$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143628.roa File: AS143628.roa (raw, json) Hash identifier: q771mR4IszdRyLyxGIUPUYBWmQA1CXaUF6ISGJ2NxJo= Subject key identifier: 31:CD:1F:5C:85:2C:DD:C7:DA:88:87:9F:69:A8:C1:04:B5:D9:88:A9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 288566CD59087DECF9F4EF31E63D2529E10176CC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143628.roa Signing time: Wed 04 Mar 2026 06:12:33 +0000 ROA not before: Wed 04 Mar 2026 06:07:33 +0000 ROA not after: Wed 03 Mar 2027 06:12:33 +0000 asID: 143628 IP address blocks: 240a:a3d2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:85:66:cd:59:08:7d:ec:f9:f4:ef:31:e6:3d:25:29:e1:01:76:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:33 2026 GMT Not After : Mar 3 06:12:33 2027 GMT Subject: CN=31CD1F5C852CDDC7DA88879F69A8C104B5D988A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:4b:8d:90:d1:3f:73:63:3c:43:26:67:f0:02: 8c:e2:e3:c3:3a:3b:38:5b:3f:f2:c7:a6:95:5f:ab: a8:ff:bd:01:71:91:5a:14:3e:bc:be:42:5d:0a:6c: 7b:7e:90:3a:52:3b:32:8b:b7:1b:18:e1:79:ac:c2: c6:32:11:a6:19:27:88:a4:e1:83:a6:0c:26:8e:83: 1e:df:0d:75:ed:f4:9e:83:c6:59:7b:43:b2:f4:f7: ae:d4:64:24:56:d7:00:7b:ad:a7:83:9c:08:c0:dc: 20:c2:fa:ec:50:12:64:08:41:44:22:06:ee:bd:45: a1:9f:5f:df:a8:65:bc:63:0b:5f:40:f6:0b:24:ea: 9f:59:c7:6f:c4:71:96:f7:ec:79:b3:fc:ca:a1:cd: b0:56:3b:b8:a2:1e:82:a1:c9:48:29:d1:cd:ca:c9: 52:62:24:b3:8b:5c:cc:2d:28:15:1e:c7:9d:7b:e7: 9e:5a:89:fc:ed:1b:a6:60:38:94:f8:e7:83:46:07: f3:68:86:20:dd:ab:ed:dc:96:d7:23:ae:4d:08:ac: 88:8a:92:de:01:08:5e:80:0e:db:69:89:4a:92:2c: 30:6c:8d:1a:5e:c5:08:56:06:27:ca:d5:cc:dd:27: 94:60:aa:62:84:18:ea:04:93:00:27:38:af:8f:21: a9:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:CD:1F:5C:85:2C:DD:C7:DA:88:87:9F:69:A8:C1:04:B5:D9:88:A9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143628.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3d2::/32 Signature Algorithm: sha256WithRSAEncryption 59:92:0f:0f:c0:21:56:61:6f:f6:0d:fc:45:78:14:4d:7e:72: 93:02:61:3e:b4:57:63:16:2f:34:1d:10:39:bb:8a:5c:f2:0d: fc:85:83:dc:74:bf:93:ca:6f:aa:d8:49:04:ff:44:26:07:bd: d9:f0:a4:2e:65:9c:21:ef:73:25:10:36:a5:ea:00:1d:97:ee: b8:4d:fb:aa:42:c6:9d:4f:1d:49:a8:2b:6a:32:80:da:e2:12: 2f:d6:9f:90:78:1c:06:d4:49:12:93:ca:c4:af:37:21:b0:0b: b1:da:a8:cd:17:bc:14:a7:9c:3c:22:9b:65:b6:f6:37:a2:ed: e0:8b:da:ae:2b:51:db:95:c8:b7:c5:cb:95:ca:e3:45:5f:1c: 45:31:80:9d:07:9c:f8:6a:23:fc:55:a9:4a:3a:c0:74:94:d5: 45:a6:ac:3b:28:f8:19:20:62:59:55:c3:99:5b:c0:26:d6:29: 1a:4b:1e:a9:9a:d8:75:df:ff:bd:c5:9b:eb:34:bd:a5:27:5e: 83:dc:d3:66:b1:2b:20:35:0e:be:3c:c0:50:f0:f1:7a:16:06: d7:e0:b9:c6:bc:ad:c6:5a:10:77:43:38:f3:73:9d:61:ab:e2: 27:60:f1:7a:c5:de:50:96:ee:52:38:2f:0f:53:07:df:e9:2e: 2b:65:14:c1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKIVmzVkIfez59O8x5j0lKeEBdswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczM1oX DTI3MDMwMzA2MTIzM1owMzExMC8GA1UEAxMoMzFDRDFGNUM4NTJDRERDN0RBODg4 NzlGNjlBOEMxMDRCNUQ5ODhBOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO5LjZDRP3NjPEMmZ/ACjOLjwzo7OFs/8semlV+rqP+9AXGRWhQ+vL5CXQps e36QOlI7Mou3GxjheazCxjIRphkniKThg6YMJo6DHt8Nde30noPGWXtDsvT3rtRk JFbXAHutp4OcCMDcIML67FASZAhBRCIG7r1FoZ9f36hlvGMLX0D2CyTqn1nHb8Rx lvfsebP8yqHNsFY7uKIegqHJSCnRzcrJUmIks4tczC0oFR7HnXvnnlqJ/O0bpmA4 lPjng0YH82iGIN2r7dyW1yOuTQisiIqS3gEIXoAO22mJSpIsMGyNGl7FCFYGJ8rV zN0nlGCqYoQY6gSTACc4r48hqU8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQxzR9c hSzdx9qIh59pqMEEtdmIqTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o9IwDQYJKoZIhvcNAQELBQADggEBAFmSDw/AIVZhb/YN/EV4FE1+cpMCYT60V2MW LzQdEDm7ilzyDfyFg9x0v5PKb6rYSQT/RCYHvdnwpC5lnCHvcyUQNqXqAB2X7rhN +6pCxp1PHUmoK2oygNriEi/Wn5B4HAbUSRKTysSvNyGwC7HaqM0XvBSnnDwim2W2 9jei7eCL2q4rUduVyLfFy5XK40VfHEUxgJ0HnPhqI/xVqUo6wHSU1UWmrDso+Bkg YllVw5lbwCbWKRpLHqma2HXf/73Fm+s0vaUnXoPc02axKyA1Dr48wFDw8XoWBtfg uca8rcZaEHdDOPNznWGr4idg8XrF3lCW7lI4Lw9TB9/pLitlFME= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:39 2026 by rpki-client