$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143610.roa File: AS143610.roa (raw, json) Hash identifier: ybxcwHxGgb0ljj8tUhw0N40ugeZTxjmo867rW+5c8To= Subject key identifier: 09:49:DE:6F:B2:C0:74:AB:CD:99:D5:7F:3A:D0:62:B0:85:10:62:AB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 54C559267A38C6AD70F23BC0C4AFEDBC45D6858B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143610.roa Signing time: Wed 04 Mar 2026 06:15:51 +0000 ROA not before: Wed 04 Mar 2026 06:10:51 +0000 ROA not after: Wed 03 Mar 2027 06:15:51 +0000 asID: 143610 IP address blocks: 240a:a3c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:c5:59:26:7a:38:c6:ad:70:f2:3b:c0:c4:af:ed:bc:45:d6:85:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:51 2026 GMT Not After : Mar 3 06:15:51 2027 GMT Subject: CN=0949DE6FB2C074ABCD99D57F3AD062B0851062AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:08:e1:a6:28:e6:d7:ce:bd:c2:de:f7:1b: e9:f0:9a:d3:cc:26:23:d3:4d:48:26:58:b7:50:60: 86:00:c3:ff:9d:b4:d7:a0:cd:63:52:8b:3d:6a:e2: 90:8a:34:91:43:9f:1b:6a:9f:b7:53:f2:1e:0b:8d: bb:e7:7f:18:f2:32:91:39:d4:bf:2a:22:fd:d3:62: e6:61:65:94:2c:3d:b3:f5:06:98:1d:bb:55:fc:6d: 99:69:f0:3e:db:b2:22:5e:79:eb:d4:71:bd:fc:3d: a6:85:e2:3f:cd:9f:1c:8f:6f:e9:05:be:df:b5:22: f1:0f:0b:aa:a5:c6:7c:1e:1b:12:41:0c:67:9e:df: da:23:9a:05:d3:f7:b8:e4:ba:bc:95:b1:81:07:67: 27:f9:99:88:29:6c:5a:2c:f3:e5:2f:c3:26:10:d5: 06:78:a3:67:a7:ed:69:ad:91:c4:11:a6:06:50:1c: 8f:44:2f:f9:57:0b:46:a7:46:ef:43:e4:0e:84:cd: 12:3e:b9:e7:ca:8c:51:27:3f:00:4a:1f:ff:b0:08: ba:a7:47:2e:87:1c:d9:de:ea:86:90:57:76:34:6e: 47:4b:c1:92:b6:70:49:de:38:67:97:54:20:cf:64: 60:25:f0:55:a3:54:33:45:99:39:91:e8:d7:b2:53: 78:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:49:DE:6F:B2:C0:74:AB:CD:99:D5:7F:3A:D0:62:B0:85:10:62:AB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143610.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3c0::/32 Signature Algorithm: sha256WithRSAEncryption 16:1b:4b:34:71:6e:f5:3e:2d:26:6d:31:7c:b1:20:41:2b:aa: 2d:ee:99:d5:3d:7c:8c:7a:0b:bc:48:94:5c:7d:34:c8:d5:0a: aa:67:13:d0:1e:92:87:e2:b2:97:5c:c7:46:44:57:4c:5c:5e: 98:6c:7f:6f:76:42:6e:88:e6:a9:dc:2e:3d:79:01:ec:c0:71: 81:c8:b8:fb:10:85:fe:4c:bf:e5:77:f1:bd:db:0c:77:64:00: d9:9f:ce:5c:f1:6a:c9:0f:68:2c:7f:d5:85:13:d5:5a:33:53: a1:d9:1d:be:2b:47:01:53:d1:98:e5:5e:8c:61:d8:d1:38:0a: 47:89:84:70:58:b7:0d:25:e2:24:f9:13:07:dd:1f:df:ce:34: 15:b8:36:e9:88:7d:1b:12:94:1d:77:95:59:20:7d:16:1a:34: f4:42:21:80:b7:d0:c3:2d:9b:7b:3a:54:2b:2f:0d:e9:61:e1: a0:c1:60:bc:f8:7f:92:1b:f8:8c:55:ea:48:cd:38:0f:b9:71: 75:f5:8a:12:c8:44:c1:a5:13:51:2c:76:57:5b:5e:da:f7:9c: ff:50:ec:0e:11:8f:66:f4:1f:73:30:ee:35:75:44:f6:71:56: 96:87:d2:fd:b2:3c:47:6d:ca:e5:5c:2e:40:ab:22:55:d8:7e: d7:6e:1e:b7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVMVZJno4xq1w8jvAxK/tvEXWhYswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA1MVoX DTI3MDMwMzA2MTU1MVowMzExMC8GA1UEAxMoMDk0OURFNkZCMkMwNzRBQkNEOTlE NTdGM0FEMDYyQjA4NTEwNjJBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgZCOGmKObXzr3C3vcb6fCa08wmI9NNSCZYt1BghgDD/52016DNY1KLPWri kIo0kUOfG2qft1PyHguNu+d/GPIykTnUvyoi/dNi5mFllCw9s/UGmB27VfxtmWnw PtuyIl5569Rxvfw9poXiP82fHI9v6QW+37Ui8Q8LqqXGfB4bEkEMZ57f2iOaBdP3 uOS6vJWxgQdnJ/mZiClsWizz5S/DJhDVBnijZ6ftaa2RxBGmBlAcj0Qv+VcLRqdG 70PkDoTNEj6558qMUSc/AEof/7AIuqdHLocc2d7qhpBXdjRuR0vBkrZwSd44Z5dU IM9kYCXwVaNUM0WZOZHo17JTeHsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQJSd5v ssB0q82Z1X860GKwhRBiqzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYxMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o8AwDQYJKoZIhvcNAQELBQADggEBABYbSzRxbvU+LSZtMXyxIEErqi3umdU9fIx6 C7xIlFx9NMjVCqpnE9Aekofispdcx0ZEV0xcXphsf292Qm6I5qncLj15AezAcYHI uPsQhf5Mv+V38b3bDHdkANmfzlzxaskPaCx/1YUT1VozU6HZHb4rRwFT0ZjlXoxh 2NE4CkeJhHBYtw0l4iT5EwfdH9/ONBW4NumIfRsSlB13lVkgfRYaNPRCIYC30MMt m3s6VCsvDelh4aDBYLz4f5Ib+IxV6kjNOA+5cXX1ihLIRMGlE1EsdldbXtr3nP9Q 7A4Rj2b0H3Mw7jV1RPZxVpaH0v2yPEdtyuVcLkCrIlXYftduHrc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:08 2026 by rpki-client