$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143643.roa File: AS143643.roa (raw, json) Hash identifier: l7jiGE9L9/+lJOrwwDPOMCxq/S3EDtmbBZPoU1xV0GE= Subject key identifier: CD:BB:AD:D7:23:ED:56:BE:C1:B5:18:97:57:08:76:0F:9B:9C:48:3E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5D478C3CA9ECB567AC79D81B20B98037168B53BC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143643.roa Signing time: Wed 04 Mar 2026 06:15:35 +0000 ROA not before: Wed 04 Mar 2026 06:10:35 +0000 ROA not after: Wed 03 Mar 2027 06:15:35 +0000 asID: 143643 IP address blocks: 240a:a3e1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:47:8c:3c:a9:ec:b5:67:ac:79:d8:1b:20:b9:80:37:16:8b:53:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:35 2026 GMT Not After : Mar 3 06:15:35 2027 GMT Subject: CN=CDBBADD723ED56BEC1B518975708760F9B9C483E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:64:d5:1b:ce:cd:a2:f5:56:71:09:0d:89:74: d1:3d:a6:d2:d9:12:9b:c8:86:75:52:32:1a:c4:aa: b9:61:9d:e8:e7:82:4a:08:31:ec:23:1d:20:fe:9c: 23:56:5f:56:23:68:f8:2d:98:65:d6:27:6c:32:aa: ab:7f:26:b1:73:1b:56:e0:ad:00:e7:7b:b1:b4:d0: bb:fd:c2:58:cf:9c:58:14:d6:50:47:4d:17:79:aa: 99:eb:8c:17:c8:34:f8:5a:6b:3e:dd:b8:3a:e0:ca: 3f:a7:bd:8f:2d:bb:61:b7:b6:14:b6:dc:12:5e:1a: d7:d1:57:62:23:77:6b:5e:e1:1c:24:4b:5e:21:d0: be:60:29:d5:7f:68:5f:f9:1e:cd:8b:d5:27:06:dc: 2d:03:a9:55:f3:bb:62:3d:1e:c6:28:cd:a0:a2:25: 00:72:1f:47:4e:20:25:23:a3:ea:c3:a0:62:9f:29: 73:88:76:41:25:32:a0:d4:6a:a0:55:ff:0c:09:d1: 28:6f:b1:1c:ac:58:18:cf:81:73:e0:16:b3:49:a9: 1a:19:72:49:5d:42:17:b3:71:00:e6:23:d9:68:50: e2:71:97:02:07:04:f8:ed:13:2a:83:f8:f5:cb:af: 85:f9:e6:46:09:99:9e:73:6f:77:7f:6b:08:9c:9d: 24:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:BB:AD:D7:23:ED:56:BE:C1:B5:18:97:57:08:76:0F:9B:9C:48:3E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143643.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3e1::/32 Signature Algorithm: sha256WithRSAEncryption 46:c9:15:49:78:c7:58:9c:f2:ea:04:e5:91:40:5f:b0:1c:41: 8b:dd:0f:34:de:21:95:09:58:d2:ce:27:8d:56:5e:7f:31:d4: 0f:80:a8:54:68:b0:8a:77:c5:c6:3c:f2:80:85:23:6e:11:71: f2:c6:a5:58:a8:3f:1c:f9:7e:7a:fd:c7:8b:48:9a:5f:6d:b1: c4:59:3a:6d:19:90:5d:2c:e9:a9:da:3c:d1:12:a3:d0:39:4a: 14:6f:7e:83:45:66:5b:10:db:45:70:4f:7d:63:e6:5e:f3:84: 63:75:9e:44:52:4b:09:7b:77:53:98:f3:7a:a9:8e:24:3e:35: e6:34:88:69:f0:cb:3c:1f:13:f1:a1:df:b1:5d:01:d1:90:53: e3:cc:73:94:de:8b:0a:2e:72:e3:7e:e2:c9:5d:0f:45:9b:6b: 71:cf:c3:45:d1:fe:4d:8c:34:e4:4d:79:42:40:e7:eb:85:2c: ed:88:3b:47:71:e1:b9:d4:a8:24:67:02:51:ab:f2:35:83:48: e2:25:fe:cf:2d:07:de:06:87:ed:f4:96:57:7f:1f:94:ff:b9: cd:07:3b:22:25:1e:8c:c0:be:1d:ef:a5:f7:4e:52:c1:c1:76: d6:24:7a:c7:b1:f3:ed:e4:27:64:5a:e6:7c:43:c2:0a:19:35: 97:88:4b:d9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXUeMPKnstWesedgbILmANxaLU7wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzNVoX DTI3MDMwMzA2MTUzNVowMzExMC8GA1UEAxMoQ0RCQkFERDcyM0VENTZCRUMxQjUx ODk3NTcwODc2MEY5QjlDNDgzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMxk1RvOzaL1VnEJDYl00T2m0tkSm8iGdVIyGsSquWGd6OeCSggx7CMdIP6c I1ZfViNo+C2YZdYnbDKqq38msXMbVuCtAOd7sbTQu/3CWM+cWBTWUEdNF3mqmeuM F8g0+FprPt24OuDKP6e9jy27Ybe2FLbcEl4a19FXYiN3a17hHCRLXiHQvmAp1X9o X/kezYvVJwbcLQOpVfO7Yj0exijNoKIlAHIfR04gJSOj6sOgYp8pc4h2QSUyoNRq oFX/DAnRKG+xHKxYGM+Bc+AWs0mpGhlySV1CF7NxAOYj2WhQ4nGXAgcE+O0TKoP4 9cuvhfnmRgmZnnNvd39rCJydJDUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNu63X I+1WvsG1GJdXCHYPm5xIPjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+EwDQYJKoZIhvcNAQELBQADggEBAEbJFUl4x1ic8uoE5ZFAX7AcQYvdDzTeIZUJ WNLOJ41WXn8x1A+AqFRosIp3xcY88oCFI24RcfLGpVioPxz5fnr9x4tIml9tscRZ Om0ZkF0s6anaPNESo9A5ShRvfoNFZlsQ20VwT31j5l7zhGN1nkRSSwl7d1OY83qp jiQ+NeY0iGnwyzwfE/Gh37FdAdGQU+PMc5TeiwoucuN+4sldD0Wba3HPw0XR/k2M NORNeUJA5+uFLO2IO0dx4bnUqCRnAlGr8jWDSOIl/s8tB94Gh+30lld/H5T/uc0H OyIlHozAvh3vpfdOUsHBdtYkesex8+3kJ2Ra5nxDwgoZNZeIS9k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:22 2026 by rpki-client