$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143633.roa File: AS143633.roa (raw, json) Hash identifier: 61QbWoOFtFO5VfBhVgfVznguoqt32IqI72OIyBRq8Yk= Subject key identifier: EE:44:67:63:2C:20:AD:B6:37:86:30:85:C8:67:E4:65:B9:CB:99:5B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D36A6FA4CC06F1E42764062868230904D249192 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143633.roa Signing time: Wed 04 Mar 2026 06:15:27 +0000 ROA not before: Wed 04 Mar 2026 06:10:27 +0000 ROA not after: Wed 03 Mar 2027 06:15:27 +0000 asID: 143633 IP address blocks: 240a:a3d7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:36:a6:fa:4c:c0:6f:1e:42:76:40:62:86:82:30:90:4d:24:91:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:27 2026 GMT Not After : Mar 3 06:15:27 2027 GMT Subject: CN=EE4467632C20ADB637863085C867E465B9CB995B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:6d:80:1b:4c:16:48:ab:bd:4b:87:a5:43:6f: 38:72:9e:b2:e8:b5:a2:81:62:16:ba:85:f1:8d:c5: ed:23:5d:23:33:2e:3a:b8:fc:3b:28:c3:cc:ff:a4: ba:7a:2b:78:f3:7a:df:69:e5:c1:5e:a0:9a:c4:a9: c6:f7:ca:95:ae:31:b6:1d:ff:f4:f2:8d:96:e6:d8: 58:88:24:ba:dc:c4:26:e7:0e:05:43:f2:56:9f:d8: 79:e0:7c:2c:fd:79:e9:4b:fb:5d:a8:31:70:6e:1d: 7e:c1:4d:30:b3:9f:44:14:16:2c:84:0e:2e:10:85: 63:47:12:ff:6e:ea:5d:9d:7a:4e:75:3f:51:39:1d: a3:fe:81:e8:c7:99:00:56:f2:33:b2:6b:4a:a8:e2: 95:17:33:de:90:fc:be:aa:a1:82:ec:3f:b0:d0:6b: 18:be:fa:54:08:74:82:52:c7:1b:a9:3d:98:d2:7d: 83:dd:59:da:00:2f:e4:6f:d7:0a:c5:56:f4:9f:3f: 41:f7:36:c6:da:76:7c:e2:5b:04:1a:77:dc:75:83: e8:1d:f3:2b:0b:85:fd:f2:ef:3e:f0:d7:15:86:3a: 00:9c:ae:82:a1:5a:52:33:9e:4c:17:7b:d0:9c:a2: c2:e5:e4:f8:9b:8d:61:37:42:79:ea:b2:75:b5:36: 64:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:44:67:63:2C:20:AD:B6:37:86:30:85:C8:67:E4:65:B9:CB:99:5B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143633.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3d7::/32 Signature Algorithm: sha256WithRSAEncryption 8b:91:cb:b0:00:4a:83:d9:92:83:c3:0a:a5:d0:69:44:36:fd: 0f:1e:36:c3:f3:08:bd:19:95:5d:52:c4:4f:5f:8c:7e:f8:e9: 60:c8:cb:2b:e5:27:25:b2:db:54:3d:f9:11:3f:21:80:5b:28: 0f:3e:d6:ae:fa:fa:9a:3e:64:25:48:63:ac:6c:44:e2:00:4e: 9a:7a:06:62:d1:f6:b5:62:2c:83:45:1b:a6:e7:d7:57:d0:79: ca:65:46:5d:22:58:55:5f:ee:5c:c9:bc:66:6d:66:11:3f:c8: 01:02:21:d9:66:df:47:71:97:6c:1a:92:e0:ee:e9:47:2b:d2: ba:d7:70:d8:87:56:fc:4e:61:3f:32:5b:c4:05:56:8a:1c:0a: fa:9e:14:92:b9:1e:73:9a:07:48:ed:f4:dc:d8:6a:9a:60:b2: 7c:4b:b3:3a:c9:a3:ea:85:a0:94:63:06:1d:bf:bc:59:80:72: 5c:8a:d2:98:63:db:8c:e7:d6:fb:ae:be:d5:18:bf:ef:79:71: 04:a8:84:3b:4c:7d:d4:e0:63:fd:74:7b:04:35:2d:24:96:a0: 27:ef:53:28:cb:61:58:34:d4:2c:be:1c:9b:cb:10:33:88:8b: fb:0a:f6:5d:3c:9f:19:f6:30:e3:b0:3e:8e:ae:05:2e:60:09: 45:6c:83:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPTam+kzAbx5CdkBihoIwkE0kkZIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyN1oX DTI3MDMwMzA2MTUyN1owMzExMC8GA1UEAxMoRUU0NDY3NjMyQzIwQURCNjM3ODYz MDg1Qzg2N0U0NjVCOUNCOTk1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIRtgBtMFkirvUuHpUNvOHKesui1ooFiFrqF8Y3F7SNdIzMuOrj8OyjDzP+k unorePN632nlwV6gmsSpxvfKla4xth3/9PKNlubYWIgkutzEJucOBUPyVp/YeeB8 LP156Uv7XagxcG4dfsFNMLOfRBQWLIQOLhCFY0cS/27qXZ16TnU/UTkdo/6B6MeZ AFbyM7JrSqjilRcz3pD8vqqhguw/sNBrGL76VAh0glLHG6k9mNJ9g91Z2gAv5G/X CsVW9J8/Qfc2xtp2fOJbBBp33HWD6B3zKwuF/fLvPvDXFYY6AJyugqFaUjOeTBd7 0JyiwuXk+JuNYTdCeeqydbU2ZNcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTuRGdj LCCttjeGMIXIZ+RlucuZWzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o9cwDQYJKoZIhvcNAQELBQADggEBAIuRy7AASoPZkoPDCqXQaUQ2/Q8eNsPzCL0Z lV1SxE9fjH746WDIyyvlJyWy21Q9+RE/IYBbKA8+1q76+po+ZCVIY6xsROIATpp6 BmLR9rViLINFG6bn11fQecplRl0iWFVf7lzJvGZtZhE/yAECIdlm30dxl2wakuDu 6Ucr0rrXcNiHVvxOYT8yW8QFVoocCvqeFJK5HnOaB0jt9NzYappgsnxLszrJo+qF oJRjBh2/vFmAclyK0phj24zn1vuuvtUYv+95cQSohDtMfdTgY/10ewQ1LSSWoCfv UyjLYVg01Cy+HJvLEDOIi/sK9l08nxn2MOOwPo6uBS5gCUVsgwg= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:01 2026 by rpki-client