$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143653.roa File: AS143653.roa (raw, json) Hash identifier: 6Ax+zq9xuz2508fR289kf+BDr2xOXkVfIbCPbQuB24I= Subject key identifier: E9:EB:2B:29:48:8E:11:77:B0:EF:80:3B:44:39:60:30:78:F5:8A:00 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 25FC5529190AB3882DAAAD5AF9168395D13D59EF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143653.roa Signing time: Wed 04 Mar 2026 06:14:47 +0000 ROA not before: Wed 04 Mar 2026 06:09:47 +0000 ROA not after: Wed 03 Mar 2027 06:14:47 +0000 asID: 143653 IP address blocks: 240a:a3eb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:fc:55:29:19:0a:b3:88:2d:aa:ad:5a:f9:16:83:95:d1:3d:59:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:47 2026 GMT Not After : Mar 3 06:14:47 2027 GMT Subject: CN=E9EB2B29488E1177B0EF803B4439603078F58A00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:92:4a:e5:99:3d:a9:de:ec:5d:21:29:3e:c1: d4:f3:8c:93:4f:e8:0e:7f:20:e0:b7:5a:c8:3e:fc: 84:b3:fc:23:a0:c1:44:03:7c:51:78:d8:30:30:59: 30:6b:c2:cd:69:78:f4:27:f1:bd:69:fd:14:f8:04: ae:14:dc:6d:8c:54:d8:cb:34:2a:a3:3a:07:62:0b: df:71:bc:cc:e2:63:12:f7:67:c8:d7:ab:87:4a:7f: 69:b6:a2:c9:dd:71:55:9a:db:c6:ec:b8:92:de:32: cf:e6:2f:91:13:51:de:3e:ca:f7:14:a0:6d:af:2c: 53:47:fb:34:42:d7:a0:05:8f:e2:8f:b7:93:7a:a7: 57:c7:cb:ef:ec:e7:d3:17:82:ee:3e:39:59:92:5a: c4:5d:59:91:fb:6e:f8:d1:10:06:b5:7f:03:de:31: 6d:fa:f8:b5:e8:20:43:39:4c:8a:11:ac:0f:97:be: 7d:aa:c8:f5:26:c8:75:fd:68:b8:ab:df:bc:0d:27: 51:a9:6a:5e:f1:d3:cf:3f:88:e0:3a:1f:c5:a9:e8: 23:74:50:9e:e7:bd:0c:a9:ba:c7:47:7c:f7:15:b8: 85:25:28:56:41:7a:17:4b:ec:f3:a7:94:50:41:25: b2:5f:91:aa:66:d7:78:10:e5:9c:70:39:e4:cb:96: fa:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:EB:2B:29:48:8E:11:77:B0:EF:80:3B:44:39:60:30:78:F5:8A:00 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143653.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3eb::/32 Signature Algorithm: sha256WithRSAEncryption 13:c4:ae:35:78:e4:26:17:a3:70:f7:29:e1:cc:ca:bd:ec:16: c7:2b:0f:9a:b2:24:3f:de:e4:0f:0f:5b:75:eb:db:4b:2d:b3: e9:b3:2f:d8:16:2c:37:56:86:83:04:a0:b3:ce:b2:e3:2e:c7: 02:ca:d5:e3:42:f0:1a:ef:ff:4a:6a:22:39:5c:8a:c6:9e:d8: 5b:6b:c4:ac:a7:3e:57:bd:03:71:18:6c:f6:0b:8b:34:7f:2c: f2:ea:7d:f0:80:66:30:dd:62:c1:5c:5d:99:07:b7:ca:d5:9f: b1:d1:07:fb:d9:e0:c9:05:10:1e:0f:c9:04:67:0a:35:70:1b: 87:a1:8e:1d:a7:ee:d0:11:87:0e:07:4a:3e:0c:15:24:4a:9b: d9:77:5c:34:5e:0e:2d:28:14:43:05:f7:32:20:b5:f6:ed:c0: 5c:e6:98:2f:ed:10:62:52:22:4b:79:8a:77:3e:7c:95:cc:29: 96:15:6a:f2:64:c3:ce:b0:d1:c7:2f:32:5e:68:61:44:d0:43: 88:a4:bc:3d:6f:89:ae:b4:6d:92:60:71:11:1e:bc:94:8b:32: 5c:3d:f0:36:bb:74:21:00:bd:ed:f0:ec:16:f0:83:c0:e7:ff: fb:28:44:98:b9:43:d2:75:e0:ff:c6:10:7e:a5:ca:ad:2b:08: 2e:3d:46:12 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJfxVKRkKs4gtqq1a+RaDldE9We8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0N1oX DTI3MDMwMzA2MTQ0N1owMzExMC8GA1UEAxMoRTlFQjJCMjk0ODhFMTE3N0IwRUY4 MDNCNDQzOTYwMzA3OEY1OEEwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANqSSuWZPane7F0hKT7B1POMk0/oDn8g4LdayD78hLP8I6DBRAN8UXjYMDBZ MGvCzWl49CfxvWn9FPgErhTcbYxU2Ms0KqM6B2IL33G8zOJjEvdnyNerh0p/abai yd1xVZrbxuy4kt4yz+YvkRNR3j7K9xSgba8sU0f7NELXoAWP4o+3k3qnV8fL7+zn 0xeC7j45WZJaxF1Zkftu+NEQBrV/A94xbfr4teggQzlMihGsD5e+farI9SbIdf1o uKvfvA0nUalqXvHTzz+I4DofxanoI3RQnue9DKm6x0d89xW4hSUoVkF6F0vs86eU UEElsl+RqmbXeBDlnHA55MuW+sMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTp6ysp SI4Rd7DvgDtEOWAwePWKADAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+swDQYJKoZIhvcNAQELBQADggEBABPErjV45CYXo3D3KeHMyr3sFscrD5qyJD/e 5A8PW3Xr20sts+mzL9gWLDdWhoMEoLPOsuMuxwLK1eNC8Brv/0pqIjlcisae2Ftr xKynPle9A3EYbPYLizR/LPLqffCAZjDdYsFcXZkHt8rVn7HRB/vZ4MkFEB4PyQRn CjVwG4ehjh2n7tARhw4HSj4MFSRKm9l3XDReDi0oFEMF9zIgtfbtwFzmmC/tEGJS Ikt5inc+fJXMKZYVavJkw86w0ccvMl5oYUTQQ4ikvD1via60bZJgcREevJSLMlw9 8Da7dCEAve3w7Bbwg8Dn//soRJi5Q9J14P/GEH6lyq0rCC49RhI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:14 2026 by rpki-client