$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143618.roa File: AS143618.roa (raw, json) Hash identifier: zoWlE8eLIX394CktPGXYmCUOOG+KOen4m2dnmncZAw8= Subject key identifier: 62:8F:E7:D5:26:47:F5:69:AE:56:D4:5F:45:E0:5D:C6:60:DD:FF:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 20C165B780450691119A5B9CB21855743F8C3937 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143618.roa Signing time: Wed 04 Mar 2026 06:12:32 +0000 ROA not before: Wed 04 Mar 2026 06:07:32 +0000 ROA not after: Wed 03 Mar 2027 06:12:32 +0000 asID: 143618 IP address blocks: 240a:a3c8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:c1:65:b7:80:45:06:91:11:9a:5b:9c:b2:18:55:74:3f:8c:39:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:32 2026 GMT Not After : Mar 3 06:12:32 2027 GMT Subject: CN=628FE7D52647F569AE56D45F45E05DC660DDFFE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:60:db:b8:49:5d:49:72:5a:82:bd:87:2d:46: 09:a1:6f:5d:8f:20:0b:b8:07:18:fd:6b:b6:a4:fa: e7:61:40:d9:29:77:5c:16:70:99:51:99:f3:5d:06: 81:14:7e:ef:fc:7a:87:76:06:00:af:4f:fd:fd:0e: 59:47:19:a6:85:40:40:b5:40:0d:e5:e2:1e:1a:34: bf:60:19:98:1f:fc:1a:b2:53:9b:e0:47:47:2a:10: e5:5e:2c:a4:7f:9c:38:a2:19:07:5c:27:ef:85:c0: 45:35:35:93:f6:c7:41:a8:12:f6:31:aa:77:24:a3: 27:be:dd:f9:2f:7c:b4:9f:02:b8:36:87:0c:c8:0e: db:25:98:24:65:62:88:e8:ec:8c:d8:75:35:f3:65: 5e:e5:5d:fd:2f:54:1f:f9:90:a1:52:52:c2:bb:71: da:64:f3:6c:77:4f:b0:2f:88:44:e8:f1:1c:9c:50: dc:ac:93:f5:3e:d2:0d:6e:17:52:52:b2:2e:c3:af: 43:96:be:8b:6b:8a:7c:68:1a:c7:c7:5f:16:cb:76: 7a:a3:69:1c:e4:ee:87:f1:98:ac:8f:4f:66:5a:11: e3:05:d8:7f:37:98:e9:c7:2c:5a:e4:89:e2:e7:9b: 9f:cd:33:fc:11:22:be:da:cd:5e:e1:e9:b8:b2:fc: b3:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:8F:E7:D5:26:47:F5:69:AE:56:D4:5F:45:E0:5D:C6:60:DD:FF:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143618.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3c8::/32 Signature Algorithm: sha256WithRSAEncryption c9:0b:17:cf:ff:d4:07:b8:38:b7:26:84:87:cd:2e:0a:2c:5d: b9:36:b4:74:1f:9f:58:f2:c5:e0:f4:46:ce:c2:9e:aa:06:f2: 82:2f:c7:23:3c:54:25:e5:b7:ca:83:2d:16:4c:8e:2d:4d:13: d7:5e:e3:ef:c2:29:5b:65:80:6d:79:d7:ce:53:e4:6f:4e:dd: 2c:cf:be:01:9d:f8:47:6f:37:d9:6e:c6:6d:1d:f7:cf:f6:20: ad:e6:88:c7:b8:10:d4:f1:30:82:46:b6:db:b0:9b:46:65:f3: e4:cb:fa:02:24:73:a0:cb:b8:02:6b:94:64:2e:f4:91:4a:8a: 7d:ca:e9:41:34:9f:d6:2c:21:39:a4:46:75:17:7b:38:d0:04: 11:d6:65:7b:93:5c:75:23:e8:fe:6e:12:a5:18:52:4d:82:38: ff:35:a2:f8:b8:97:83:dc:62:e8:f6:0e:c1:f4:63:7e:f6:c4: 23:17:23:98:53:d2:3f:98:bb:e0:77:85:2d:a3:b3:6f:76:2a: 4a:ac:4d:9d:f6:8b:8c:42:0e:a2:9a:78:08:26:4d:41:a6:95: 81:ee:98:89:c9:74:95:ae:5d:ce:95:89:86:bb:db:1d:43:f1: 03:41:e4:32:6b:04:d6:0f:6d:2e:f0:3d:3d:27:d1:ff:38:4b: 72:1f:ac:13 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIMFlt4BFBpERmlucshhVdD+MOTcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczMloX DTI3MDMwMzA2MTIzMlowMzExMC8GA1UEAxMoNjI4RkU3RDUyNjQ3RjU2OUFFNTZE NDVGNDVFMDVEQzY2MERERkZFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdg27hJXUlyWoK9hy1GCaFvXY8gC7gHGP1rtqT652FA2Sl3XBZwmVGZ810G gRR+7/x6h3YGAK9P/f0OWUcZpoVAQLVADeXiHho0v2AZmB/8GrJTm+BHRyoQ5V4s pH+cOKIZB1wn74XARTU1k/bHQagS9jGqdySjJ77d+S98tJ8CuDaHDMgO2yWYJGVi iOjsjNh1NfNlXuVd/S9UH/mQoVJSwrtx2mTzbHdPsC+IROjxHJxQ3KyT9T7SDW4X UlKyLsOvQ5a+i2uKfGgax8dfFst2eqNpHOTuh/GYrI9PZloR4wXYfzeY6ccsWuSJ 4uebn80z/BEivtrNXuHpuLL8szkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRij+fV Jkf1aa5W1F9F4F3GYN3/4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o8gwDQYJKoZIhvcNAQELBQADggEBAMkLF8//1Ae4OLcmhIfNLgosXbk2tHQfn1jy xeD0Rs7CnqoG8oIvxyM8VCXlt8qDLRZMji1NE9de4+/CKVtlgG15185T5G9O3SzP vgGd+EdvN9luxm0d98/2IK3miMe4ENTxMIJGttuwm0Zl8+TL+gIkc6DLuAJrlGQu 9JFKin3K6UE0n9YsITmkRnUXezjQBBHWZXuTXHUj6P5uEqUYUk2COP81ovi4l4Pc Yuj2DsH0Y372xCMXI5hT0j+Yu+B3hS2js292KkqsTZ32i4xCDqKaeAgmTUGmlYHu mInJdJWuXc6ViYa72x1D8QNB5DJrBNYPbS7wPT0n0f84S3IfrBM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:24 2026 by rpki-client