$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143621.roa File: AS143621.roa (raw, json) Hash identifier: sUE08r+X84rDEhx+EXLQvdhmft7Hf5kjYwjcYcMgYTA= Subject key identifier: 4F:A0:40:BC:7F:F6:73:B6:F8:63:65:05:3F:C3:73:22:04:9E:85:88 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 65206F045A183844355FCDD046AE06AD7C1B87CC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143621.roa Signing time: Wed 04 Mar 2026 06:14:20 +0000 ROA not before: Wed 04 Mar 2026 06:09:20 +0000 ROA not after: Wed 03 Mar 2027 06:14:20 +0000 asID: 143621 IP address blocks: 240a:a3cb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:20:6f:04:5a:18:38:44:35:5f:cd:d0:46:ae:06:ad:7c:1b:87:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:20 2026 GMT Not After : Mar 3 06:14:20 2027 GMT Subject: CN=4FA040BC7FF673B6F86365053FC37322049E8588 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:71:f3:00:cf:ed:3c:fd:aa:57:07:30:b2:91: 7d:2e:5f:c4:93:1c:e8:9e:64:bc:69:7a:46:5d:15: f3:f1:a9:9c:69:ca:e3:ce:7d:49:0d:0b:fe:e0:94: 18:97:68:dd:79:a8:dd:ef:b1:d2:56:70:95:ba:2b: ad:39:52:8e:3c:8b:59:dc:9d:21:b0:36:30:91:fb: 13:93:e6:77:da:99:f1:9f:11:49:15:df:ed:98:3c: 8f:54:27:22:2c:b3:ce:26:3c:5a:b0:f9:a2:16:fe: 2f:9a:a9:0b:2a:90:05:02:28:43:65:bd:20:0b:66: 6a:c9:40:6f:03:76:50:11:b0:ad:46:21:55:47:2b: a4:de:5d:8e:f8:59:f7:2e:53:b0:c4:7d:ba:e0:f2: c8:28:13:5f:9d:92:73:4e:1d:bc:44:70:7d:cd:6f: 32:4b:35:dc:d7:ca:6d:25:62:db:97:8e:ac:65:46: 0d:05:6d:2a:6d:e8:07:20:98:23:54:e7:e1:26:ba: 61:e3:a5:84:68:5d:af:11:be:06:a4:94:86:70:f8: 64:1d:23:c3:b7:f7:a8:00:fb:9c:eb:26:1e:29:57: ed:13:9d:30:e2:c4:ba:8d:5f:cb:54:72:97:5e:f7: f7:81:cf:9d:08:cd:8f:8d:e4:37:aa:99:4d:65:6e: 76:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:A0:40:BC:7F:F6:73:B6:F8:63:65:05:3F:C3:73:22:04:9E:85:88 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3cb::/32 Signature Algorithm: sha256WithRSAEncryption 71:7b:7b:42:92:ab:a3:4d:d0:98:f9:f4:31:9d:04:bb:fb:4d: 5d:c8:d6:cb:07:98:94:ae:b0:86:1f:bb:79:25:da:0f:f0:bb: 6c:17:30:e8:8a:97:36:65:64:29:42:8e:14:e5:80:db:cb:a2: ad:d9:37:11:cf:f7:2b:da:bf:fc:9e:e8:1c:09:ce:eb:e9:02: c4:ae:c0:6a:65:43:13:3d:ff:9c:bf:ac:be:50:a9:d3:d6:93: d8:93:25:52:7b:80:62:d5:90:ca:df:a5:75:15:5c:b6:45:eb: 0a:b0:db:3a:7a:89:da:c6:41:55:ef:4c:06:66:78:bf:12:96: d6:c7:fd:82:6d:72:bb:81:8b:d7:67:96:95:6f:04:1d:40:08: e5:68:e2:3c:27:7e:14:af:44:56:37:03:0d:2b:51:e7:89:f7: b7:d4:7b:04:b5:b9:26:71:2d:50:2e:8a:39:af:2e:26:d1:55: 19:5c:00:62:fc:a6:f9:58:33:78:c9:d7:b0:ba:43:11:97:99: f7:26:46:21:03:70:44:bb:82:d7:97:07:7f:88:04:eb:dc:1d: bd:a5:60:ec:24:cd:6b:88:89:1a:ab:80:f1:16:36:b6:2f:4c: 97:9f:53:97:23:d6:61:1c:36:4e:63:9b:69:1c:8f:c7:12:d4: 9b:62:92:d5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZSBvBFoYOEQ1X83QRq4GrXwbh8wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyMFoX DTI3MDMwMzA2MTQyMFowMzExMC8GA1UEAxMoNEZBMDQwQkM3RkY2NzNCNkY4NjM2 NTA1M0ZDMzczMjIwNDlFODU4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN1x8wDP7Tz9qlcHMLKRfS5fxJMc6J5kvGl6Rl0V8/GpnGnK4859SQ0L/uCU GJdo3Xmo3e+x0lZwlborrTlSjjyLWdydIbA2MJH7E5Pmd9qZ8Z8RSRXf7Zg8j1Qn IiyzziY8WrD5ohb+L5qpCyqQBQIoQ2W9IAtmaslAbwN2UBGwrUYhVUcrpN5djvhZ 9y5TsMR9uuDyyCgTX52Sc04dvERwfc1vMks13NfKbSVi25eOrGVGDQVtKm3oByCY I1Tn4Sa6YeOlhGhdrxG+BqSUhnD4ZB0jw7f3qAD7nOsmHilX7ROdMOLEuo1fy1Ry l17394HPnQjNj43kN6qZTWVudl0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRPoEC8 f/ZztvhjZQU/w3MiBJ6FiDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o8swDQYJKoZIhvcNAQELBQADggEBAHF7e0KSq6NN0Jj59DGdBLv7TV3I1ssHmJSu sIYfu3kl2g/wu2wXMOiKlzZlZClCjhTlgNvLoq3ZNxHP9yvav/ye6BwJzuvpAsSu wGplQxM9/5y/rL5QqdPWk9iTJVJ7gGLVkMrfpXUVXLZF6wqw2zp6idrGQVXvTAZm eL8SltbH/YJtcruBi9dnlpVvBB1ACOVo4jwnfhSvRFY3Aw0rUeeJ97fUewS1uSZx LVAuijmvLibRVRlcAGL8pvlYM3jJ17C6QxGXmfcmRiEDcES7gteXB3+IBOvcHb2l YOwkzWuIiRqrgPEWNrYvTJefU5cj1mEcNk5jm2kcj8cS1JtiktU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:44 2026 by rpki-client