$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143607.roa File: AS143607.roa (raw, json) Hash identifier: X2TQf0Faw8Cx6fUSURH1CJDGspxw1FSrkpBf9OfYTwU= Subject key identifier: DB:D3:4D:A5:2A:BE:01:88:B0:97:BC:1F:8B:3C:28:22:2F:ED:0F:B0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4578CB15FCBA1A64B69DF9A117E2B578310E57D5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143607.roa Signing time: Wed 04 Mar 2026 06:12:50 +0000 ROA not before: Wed 04 Mar 2026 06:07:50 +0000 ROA not after: Wed 03 Mar 2027 06:12:50 +0000 asID: 143607 IP address blocks: 240a:a3bd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:78:cb:15:fc:ba:1a:64:b6:9d:f9:a1:17:e2:b5:78:31:0e:57:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:50 2026 GMT Not After : Mar 3 06:12:50 2027 GMT Subject: CN=DBD34DA52ABE0188B097BC1F8B3C28222FED0FB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:82:ee:e2:1e:34:ac:b2:2d:2d:c0:78:a4:22: 1d:a6:0f:59:14:2c:1d:84:72:15:a7:cb:af:a2:0d: 39:63:d5:bf:49:d4:5d:69:87:36:86:96:48:34:4e: 93:0a:7e:66:da:43:c1:a3:e6:30:d5:db:4e:af:ef: 56:b9:12:67:b4:a9:b8:ca:17:22:c9:84:f2:ec:4b: e5:a4:80:b8:38:f3:5b:83:91:52:59:d7:64:82:ed: 2a:08:8c:40:f1:8f:c3:ae:30:e9:fc:78:44:a8:5c: d1:b0:81:2e:cd:5c:d9:33:39:d2:7a:61:8b:89:2b: 11:36:2e:97:1a:04:29:32:97:1e:dd:b2:5d:5e:87: 1e:59:43:ea:26:8a:7e:4b:6e:0b:e0:4c:9e:17:42: 5b:4f:42:05:6e:3a:26:ec:99:71:ac:cd:05:e2:03: f4:bd:57:fe:33:13:c8:90:eb:90:24:7a:b8:0e:84: db:c8:12:8e:92:6f:22:9f:01:5e:3b:d5:05:83:25: 26:35:51:ce:c2:71:a4:77:5e:cd:fd:4c:80:8b:e1: 28:da:f9:57:8e:02:bd:e8:fc:7d:24:61:28:98:40: d1:41:5d:7d:0e:ae:4d:ad:88:73:f3:de:55:05:da: 4a:25:e0:8e:9c:ce:71:c0:28:78:57:0a:10:11:07: 33:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:D3:4D:A5:2A:BE:01:88:B0:97:BC:1F:8B:3C:28:22:2F:ED:0F:B0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143607.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3bd::/32 Signature Algorithm: sha256WithRSAEncryption 8c:1b:0e:d7:80:0d:4e:71:96:99:c6:59:b7:24:47:78:64:c6: 33:ee:57:8f:7e:75:f8:b2:ac:9e:60:5f:75:b9:d0:0b:f0:eb: 69:1c:ed:4d:da:f4:ae:59:d3:49:43:81:1a:70:9c:af:91:ce: 44:76:13:eb:ed:cc:67:8a:62:e1:e4:9f:d9:c8:2f:c7:68:ca: 20:15:fc:04:ae:d2:b0:d1:16:c9:48:4f:f4:6a:73:0f:60:df: e1:76:79:ee:17:2b:bf:18:4e:94:f0:65:4c:9e:00:2c:dd:ed: f2:53:8c:a2:e4:4f:4a:5c:e0:b8:e0:c0:c4:8e:b6:c3:c0:61: 4a:c2:e7:ec:b6:9e:c0:3b:5a:84:27:e7:10:f9:24:7d:6c:c0: 6c:fd:6e:43:92:f4:70:f1:4c:30:de:46:2d:43:cf:75:97:a7: 20:63:94:aa:c1:56:70:17:0a:5b:fd:2d:15:6a:c9:7f:bc:63: 89:a6:b2:44:57:34:28:60:f7:35:f8:71:9a:24:54:a5:97:f8: de:75:a6:ed:c0:fc:bc:30:3a:66:da:d1:f8:d1:e8:53:c3:08: 93:53:6d:5d:d4:61:4d:87:af:be:c2:95:db:26:b9:61:ab:05: d3:67:f2:8f:86:c4:fb:5b:94:9f:52:15:31:55:ac:46:28:2d: 84:0c:be:49 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURXjLFfy6GmS2nfmhF+K1eDEOV9UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1MFoX DTI3MDMwMzA2MTI1MFowMzExMC8GA1UEAxMoREJEMzREQTUyQUJFMDE4OEIwOTdC QzFGOEIzQzI4MjIyRkVEMEZCMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2C7uIeNKyyLS3AeKQiHaYPWRQsHYRyFafLr6INOWPVv0nUXWmHNoaWSDRO kwp+ZtpDwaPmMNXbTq/vVrkSZ7SpuMoXIsmE8uxL5aSAuDjzW4ORUlnXZILtKgiM QPGPw64w6fx4RKhc0bCBLs1c2TM50nphi4krETYulxoEKTKXHt2yXV6HHllD6iaK fktuC+BMnhdCW09CBW46JuyZcazNBeID9L1X/jMTyJDrkCR6uA6E28gSjpJvIp8B XjvVBYMlJjVRzsJxpHdezf1MgIvhKNr5V44Cvej8fSRhKJhA0UFdfQ6uTa2Ic/Pe VQXaSiXgjpzOccAoeFcKEBEHMz0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTb002l Kr4BiLCXvB+LPCgiL+0PsDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYwNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o70wDQYJKoZIhvcNAQELBQADggEBAIwbDteADU5xlpnGWbckR3hkxjPuV49+dfiy rJ5gX3W50Avw62kc7U3a9K5Z00lDgRpwnK+RzkR2E+vtzGeKYuHkn9nIL8doyiAV /ASu0rDRFslIT/Rqcw9g3+F2ee4XK78YTpTwZUyeACzd7fJTjKLkT0pc4LjgwMSO tsPAYUrC5+y2nsA7WoQn5xD5JH1swGz9bkOS9HDxTDDeRi1Dz3WXpyBjlKrBVnAX Clv9LRVqyX+8Y4mmskRXNChg9zX4cZokVKWX+N51pu3A/LwwOmba0fjR6FPDCJNT bV3UYU2Hr77CldsmuWGrBdNn8o+GxPtblJ9SFTFVrEYoLYQMvkk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:10 2026 by rpki-client