87:68:b0:b7:53:16:be:19:a6:57:9d:17:d3: 36:ab:d0:ac:d0:21:2e:e5:6d:fc:7e:db:f7:34:86: b4:8d:40:47:25:08:d9:fc:78:26:eb:a4:7a:8d:b0: 40:c7:fc:7a:b4:25:4a:76:a7:20:a7:c4:95:2b:87: 40:34:23:6b:d5:a7:10:ff:44:a8:28:7a:07:5e:c9: f2:96:1a:31:21:c8:27:6a:d5:00:ec:7c:c4:db:bd: 42:ac:45:af:0f:2f:9e:c6:2b:18:ec:4f:88:05:75: fd:c2:50:d9:45:f3:51:62:41:b9:8d:8f:f4:5f:18: 53:81:c7:e3:1c:78:d2:e8:cf:0f:87:90:9e:76:c6: cf:12:f4:4f:5f:65:bb:20:eb:89:16:e1:e2:fc:43: 08:6b:81:46:29:6c:00:18:eb:99:1d:e5:8e:be:5a: f8:25:19:52:2b:ad:e5:8a:40:5d:f2:d8:a1:de:bc: f3:7e:b8:0c:a2:9f:6e:86:9d:a8:da:88:50:14:77: 85:55:86:88:5e:c7:50:25:d2:33:ac:9c:31:f6:f3: be:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:F2:0B:BC:59:63:5F:04:77:7C:EE:17:BC:07:58:5A:8C:75:BD:70 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143606.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3bc::/32 Signature Algorithm: sha256WithRSAEncryption cb:b0:db:41:f0:4d:3b:ec:26:54:95:3e:2f:06:20:bb:8e:e7: d1:7d:b1:cb:c0:20:15:c6:cc:8d:5d:b0:34:61:0b:f3:ad:26: e2:fd:14:2e:dc:6f:ee:97:b2:d3:49:be:d7:59:88:34:8c:bf: f7:14:aa:77:88:14:21:ad:29:71:01:55:2c:ea:e3:15:ec:44: bc:46:3c:0d:38:56:d6:35:43:56:fe:25:5c:1d:96:5f:8f:50: fd:dc:7e:a0:d4:64:7e:81:d2:b3:94:c6:c3:bd:c2:45:30:04: be:2e:e7:11:f1:8d:aa:0e:97:6d:18:ee:94:94:e0:cf:ae:8b: cc:ee:01:81:94:75:16:ce:93:5c:be:9a:c9:df:b4:ee:29:f1: a4:ae:bf:b7:e7:ff:72:cf:32:75:ca:b2:18:4e:ae:3a:cd:23: 50:b4:e7:11:cc:b5:77:f1:78:ae:d9:f5:91:53:9f:0a:d5:db: d0:1a:4e:78:8c:8b:c0:a6:23:e0:4f:24:67:8a:0b:22:5a:93: c0:09:1b:51:c2:63:e1:6d:7e:4d:6b:53:77:ce:df:4f:63:ce: 3f:c0:8e:e9:ee:a0:54:5d:14:ec:d8:22:5f:4c:8b:fa:15:ca: 85:ab:23:6c:cc:67:df:71:d0:df:9e:c3:f9:64:04:2a:b6:07: 60:bb:63:8e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYo4FfkJRgXzK7o8+Ze5u5g+KSgswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk1MFoX DTI3MDMwMzA2MTQ1MFowMzExMC8GA1UEAxMoNzJGMjBCQkM1OTYzNUYwNDc3N0NF RTE3QkMwNzU4NUE4Qzc1QkQ3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/X9F8VFpgJzt1cowuT8MMS0YARM5QYs2Z8KfOvKwBRgHcANRTnfL4s0y45 a76HaLC3Uxa+GaZXnRfTNqvQrNAhLuVt/H7b9zSGtI1ARyUI2fx4Juukeo2wQMf8 erQlSnanIKfElSuHQDQja9WnEP9EqCh6B17J8pYaMSHIJ2rVAOx8xNu9QqxFrw8v nsYrGOxPiAV1/cJQ2UXzUWJBuY2P9F8YU4HH4xx40ujPD4eQnnbGzxL0T19luyDr iRbh4vxDCGuBRilsABjrmR3ljr5a+CUZUiut5YpAXfLYod688364DKKfboadqNqI UBR3hVWGiF7HUCXSM6ycMfbzvgUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRy8gu8 WWNfBHd87he8B1hajHW9cDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYwNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o7wwDQYJKoZIhvcNAQELBQADggEBAMuw20HwTTvsJlSVPi8GILuO59F9scvAIBXG zI1dsDRhC/OtJuL9FC7cb+6XstNJvtdZiDSMv/cUqneIFCGtKXEBVSzq4xXsRLxG PA04VtY1Q1b+JVwdll+PUP3cfqDUZH6B0rOUxsO9wkUwBL4u5xHxjaoOl20Y7pSU 4M+ui8zuAYGUdRbOk1y+msnftO4p8aSuv7fn/3LPMnXKshhOrjrNI1C05xHMtXfx eK7Z9ZFTnwrV29AaTniMi8CmI+BPJGeKCyJak8AJG1HCY+Ftfk1rU3fO309jzj/A junuoFRdFOzYIl9Mi/oVyoWrI2zMZ99x0N+ew/lkBCq2B2C7Y44= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:52 2026 by rpki-client