$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143631.roa File: AS143631.roa (raw, json) Hash identifier: NCzJ0Gkc0Cbg8FylMaSxP+tAnwaUE4dGxwQpzhz1aj8= Subject key identifier: 6A:78:15:D4:B3:A9:C5:B7:D8:CB:0D:4B:B9:AA:41:95:E2:DF:7F:05 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 212348C3B574FEE1B0EEEA5B37A8FB14EF4A93C8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143631.roa Signing time: Wed 04 Mar 2026 06:14:04 +0000 ROA not before: Wed 04 Mar 2026 06:09:04 +0000 ROA not after: Wed 03 Mar 2027 06:14:04 +0000 asID: 143631 IP address blocks: 240a:a3d5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:23:48:c3:b5:74:fe:e1:b0:ee:ea:5b:37:a8:fb:14:ef:4a:93:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:04 2026 GMT Not After : Mar 3 06:14:04 2027 GMT Subject: CN=6A7815D4B3A9C5B7D8CB0D4BB9AA4195E2DF7F05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ac:68:4e:c7:39:48:68:cf:0a:f2:b8:d5:89: 50:6c:4a:28:9f:cb:15:c6:e0:e8:7c:bd:5a:c6:a9: 7a:71:0e:04:0c:5a:48:7f:70:78:e7:07:65:46:4b: 65:32:4d:79:d7:d9:7b:b7:25:3e:75:56:af:9b:41: 6f:59:e3:ca:ea:2a:27:31:30:24:4a:6d:0f:3a:8c: d9:cb:5e:94:f5:0b:b2:04:37:cb:a2:15:0a:f0:46: 3e:84:60:10:0b:6e:e0:85:37:5f:29:13:b9:1a:d1: f9:8a:39:11:ed:19:7d:02:6f:6f:71:1f:36:88:60: de:d7:3b:3e:be:f4:7c:7c:32:90:11:9e:37:03:4b: 26:b9:7e:e8:bb:f5:ec:1c:2c:b1:87:3f:d4:db:b8: 20:4a:24:2c:75:7c:66:60:c8:8e:56:0e:da:d4:7b: 7b:f8:08:3e:48:b2:e7:77:cc:98:09:7d:68:94:99: 44:ff:f8:03:27:49:11:59:89:ea:0b:ef:87:29:1a: ad:a4:50:0a:66:f3:2a:03:83:53:72:cd:02:e5:1d: 5d:16:fa:4d:37:26:a4:50:a5:7b:91:bb:bf:aa:cf: ec:ff:49:4e:b3:65:11:1f:72:ec:39:3c:f1:60:04: 70:8f:a8:c3:9c:a7:fc:07:80:ee:a9:8b:2d:f0:be: d6:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:78:15:D4:B3:A9:C5:B7:D8:CB:0D:4B:B9:AA:41:95:E2:DF:7F:05 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143631.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3d5::/32 Signature Algorithm: sha256WithRSAEncryption 8c:f0:f8:13:c2:33:43:08:c6:9a:81:04:ed:f2:df:46:6b:d5: a0:b2:13:d1:f4:09:73:3a:df:05:1b:8d:cd:0a:66:33:c3:c7: 9e:20:31:da:ec:b2:52:b8:7d:d0:3d:d7:93:49:04:3e:d3:73: b6:a7:ff:6c:bd:13:4c:a2:d3:5b:e1:88:64:81:7f:4f:7d:34: 17:10:b8:86:c1:13:69:3d:ca:50:fb:db:eb:26:a5:96:2c:bf: 1e:24:94:f3:27:c7:93:af:25:7e:74:d4:14:0f:a9:41:3c:eb: c0:7f:3e:c5:24:43:89:70:2d:1a:a9:e4:56:94:69:1a:49:8e: aa:23:2c:d8:95:c0:9c:53:ef:0c:95:f6:fe:76:c7:1c:ea:40: 67:15:83:21:bb:af:67:1c:d6:ea:1c:16:4e:f0:2d:31:82:d7: f5:83:05:ba:b4:95:d8:b7:09:ac:eb:14:20:6d:88:9d:1a:77: 5d:3e:ba:02:23:d5:8d:72:23:3c:db:9b:4d:e4:6f:9a:c5:61: f2:ab:43:47:ed:b7:ea:05:76:64:51:ba:a6:08:14:79:a6:14: 91:90:8d:f3:66:51:75:57:95:87:1f:29:1d:73:47:35:db:f0: e1:a7:9b:dc:eb:9f:a7:7d:b8:70:e7:82:c0:61:2a:a1:4e:52: 83:53:1c:de -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUISNIw7V0/uGw7upbN6j7FO9Kk8gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwNFoX DTI3MDMwMzA2MTQwNFowMzExMC8GA1UEAxMoNkE3ODE1RDRCM0E5QzVCN0Q4Q0Iw RDRCQjlBQTQxOTVFMkRGN0YwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMWsaE7HOUhozwryuNWJUGxKKJ/LFcbg6Hy9WsapenEOBAxaSH9weOcHZUZL ZTJNedfZe7clPnVWr5tBb1njyuoqJzEwJEptDzqM2ctelPULsgQ3y6IVCvBGPoRg EAtu4IU3XykTuRrR+Yo5Ee0ZfQJvb3EfNohg3tc7Pr70fHwykBGeNwNLJrl+6Lv1 7BwssYc/1Nu4IEokLHV8ZmDIjlYO2tR7e/gIPkiy53fMmAl9aJSZRP/4AydJEVmJ 6gvvhykaraRQCmbzKgODU3LNAuUdXRb6TTcmpFCle5G7v6rP7P9JTrNlER9y7Dk8 8WAEcI+ow5yn/AeA7qmLLfC+1n8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRqeBXU s6nFt9jLDUu5qkGV4t9/BTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o9UwDQYJKoZIhvcNAQELBQADggEBAIzw+BPCM0MIxpqBBO3y30Zr1aCyE9H0CXM6 3wUbjc0KZjPDx54gMdrsslK4fdA915NJBD7Tc7an/2y9E0yi01vhiGSBf099NBcQ uIbBE2k9ylD72+smpZYsvx4klPMnx5OvJX501BQPqUE868B/PsUkQ4lwLRqp5FaU aRpJjqojLNiVwJxT7wyV9v52xxzqQGcVgyG7r2cc1uocFk7wLTGC1/WDBbq0ldi3 CazrFCBtiJ0ad10+ugIj1Y1yIzzbm03kb5rFYfKrQ0ftt+oFdmRRuqYIFHmmFJGQ jfNmUXVXlYcfKR1zRzXb8OGnm9zrn6d9uHDngsBhKqFOUoNTHN4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:02 2026 by rpki-client