$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143612.roa File: AS143612.roa (raw, json) Hash identifier: AQ+I8J2K21sQKMtknLLTQRQeXFUW4MjfL3EnjYNZlfY= Subject key identifier: 70:C5:E0:EE:EB:81:CA:65:3B:E6:B4:4A:FF:19:1A:DB:01:CF:54:A5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F9D50EAFEC4FB2A9591FBA61D7D7EC3A0D127FF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143612.roa Signing time: Wed 04 Mar 2026 06:12:41 +0000 ROA not before: Wed 04 Mar 2026 06:07:41 +0000 ROA not after: Wed 03 Mar 2027 06:12:41 +0000 asID: 143612 IP address blocks: 240a:a3c2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:9d:50:ea:fe:c4:fb:2a:95:91:fb:a6:1d:7d:7e:c3:a0:d1:27:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:41 2026 GMT Not After : Mar 3 06:12:41 2027 GMT Subject: CN=70C5E0EEEB81CA653BE6B44AFF191ADB01CF54A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d6:f3:66:e6:99:1b:7f:eb:3b:c1:87:aa:07: 10:ca:19:e2:42:01:09:5b:8f:2e:f6:ab:06:df:a8: 72:e4:9b:b4:70:a9:37:ef:d6:a4:8a:78:c9:12:26: af:bc:21:0d:25:ab:e0:6e:35:ef:d8:46:2b:24:3a: 85:a5:5d:bf:87:12:db:09:80:da:b0:85:c9:ae:79: 50:fc:fa:8a:48:59:f0:a8:76:5f:33:97:f5:e7:12: af:5a:ea:69:77:7d:fb:16:d8:b4:7b:46:2f:67:89: 7a:23:a5:85:79:26:2a:1a:09:b0:ec:76:a6:d9:ea: 23:de:e5:0e:fc:2a:49:f7:bc:83:13:05:16:15:c8: c3:83:a1:1b:45:80:40:4e:49:80:77:3a:c0:3d:7e: 5e:38:48:2c:55:42:2f:46:2d:6a:ca:8d:34:db:d5: d5:03:9a:78:6a:13:1e:ec:24:ff:6f:4f:4b:c3:20: e5:c8:2d:e6:10:67:cc:c3:8d:a9:50:1f:ec:99:42: d8:dd:af:c2:da:dd:49:63:66:18:bd:b3:d5:32:2c: a9:0d:24:a1:6b:83:3a:5f:36:4c:7d:54:c8:7e:b8: 93:78:6e:ed:4c:36:33:bc:47:3d:b5:1e:5c:7b:9c: f7:a1:a7:d4:56:dc:2e:a9:76:71:9a:21:14:04:62: 86:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:C5:E0:EE:EB:81:CA:65:3B:E6:B4:4A:FF:19:1A:DB:01:CF:54:A5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143612.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3c2::/32 Signature Algorithm: sha256WithRSAEncryption ae:53:9b:b1:de:2e:2e:aa:36:7d:7f:cc:e5:87:31:4a:73:4a: 18:9b:84:90:9e:5f:7a:6c:de:4f:19:16:17:20:cd:ce:f2:2c: c2:b4:f8:87:53:04:bb:7c:73:47:4d:56:b3:7b:3e:99:b0:18: 31:c1:52:c3:fe:19:fe:96:e3:a1:1a:05:33:44:3e:52:df:18: ee:c5:1e:1f:7c:3e:88:74:b3:5d:9c:e6:66:c7:9e:d9:17:d1: db:07:ec:2b:37:66:b1:a7:a7:ca:e6:35:b0:8a:1f:86:81:3a: c5:bb:79:e7:8e:45:f3:b7:5b:59:83:11:91:44:bf:0f:ef:09: 99:ed:45:86:3e:be:40:1e:ec:55:2d:58:e9:a1:ac:12:55:7d: 5d:21:e4:49:3f:fa:a8:a5:c2:48:61:25:88:25:9a:a6:91:29: 0e:46:9d:9b:b7:e4:a5:22:9b:1f:41:81:c9:67:55:83:e5:e2: b4:86:53:7c:8d:f3:0c:bd:b7:61:d8:8f:5a:3c:e9:66:19:39: 87:3b:32:c0:9b:b0:4b:e0:b4:57:a1:07:43:fe:1c:0e:aa:a6: b1:8f:3c:9c:31:88:68:cb:1b:38:69:d0:68:03:d2:08:02:69: 00:65:a0:ad:c9:58:f3:37:0a:bf:50:72:51:e4:5a:51:17:e7: 5a:11:cf:9e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL51Q6v7E+yqVkfumHX1+w6DRJ/8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0MVoX DTI3MDMwMzA2MTI0MVowMzExMC8GA1UEAxMoNzBDNUUwRUVFQjgxQ0E2NTNCRTZC NDRBRkYxOTFBREIwMUNGNTRBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/W82bmmRt/6zvBh6oHEMoZ4kIBCVuPLvarBt+ocuSbtHCpN+/WpIp4yRIm r7whDSWr4G4179hGKyQ6haVdv4cS2wmA2rCFya55UPz6ikhZ8Kh2XzOX9ecSr1rq aXd9+xbYtHtGL2eJeiOlhXkmKhoJsOx2ptnqI97lDvwqSfe8gxMFFhXIw4OhG0WA QE5JgHc6wD1+XjhILFVCL0YtasqNNNvV1QOaeGoTHuwk/29PS8Mg5cgt5hBnzMON qVAf7JlC2N2vwtrdSWNmGL2z1TIsqQ0koWuDOl82TH1UyH64k3hu7Uw2M7xHPbUe XHuc96Gn1FbcLql2cZohFARihkMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRwxeDu 64HKZTvmtEr/GRrbAc9UpTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYxMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o8IwDQYJKoZIhvcNAQELBQADggEBAK5Tm7HeLi6qNn1/zOWHMUpzShibhJCeX3ps 3k8ZFhcgzc7yLMK0+IdTBLt8c0dNVrN7PpmwGDHBUsP+Gf6W46EaBTNEPlLfGO7F Hh98Poh0s12c5mbHntkX0dsH7Cs3ZrGnp8rmNbCKH4aBOsW7eeeORfO3W1mDEZFE vw/vCZntRYY+vkAe7FUtWOmhrBJVfV0h5Ek/+qilwkhhJYglmqaRKQ5GnZu35KUi mx9BgclnVYPl4rSGU3yN8wy9t2HYj1o86WYZOYc7MsCbsEvgtFehB0P+HA6qprGP PJwxiGjLGzhp0GgD0ggCaQBloK3JWPM3Cr9QclHkWlEX51oRz54= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:12 2026 by rpki-client