$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143647.roa File: AS143647.roa (raw, json) Hash identifier: n4LyJrhO2I8OYi4emP9AowWyPqDfjlptNtEl+zzmYNQ= Subject key identifier: 06:D9:9C:C3:98:E3:55:C0:ED:47:C5:16:4B:89:2E:60:77:F8:88:28 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2C0EDEEE6CC4771C997D2DE0BC324F3DF336932B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143647.roa Signing time: Wed 04 Mar 2026 06:14:43 +0000 ROA not before: Wed 04 Mar 2026 06:09:43 +0000 ROA not after: Wed 03 Mar 2027 06:14:43 +0000 asID: 143647 IP address blocks: 240a:a3e5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:0e:de:ee:6c:c4:77:1c:99:7d:2d:e0:bc:32:4f:3d:f3:36:93:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:43 2026 GMT Not After : Mar 3 06:14:43 2027 GMT Subject: CN=06D99CC398E355C0ED47C5164B892E6077F88828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:91:68:7b:cb:b1:4f:92:34:6e:12:0a:d2:6c: f1:9f:cd:01:c5:38:0b:4d:73:77:b3:44:89:1b:2c: 88:00:ee:16:aa:ef:b5:21:b0:3e:3a:c6:93:76:9d: 93:d5:2f:30:c2:95:79:28:8c:31:0c:a4:0a:ed:3e: e4:34:b7:fa:3a:7e:8b:e9:ae:dc:6e:05:23:a9:a5: da:ab:68:eb:1e:8b:46:2f:d4:5e:d3:ed:e8:42:12: ec:b7:64:75:16:3f:ed:1b:99:90:bf:12:80:4e:8a: 86:bf:a4:31:54:b2:ed:4d:b4:22:3e:2a:95:1f:45: d9:41:ef:d4:2b:aa:38:f8:f7:06:a7:7a:7c:c8:26: 3f:8a:5f:41:a1:dc:09:20:5a:96:0d:a0:27:49:75: 26:a3:9d:e9:e4:59:e5:18:50:a7:59:da:12:59:1d: f3:30:ef:7a:eb:b7:ba:8c:7b:ad:af:72:9b:dd:77: b7:28:f2:af:12:8d:57:ec:54:f0:e6:a2:7d:76:d7: 0d:ba:84:1d:01:46:8a:97:ae:b7:52:6f:c2:d5:e3: c6:9d:8e:ba:76:71:52:29:5e:30:52:06:99:3b:b2: 69:53:92:de:97:a9:82:44:83:c6:49:81:61:f1:f4: bf:69:55:7d:ae:2d:54:6d:58:2d:0f:38:e9:60:e3: 50:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:D9:9C:C3:98:E3:55:C0:ED:47:C5:16:4B:89:2E:60:77:F8:88:28 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143647.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3e5::/32 Signature Algorithm: sha256WithRSAEncryption 27:6a:21:6c:e2:bf:a9:d3:98:92:25:b5:69:fb:83:ed:45:1d: ab:df:e0:82:de:b0:91:fa:9b:d7:a3:20:6c:a3:b0:6b:95:e9: f1:62:6c:87:01:52:ce:64:90:fd:71:24:de:c3:2d:c6:cc:b7: 9a:bf:1a:41:a7:d2:b3:d3:55:4a:1c:6a:83:bc:7f:01:b2:9e: 1f:df:40:52:4d:aa:e5:18:af:ec:a2:24:a1:a4:8a:f7:c8:71: 2e:c4:37:13:93:ff:20:b6:53:99:91:81:8b:ac:f9:24:f8:99: 86:50:d5:3d:80:25:00:aa:f3:7c:df:79:93:93:1b:37:ae:cd: 5c:d1:09:cd:8a:16:c0:df:cf:e6:f3:7a:19:93:3e:ff:fa:24: 56:23:a2:b5:76:a0:ee:ad:11:bb:a5:cf:fb:21:56:9b:42:31: 40:b0:36:03:3e:16:36:34:a0:ed:0b:41:72:c1:a4:12:78:6c: 35:79:b0:88:b6:cd:bf:fe:7c:2b:1b:3e:2a:7a:7f:43:06:00: d1:4e:e2:f4:78:78:70:4a:44:c6:9f:6b:4c:ed:89:a5:93:eb: 52:a7:05:f2:9a:7f:80:58:d5:40:ea:b0:3d:b4:d4:84:99:33: 0e:09:38:37:1f:e7:ef:46:65:44:72:6a:d3:50:82:b0:6f:20: 28:af:bf:63 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULA7e7mzEdxyZfS3gvDJPPfM2kyswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0M1oX DTI3MDMwMzA2MTQ0M1owMzExMC8GA1UEAxMoMDZEOTlDQzM5OEUzNTVDMEVENDdD NTE2NEI4OTJFNjA3N0Y4ODgyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqRaHvLsU+SNG4SCtJs8Z/NAcU4C01zd7NEiRssiADuFqrvtSGwPjrGk3ad k9UvMMKVeSiMMQykCu0+5DS3+jp+i+mu3G4FI6ml2qto6x6LRi/UXtPt6EIS7Ldk dRY/7RuZkL8SgE6Khr+kMVSy7U20Ij4qlR9F2UHv1CuqOPj3Bqd6fMgmP4pfQaHc CSBalg2gJ0l1JqOd6eRZ5RhQp1naElkd8zDveuu3uox7ra9ym913tyjyrxKNV+xU 8OaifXbXDbqEHQFGipeut1JvwtXjxp2OunZxUileMFIGmTuyaVOS3pepgkSDxkmB YfH0v2lVfa4tVG1YLQ846WDjUHUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQG2ZzD mONVwO1HxRZLiS5gd/iIKDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+UwDQYJKoZIhvcNAQELBQADggEBACdqIWziv6nTmJIltWn7g+1FHavf4ILesJH6 m9ejIGyjsGuV6fFibIcBUs5kkP1xJN7DLcbMt5q/GkGn0rPTVUocaoO8fwGynh/f QFJNquUYr+yiJKGkivfIcS7ENxOT/yC2U5mRgYus+ST4mYZQ1T2AJQCq83zfeZOT GzeuzVzRCc2KFsDfz+bzehmTPv/6JFYjorV2oO6tEbulz/shVptCMUCwNgM+FjY0 oO0LQXLBpBJ4bDV5sIi2zb/+fCsbPip6f0MGANFO4vR4eHBKRMafa0ztiaWT61Kn BfKaf4BY1UDqsD201ISZMw4JODcf5+9GZURyatNQgrBvICivv2M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:13 2026 by rpki-client