$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143639.roa File: AS143639.roa (raw, json) Hash identifier: Qav49GOcPyzpx6zqYhdH12jLS1/vbZC8evOSfkt33DE= Subject key identifier: A0:46:F9:FF:3B:9E:FE:86:9E:FB:FD:FA:54:50:90:EB:08:61:E5:FD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2741C9F0B78956B82713B0663EA456E4B1D31A5E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143639.roa Signing time: Wed 04 Mar 2026 06:15:09 +0000 ROA not before: Wed 04 Mar 2026 06:10:09 +0000 ROA not after: Wed 03 Mar 2027 06:15:09 +0000 asID: 143639 IP address blocks: 240a:a3dd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:41:c9:f0:b7:89:56:b8:27:13:b0:66:3e:a4:56:e4:b1:d3:1a:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:09 2026 GMT Not After : Mar 3 06:15:09 2027 GMT Subject: CN=A046F9FF3B9EFE869EFBFDFA545090EB0861E5FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f9:62:0f:6b:84:32:b1:a0:b0:1c:cc:09:af: d8:b6:3b:12:70:56:79:21:c6:ef:43:ae:db:c7:98: fd:f2:2c:6b:80:27:c2:66:49:6c:64:ed:60:75:58: d8:c1:28:70:a2:fd:fe:3b:fc:ef:b2:c4:61:08:65: ae:8a:5c:1b:04:5a:ab:0e:08:c4:07:4d:bf:1f:9f: 33:36:44:f5:06:18:2b:94:85:f9:72:b2:98:1f:e6: a7:66:fd:2f:8a:ea:91:86:4c:cb:a1:53:09:e1:c8: 2a:a4:e6:67:57:15:ee:a0:5a:12:e4:10:6d:e9:39: 7c:0d:15:41:78:e2:54:69:d1:aa:df:b5:75:83:a7: 19:89:05:51:c9:f6:f5:c7:97:73:7b:f2:67:9f:41: b8:55:52:d1:9e:44:dd:81:59:95:37:f8:bc:1b:8a: 7a:36:bf:3a:48:85:e4:1a:8f:46:a6:c4:48:80:ad: 43:b7:58:ac:9a:68:c6:a2:68:70:ce:5c:fc:db:04: 93:21:f2:70:74:26:56:5d:dc:26:07:1f:ac:fe:9e: 16:43:2f:0f:8c:0c:a0:a2:6c:7f:ca:5e:8b:9f:a2: fc:61:70:f1:4f:04:88:57:ce:4e:58:a7:d3:93:c3: bc:12:78:e0:2a:c4:f8:94:9c:14:b4:51:0f:5c:a0: e8:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:46:F9:FF:3B:9E:FE:86:9E:FB:FD:FA:54:50:90:EB:08:61:E5:FD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143639.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3dd::/32 Signature Algorithm: sha256WithRSAEncryption 22:b8:21:5b:96:49:26:66:44:3f:2e:a6:48:80:b0:1d:dd:5b: 73:76:84:63:77:21:2b:94:a1:e3:4f:63:c8:b8:03:af:14:88: 99:5c:9b:5c:d0:8e:be:61:9c:92:8f:6a:04:c9:93:29:d7:60: ae:27:81:02:be:8c:2e:04:cf:26:7c:e0:a3:b8:94:13:e9:e1: 7b:0c:b1:b8:ad:88:e2:e3:54:88:be:a6:e5:e1:02:0f:9f:b4: 27:95:aa:38:75:19:e2:20:39:57:d5:0c:c9:ea:8f:8f:f9:05: 90:d4:b1:5f:ee:4e:ec:ea:26:9c:36:6e:d7:15:b6:c3:b9:ef: 8e:4b:49:07:76:91:25:00:35:fb:98:74:e5:7d:17:68:e8:bf: 54:45:08:40:31:d6:50:13:77:d8:8f:a0:d7:d1:a9:e8:38:72: 70:a9:4c:10:ac:1b:ba:b1:e8:df:88:f7:8c:b0:0f:d1:5d:e5: 12:18:e5:5c:c5:88:e0:da:04:c1:44:5f:e6:fa:d6:80:82:49: d3:b0:10:3d:76:77:0b:47:1a:13:28:62:ed:a4:e6:7f:8b:b1: d3:dd:26:8d:b6:80:fc:76:38:39:a6:e8:b3:17:97:6f:87:d1: 9f:e3:06:7d:3b:44:c7:7c:25:ed:8b:03:df:52:0b:f7:12:59: e1:0b:65:aa -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJ0HJ8LeJVrgnE7BmPqRW5LHTGl4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwOVoX DTI3MDMwMzA2MTUwOVowMzExMC8GA1UEAxMoQTA0NkY5RkYzQjlFRkU4NjlFRkJG REZBNTQ1MDkwRUIwODYxRTVGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALL5Yg9rhDKxoLAczAmv2LY7EnBWeSHG70Ou28eY/fIsa4AnwmZJbGTtYHVY 2MEocKL9/jv877LEYQhlropcGwRaqw4IxAdNvx+fMzZE9QYYK5SF+XKymB/mp2b9 L4rqkYZMy6FTCeHIKqTmZ1cV7qBaEuQQbek5fA0VQXjiVGnRqt+1dYOnGYkFUcn2 9ceXc3vyZ59BuFVS0Z5E3YFZlTf4vBuKeja/OkiF5BqPRqbESICtQ7dYrJpoxqJo cM5c/NsEkyHycHQmVl3cJgcfrP6eFkMvD4wMoKJsf8pei5+i/GFw8U8EiFfOTlin 05PDvBJ44CrE+JScFLRRD1yg6GsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSgRvn/ O57+hp77/fpUUJDrCGHl/TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzYzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o90wDQYJKoZIhvcNAQELBQADggEBACK4IVuWSSZmRD8upkiAsB3dW3N2hGN3ISuU oeNPY8i4A68UiJlcm1zQjr5hnJKPagTJkynXYK4ngQK+jC4EzyZ84KO4lBPp4XsM sbitiOLjVIi+puXhAg+ftCeVqjh1GeIgOVfVDMnqj4/5BZDUsV/uTuzqJpw2btcV tsO5745LSQd2kSUANfuYdOV9F2jov1RFCEAx1lATd9iPoNfRqeg4cnCpTBCsG7qx 6N+I94ywD9Fd5RIY5VzFiODaBMFEX+b61oCCSdOwED12dwtHGhMoYu2k5n+LsdPd Jo22gPx2ODmm6LMXl2+H0Z/jBn07RMd8Je2LA99SC/cSWeELZao= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:28 2026 by rpki-client