$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143625.roa File: AS143625.roa (raw, json) Hash identifier: qVIOLqwxw9c/5YKSNT7ToHOrLFvA2lhx0/il6D9bE60= Subject key identifier: DB:55:C8:0E:E6:93:CE:87:AD:63:25:82:BE:23:AD:AA:37:D3:6B:21 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E3E4090839718ACA511EFFF274959119BF668F5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143625.roa Signing time: Wed 04 Mar 2026 06:14:13 +0000 ROA not before: Wed 04 Mar 2026 06:09:13 +0000 ROA not after: Wed 03 Mar 2027 06:14:13 +0000 asID: 143625 IP address blocks: 240a:a3cf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:3e:40:90:83:97:18:ac:a5:11:ef:ff:27:49:59:11:9b:f6:68:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:13 2026 GMT Not After : Mar 3 06:14:13 2027 GMT Subject: CN=DB55C80EE693CE87AD632582BE23ADAA37D36B21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:1d:51:5d:3d:90:17:9e:c2:2a:6f:6e:20:ce: a3:88:78:74:c7:3a:ba:65:90:43:b9:97:3f:b0:48: 55:30:24:6a:76:5c:42:96:06:1f:55:df:79:4c:cc: 4b:df:7f:bf:7c:90:8c:85:19:49:1b:cd:ac:cb:1d: ce:8f:08:85:bf:85:85:4a:e4:16:ba:4d:fd:a3:79: 7e:15:bc:18:3b:8d:f3:69:7a:40:c5:6f:08:02:7d: d0:18:bc:39:75:ef:62:f2:b4:2f:92:46:47:5d:76: 02:49:e6:8d:5b:1e:8e:8a:e8:0b:59:ca:00:65:1e: aa:ad:7c:aa:bf:67:87:a0:31:49:fb:71:5b:ba:e7: 6e:a1:3b:cd:5c:e7:3d:a0:83:b1:36:a1:bc:92:c7: 9f:08:b8:41:7c:7a:1b:7b:eb:79:70:ae:3c:49:71: 20:ab:ee:9a:d4:99:6a:7c:dc:c7:ce:7b:02:fa:25: 2e:96:87:00:46:bd:53:15:87:68:a5:52:dd:7f:47: ff:0b:d0:2d:2a:fb:f4:b3:20:05:41:20:21:12:a2: 69:44:5c:ac:5f:a6:5c:34:e9:83:33:ec:9f:45:0d: 60:a8:47:39:0e:51:1b:e4:30:67:96:75:5f:80:01: 33:5a:b0:fa:36:5a:c0:d7:19:96:e5:a7:26:aa:10: ff:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:55:C8:0E:E6:93:CE:87:AD:63:25:82:BE:23:AD:AA:37:D3:6B:21 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143625.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3cf::/32 Signature Algorithm: sha256WithRSAEncryption c9:7a:79:57:c2:49:e1:7a:99:ff:f5:b8:8e:cd:d0:43:dd:c4: fb:9d:b8:89:7f:13:81:69:88:5a:3b:66:d9:a6:92:ca:0f:f6: 43:fd:c0:e1:d4:ef:5b:41:f4:81:d4:d4:30:dd:6a:71:cf:1a: 7b:41:ed:80:f6:0c:e8:ca:13:e8:29:12:ae:ba:20:21:c5:0a: 65:62:0c:20:27:87:42:8b:52:ea:b6:f8:d0:0a:ca:d6:14:2c: 0f:a0:c9:f3:82:8b:b7:55:ff:ae:0a:da:0f:df:56:f6:35:49: 45:11:dd:b1:1e:30:07:0d:bb:a7:3c:bc:b3:f6:0e:47:6c:2c: eb:0b:10:ea:71:35:55:66:a9:c3:3f:c7:6d:04:3a:6b:0d:38: ef:47:1a:9b:5e:18:81:a1:67:f9:97:84:f3:65:89:1a:7d:2e: d0:c9:e4:2e:c8:8e:42:0e:e5:57:38:ca:3f:41:bb:e1:9d:2b: 7e:01:08:6f:34:75:f3:2a:50:57:8c:86:ec:86:6a:90:57:ca: 6f:fa:0c:ce:52:00:33:3c:f4:c4:53:11:a3:2e:61:8c:31:22: 19:6e:60:5c:f2:2f:42:95:10:71:1d:78:67:ca:5c:97:ae:80: 3f:4b:bf:16:40:68:b1:1a:6f:95:9e:12:97:83:34:f1:e1:90: 18:ba:c2:84 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHj5AkIOXGKylEe//J0lZEZv2aPUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxM1oX DTI3MDMwMzA2MTQxM1owMzExMC8GA1UEAxMoREI1NUM4MEVFNjkzQ0U4N0FENjMy NTgyQkUyM0FEQUEzN0QzNkIyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJEdUV09kBeewipvbiDOo4h4dMc6umWQQ7mXP7BIVTAkanZcQpYGH1XfeUzM S99/v3yQjIUZSRvNrMsdzo8Ihb+FhUrkFrpN/aN5fhW8GDuN82l6QMVvCAJ90Bi8 OXXvYvK0L5JGR112AknmjVsejoroC1nKAGUeqq18qr9nh6AxSftxW7rnbqE7zVzn PaCDsTahvJLHnwi4QXx6G3vreXCuPElxIKvumtSZanzcx857AvolLpaHAEa9UxWH aKVS3X9H/wvQLSr79LMgBUEgIRKiaURcrF+mXDTpgzPsn0UNYKhHOQ5RG+QwZ5Z1 X4ABM1qw+jZawNcZluWnJqoQ/28CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTbVcgO 5pPOh61jJYK+I62qN9NrITAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o88wDQYJKoZIhvcNAQELBQADggEBAMl6eVfCSeF6mf/1uI7N0EPdxPuduIl/E4Fp iFo7ZtmmksoP9kP9wOHU71tB9IHU1DDdanHPGntB7YD2DOjKE+gpEq66ICHFCmVi DCAnh0KLUuq2+NAKytYULA+gyfOCi7dV/64K2g/fVvY1SUUR3bEeMAcNu6c8vLP2 DkdsLOsLEOpxNVVmqcM/x20EOmsNOO9HGpteGIGhZ/mXhPNliRp9LtDJ5C7IjkIO 5Vc4yj9Bu+GdK34BCG80dfMqUFeMhuyGapBXym/6DM5SADM89MRTEaMuYYwxIhlu YFzyL0KVEHEdeGfKXJeugD9LvxZAaLEab5WeEpeDNPHhkBi6woQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:03 2026 by rpki-client