$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143640.roa File: AS143640.roa (raw, json) Hash identifier: WU/SESR98QZcVqwnhqyKOB+XKl8xgoGfes3oY/GCF8E= Subject key identifier: 30:1F:CD:B2:08:A2:E8:3C:C3:C1:90:FC:38:E8:DD:65:7B:E5:01:92 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3CDD5288EC021F1B63EDA508C92CDEEB868F0855 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143640.roa Signing time: Wed 04 Mar 2026 06:13:04 +0000 ROA not before: Wed 04 Mar 2026 06:08:04 +0000 ROA not after: Wed 03 Mar 2027 06:13:04 +0000 asID: 143640 IP address blocks: 240a:a3de::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:dd:52:88:ec:02:1f:1b:63:ed:a5:08:c9:2c:de:eb:86:8f:08:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:04 2026 GMT Not After : Mar 3 06:13:04 2027 GMT Subject: CN=301FCDB208A2E83CC3C190FC38E8DD657BE50192 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:93:4a:77:d6:b2:cf:09:35:11:34:84:50:fc: 27:f9:34:2a:90:27:75:2c:87:98:7c:d7:75:39:7c: 2a:fd:f9:15:c5:e8:88:cb:2d:3e:4a:e8:46:1f:6b: 49:0b:47:a4:a8:b1:61:78:9d:de:a3:e1:b1:d7:7b: cb:52:82:a1:a8:f4:7b:1f:1d:6f:ac:3a:6c:78:71: 71:cf:47:62:da:b5:4a:9a:19:b5:d1:6f:ed:7d:da: 6d:a4:79:61:b5:16:e7:20:33:d7:0d:aa:dc:ef:0e: cb:41:3e:57:39:d6:43:6f:e4:6a:39:13:af:fc:be: 14:78:70:03:42:1b:2d:60:fc:61:5a:68:bf:33:5a: 1b:71:10:5d:07:a7:6e:63:0d:a2:50:3d:89:bb:db: 99:d7:c0:ae:68:96:c3:9d:3e:9b:be:b8:30:cf:a7: a9:44:d3:4f:e1:2c:1b:d9:fd:91:49:c9:6c:b8:6e: d9:bc:a3:00:5e:cc:38:0f:26:42:68:2c:6c:e7:62: 60:5a:89:5e:af:c9:de:11:7c:ae:88:0e:19:5e:7a: b8:f9:c2:34:ca:a9:13:8d:78:fc:63:21:3e:10:16: ef:05:e2:fb:5b:70:fb:fc:ac:8f:49:f0:c6:09:c9: 61:4f:d0:c4:50:21:29:cf:77:af:51:da:63:56:79: 3a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:1F:CD:B2:08:A2:E8:3C:C3:C1:90:FC:38:E8:DD:65:7B:E5:01:92 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143640.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3de::/32 Signature Algorithm: sha256WithRSAEncryption 49:2d:11:bd:57:3c:46:4f:8f:69:74:74:7b:d2:10:7d:6e:71: 5f:a4:51:49:16:90:1b:b9:1a:17:da:64:b9:d0:d1:ec:c9:e1: b1:70:c3:b8:4a:d0:cd:fd:df:3c:e8:5a:c3:15:94:ea:c7:16: a3:85:a6:95:a2:08:17:dc:37:b4:84:84:1b:c3:e4:09:25:09: 69:eb:43:a9:78:db:aa:3c:00:ed:79:f9:5c:87:15:4e:e6:0e: 5c:ff:23:45:9b:7c:d5:42:36:f0:a3:db:e4:d5:ab:bc:5d:b7: f0:eb:8a:ba:21:f5:c0:ee:75:29:94:9c:08:d9:0f:d9:e2:a6: 64:7a:9a:4d:95:5e:99:02:f6:2a:25:63:64:51:a3:d3:a5:86: 2a:92:14:5b:ce:cd:a1:fb:1d:15:00:bc:01:a0:99:db:31:9c: e8:88:b5:d8:07:a0:70:37:6f:eb:1c:2e:3c:0b:13:02:b2:2a: a9:79:96:d2:73:2f:89:19:31:29:ef:02:43:29:d0:bc:dc:a9: 7e:9b:1b:3c:32:60:08:2f:45:56:1a:a3:4b:da:74:95:66:a9: 89:37:d6:0f:74:91:99:b6:cf:a4:b4:75:07:5f:9d:98:84:34: 39:b1:bd:8f:5c:76:75:39:0d:13:67:23:7c:ff:66:8c:fc:9c: 33:62:41:26 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPN1SiOwCHxtj7aUIySze64aPCFUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwNFoX DTI3MDMwMzA2MTMwNFowMzExMC8GA1UEAxMoMzAxRkNEQjIwOEEyRTgzQ0MzQzE5 MEZDMzhFOERENjU3QkU1MDE5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALyTSnfWss8JNRE0hFD8J/k0KpAndSyHmHzXdTl8Kv35FcXoiMstPkroRh9r SQtHpKixYXid3qPhsdd7y1KCoaj0ex8db6w6bHhxcc9HYtq1SpoZtdFv7X3abaR5 YbUW5yAz1w2q3O8Oy0E+VznWQ2/kajkTr/y+FHhwA0IbLWD8YVpovzNaG3EQXQen bmMNolA9ibvbmdfArmiWw50+m764MM+nqUTTT+EsG9n9kUnJbLhu2byjAF7MOA8m QmgsbOdiYFqJXq/J3hF8rogOGV56uPnCNMqpE414/GMhPhAW7wXi+1tw+/ysj0nw xgnJYU/QxFAhKc93r1HaY1Z5Oj8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQwH82y CKLoPMPBkPw46N1le+UBkjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o94wDQYJKoZIhvcNAQELBQADggEBAEktEb1XPEZPj2l0dHvSEH1ucV+kUUkWkBu5 GhfaZLnQ0ezJ4bFww7hK0M393zzoWsMVlOrHFqOFppWiCBfcN7SEhBvD5AklCWnr Q6l426o8AO15+VyHFU7mDlz/I0WbfNVCNvCj2+TVq7xdt/Driroh9cDudSmUnAjZ D9nipmR6mk2VXpkC9iolY2RRo9OlhiqSFFvOzaH7HRUAvAGgmdsxnOiItdgHoHA3 b+scLjwLEwKyKql5ltJzL4kZMSnvAkMp0LzcqX6bGzwyYAgvRVYao0vadJVmqYk3 1g90kZm2z6S0dQdfnZiENDmxvY9cdnU5DRNnI3z/Zoz8nDNiQSY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:30 2026 by rpki-client