$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143644.roa File: AS143644.roa (raw, json) Hash identifier: lzV7jH7/jmV70H+r2qZnIPeFuKYliCZ/1XakNY9UjW4= Subject key identifier: 88:2A:DB:B3:57:11:74:62:4A:79:A7:A2:36:93:02:9D:AE:18:ED:B4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 13EF862BE8AA5800AB0574072CAE21C63A85BF02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143644.roa Signing time: Wed 04 Mar 2026 06:14:33 +0000 ROA not before: Wed 04 Mar 2026 06:09:33 +0000 ROA not after: Wed 03 Mar 2027 06:14:33 +0000 asID: 143644 IP address blocks: 240a:a3e2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:ef:86:2b:e8:aa:58:00:ab:05:74:07:2c:ae:21:c6:3a:85:bf:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:33 2026 GMT Not After : Mar 3 06:14:33 2027 GMT Subject: CN=882ADBB3571174624A79A7A23693029DAE18EDB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:67:8e:cf:42:ad:67:7f:38:70:4b:05:6c:12: 2b:a8:05:a1:ce:4c:05:11:c1:ac:67:59:bf:55:90: 49:a1:d3:07:f7:72:90:15:69:24:97:a5:7d:f6:0d: 5d:a8:f3:39:cf:5b:ec:01:27:ce:f0:5e:3b:10:bd: 0c:0d:5f:a5:d7:37:ea:bd:7f:73:e3:a3:44:35:a9: 81:00:f7:cd:86:04:4c:79:09:35:49:a0:ce:c8:43: ae:3f:b5:7d:01:26:78:77:75:78:6f:cf:3e:50:1a: 9b:fa:25:60:97:c5:85:7f:02:ef:4e:bd:76:0a:bd: bd:bc:09:d7:35:a6:34:cf:e0:c4:1d:63:78:a9:22: e3:a6:38:99:ad:55:fe:25:f9:82:97:6f:c6:ca:e0: ec:32:94:89:dc:08:fb:14:ec:c9:e6:b4:40:0d:02: b2:6d:3d:65:35:18:2f:9d:2a:88:5c:8a:0f:37:3b: 45:7f:0f:88:75:e1:ed:93:b6:8d:25:fe:d9:2d:80: e6:c9:60:a0:65:c3:65:90:ac:76:91:ad:de:1d:d9: 3f:08:6f:3d:0e:71:af:23:01:38:79:ff:0a:30:15: 5b:ae:13:24:59:6b:2e:8b:43:a7:c4:f6:b9:6d:b0: 58:15:d1:81:8b:36:0f:ef:80:5f:66:c2:09:ac:5e: d7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:2A:DB:B3:57:11:74:62:4A:79:A7:A2:36:93:02:9D:AE:18:ED:B4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143644.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3e2::/32 Signature Algorithm: sha256WithRSAEncryption 9b:a9:cb:e5:af:96:2a:26:8e:1a:e2:98:97:2b:25:8c:9d:e8: 9b:0d:89:c4:fe:db:31:00:77:86:08:8c:d5:91:c2:76:89:d2: f7:40:80:ad:10:f8:77:fc:b0:6b:bc:4d:97:e8:32:ff:8c:39: c2:27:d6:ad:63:04:1b:46:f0:05:9f:5d:7b:61:5e:9b:3c:2d: b4:d7:81:9a:d6:44:c5:7a:79:27:eb:fe:dc:a4:14:aa:3b:84: 3b:24:a5:f4:1a:92:df:de:92:db:74:05:73:08:72:a2:db:28: 6e:d0:3e:af:57:2e:6f:18:02:e2:4c:e1:f9:7f:7d:b5:11:39: 17:2b:ab:eb:9a:37:66:97:3a:00:01:d4:47:96:33:f1:6a:b9: fc:9b:ba:27:dc:45:fb:9b:b0:91:8c:37:a9:36:b8:b2:a7:9e: d1:08:50:db:e3:18:a9:61:c8:a7:c2:77:f2:d3:18:6a:75:d2: 95:f4:5f:09:bf:07:23:64:69:f5:5c:58:f7:61:14:a6:27:71: 47:a0:42:5f:fd:c9:d8:9a:20:e4:a8:c9:89:f3:fc:34:32:37: 20:8c:52:c6:8a:80:7d:4a:55:7a:2b:b2:22:07:9c:64:96:8e: 1b:b6:37:ea:fa:59:67:f4:a0:05:cb:7c:a7:42:8f:df:33:b1: 96:b7:f4:d9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUE++GK+iqWACrBXQHLK4hxjqFvwIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzM1oX DTI3MDMwMzA2MTQzM1owMzExMC8GA1UEAxMoODgyQURCQjM1NzExNzQ2MjRBNzlB N0EyMzY5MzAyOURBRTE4RURCNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhnjs9CrWd/OHBLBWwSK6gFoc5MBRHBrGdZv1WQSaHTB/dykBVpJJelffYN XajzOc9b7AEnzvBeOxC9DA1fpdc36r1/c+OjRDWpgQD3zYYETHkJNUmgzshDrj+1 fQEmeHd1eG/PPlAam/olYJfFhX8C7069dgq9vbwJ1zWmNM/gxB1jeKki46Y4ma1V /iX5gpdvxsrg7DKUidwI+xTsyea0QA0Csm09ZTUYL50qiFyKDzc7RX8PiHXh7ZO2 jSX+2S2A5slgoGXDZZCsdpGt3h3ZPwhvPQ5xryMBOHn/CjAVW64TJFlrLotDp8T2 uW2wWBXRgYs2D++AX2bCCaxe19sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSIKtuz VxF0Ykp5p6I2kwKdrhjttDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+IwDQYJKoZIhvcNAQELBQADggEBAJupy+WvliomjhrimJcrJYyd6JsNicT+2zEA d4YIjNWRwnaJ0vdAgK0Q+Hf8sGu8TZfoMv+MOcIn1q1jBBtG8AWfXXthXps8LbTX gZrWRMV6eSfr/tykFKo7hDskpfQakt/ektt0BXMIcqLbKG7QPq9XLm8YAuJM4fl/ fbURORcrq+uaN2aXOgAB1EeWM/FqufybuifcRfubsJGMN6k2uLKnntEIUNvjGKlh yKfCd/LTGGp10pX0Xwm/ByNkafVcWPdhFKYncUegQl/9ydiaIOSoyYnz/DQyNyCM UsaKgH1KVXorsiIHnGSWjhu2N+r6WWf0oAXLfKdCj98zsZa39Nk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:12 2026 by rpki-client