$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143646.roa File: AS143646.roa (raw, json) Hash identifier: 4YdyZRS1tJ5XHU71QVbD7pTcW+oVp6gg0g99MaqUzfA= Subject key identifier: E2:41:17:06:00:3B:81:18:D8:11:AE:4C:F4:8E:86:64:E8:6E:A7:AE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 47E643EB87D7A3B048D102C8D504C6991BFB21D4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143646.roa Signing time: Wed 04 Mar 2026 06:15:28 +0000 ROA not before: Wed 04 Mar 2026 06:10:28 +0000 ROA not after: Wed 03 Mar 2027 06:15:28 +0000 asID: 143646 IP address blocks: 240a:a3e4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:e6:43:eb:87:d7:a3:b0:48:d1:02:c8:d5:04:c6:99:1b:fb:21:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:28 2026 GMT Not After : Mar 3 06:15:28 2027 GMT Subject: CN=E2411706003B8118D811AE4CF48E8664E86EA7AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:42:ad:d6:64:9b:3a:b5:22:17:6d:3b:e3:f0: 62:7e:52:01:3e:50:42:54:3d:bf:7b:be:7c:1f:24: 79:d7:96:ee:46:22:25:e2:15:cf:48:b5:0f:87:3b: b1:63:68:79:58:de:67:9b:fc:a7:f6:12:6a:eb:a9: 1e:61:0a:35:d7:f3:9c:90:13:36:94:94:9d:9e:4f: 9f:97:90:b4:56:b6:1e:29:23:cd:2c:b3:3c:6c:21: fc:42:98:dd:08:d2:31:1f:33:37:d8:2f:38:7b:d4: 84:ff:d2:cd:04:36:5d:61:93:85:a8:49:c7:d9:bf: 02:01:a8:3d:d3:cc:24:43:7b:e0:de:e9:25:ff:4c: ba:fe:aa:56:40:2e:61:87:7f:44:f4:c2:0d:e7:e1: 18:6f:da:1b:30:b8:3d:b3:5f:16:97:5a:2f:38:f9: 87:b4:1b:a3:ab:91:3d:0f:7a:a7:d2:3e:c3:af:7d: dd:36:62:dc:9e:bd:10:bb:6f:61:0f:b7:c3:5f:4e: e2:13:06:25:d7:e1:72:92:a1:2b:10:23:21:06:39: 25:6d:46:eb:4d:a3:2e:65:f1:ad:9c:df:e4:39:4f: 5f:94:f3:64:b1:83:a4:84:8b:79:87:60:c8:b2:7d: 7a:fe:51:d3:18:51:e0:d4:2e:6b:ca:a5:4a:8f:72: 7a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:41:17:06:00:3B:81:18:D8:11:AE:4C:F4:8E:86:64:E8:6E:A7:AE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143646.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3e4::/32 Signature Algorithm: sha256WithRSAEncryption 62:37:bf:55:0a:a0:9e:49:63:a3:b3:c6:4b:a8:ae:f6:8f:17: 08:36:7c:b1:ce:29:d1:0c:7d:76:34:2f:b0:33:a9:d4:2a:f5: 95:42:82:28:6f:9b:80:cb:a7:7f:4d:7c:15:65:1f:76:63:0f: 94:71:cf:59:dc:02:e0:85:7b:cc:35:95:bb:0c:b9:13:af:f5: 40:7c:fa:2a:f0:e7:2f:3d:ad:cf:52:1b:a6:57:c8:5d:e4:41: 99:1a:e8:24:f9:4d:ef:a8:69:af:81:55:75:a8:0f:2b:f3:6d: ed:c6:70:b0:87:6a:32:6c:1e:10:c4:96:87:c3:48:44:7d:09: 90:5c:ae:ae:1b:4d:9a:1d:89:2d:1e:61:85:52:9c:60:25:0b: bf:43:09:16:66:00:99:ba:23:b4:14:09:fd:1b:26:b3:ca:60: 2b:78:ee:7c:23:04:cd:7c:41:8a:4d:0a:eb:01:f1:bb:af:c3: a9:ab:7c:fd:42:18:bb:dc:3e:be:70:92:80:0b:ad:ae:45:4f: 27:2a:44:32:da:73:63:f6:27:41:33:b8:cc:34:6c:17:38:dd: 9a:a6:f0:cb:85:51:99:e6:f2:6a:38:f2:c5:af:e9:d8:b9:8d: fb:93:a1:86:15:6a:54:cc:7b:8b:57:98:60:41:c3:ff:01:2b: 8f:88:61:7c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUR+ZD64fXo7BI0QLI1QTGmRv7IdQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyOFoX DTI3MDMwMzA2MTUyOFowMzExMC8GA1UEAxMoRTI0MTE3MDYwMDNCODExOEQ4MTFB RTRDRjQ4RTg2NjRFODZFQTdBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOpCrdZkmzq1IhdtO+PwYn5SAT5QQlQ9v3u+fB8kedeW7kYiJeIVz0i1D4c7 sWNoeVjeZ5v8p/YSauupHmEKNdfznJATNpSUnZ5Pn5eQtFa2HikjzSyzPGwh/EKY 3QjSMR8zN9gvOHvUhP/SzQQ2XWGThahJx9m/AgGoPdPMJEN74N7pJf9Muv6qVkAu YYd/RPTCDefhGG/aGzC4PbNfFpdaLzj5h7Qbo6uRPQ96p9I+w6993TZi3J69ELtv YQ+3w19O4hMGJdfhcpKhKxAjIQY5JW1G602jLmXxrZzf5DlPX5TzZLGDpISLeYdg yLJ9ev5R0xhR4NQua8qlSo9yemMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTiQRcG ADuBGNgRrkz0joZk6G6nrjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+QwDQYJKoZIhvcNAQELBQADggEBAGI3v1UKoJ5JY6OzxkuorvaPFwg2fLHOKdEM fXY0L7AzqdQq9ZVCgihvm4DLp39NfBVlH3ZjD5Rxz1ncAuCFe8w1lbsMuROv9UB8 +irw5y89rc9SG6ZXyF3kQZka6CT5Te+oaa+BVXWoDyvzbe3GcLCHajJsHhDElofD SER9CZBcrq4bTZodiS0eYYVSnGAlC79DCRZmAJm6I7QUCf0bJrPKYCt47nwjBM18 QYpNCusB8buvw6mrfP1CGLvcPr5wkoALra5FTycqRDLac2P2J0EzuMw0bBc43Zqm 8MuFUZnm8mo48sWv6di5jfuToYYValTMe4tXmGBBw/8BK4+IYXw= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:37 2026 by rpki-client