$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143656.roa File: AS143656.roa (raw, json) Hash identifier: jHcBkwdT/hlPLoikc0yErYO1tS/RpyIIEdsm1xLiMX4= Subject key identifier: 9C:45:60:78:C4:DD:F2:41:06:B0:41:9A:23:22:37:B4:1A:35:15:C2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 24CF77E3826694DDE526C472D036B5DCDA1D7C65 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143656.roa Signing time: Wed 04 Mar 2026 06:13:32 +0000 ROA not before: Wed 04 Mar 2026 06:08:32 +0000 ROA not after: Wed 03 Mar 2027 06:13:32 +0000 asID: 143656 IP address blocks: 240a:a3ee::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:cf:77:e3:82:66:94:dd:e5:26:c4:72:d0:36:b5:dc:da:1d:7c:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:32 2026 GMT Not After : Mar 3 06:13:32 2027 GMT Subject: CN=9C456078C4DDF24106B0419A232237B41A3515C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a2:25:4f:06:17:87:43:a9:d2:f5:06:11:16: cf:05:80:5c:ed:e4:f8:78:42:49:8f:ae:ff:df:a5: 90:cb:a2:72:a9:27:3e:b7:0b:0b:50:79:5a:a9:e9: a6:b7:5b:da:e9:dd:fd:bf:75:dd:62:77:9c:ec:ef: 21:a8:d0:0d:68:15:8d:fb:e9:62:ce:5a:18:f9:0b: 80:5a:2d:3f:5c:9b:57:f3:e9:24:64:86:6a:56:6f: b9:f3:c2:0c:3a:68:92:c4:5e:d5:10:93:b5:5c:10: 3b:35:dc:94:cf:b6:61:5b:37:69:4c:1b:57:1b:87: d1:f2:64:97:43:61:9f:36:0b:e0:59:bb:5f:5b:56: f7:80:df:1d:6f:c2:cc:5e:b6:be:af:67:cf:4e:45: ca:2a:50:7e:e7:8e:7f:98:bc:1b:4f:89:03:ca:23: 8c:e7:5f:3f:b6:28:16:ff:c5:62:41:ce:f4:f8:78: 4a:b8:97:62:e9:d0:58:02:9d:11:53:33:f1:ff:52: d7:90:4f:e7:1c:b8:c3:55:0a:8e:f5:ad:4e:9a:cb: df:bd:95:86:53:6b:e0:d2:ad:ed:04:59:17:96:84: d9:1e:cc:bb:8a:10:ad:98:3b:d2:2b:04:68:9f:93: ca:8d:7d:ae:2b:65:c5:5a:4a:f0:42:56:32:1b:2d: 5d:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:45:60:78:C4:DD:F2:41:06:B0:41:9A:23:22:37:B4:1A:35:15:C2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143656.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3ee::/32 Signature Algorithm: sha256WithRSAEncryption 6b:98:6f:bd:45:93:e7:22:12:c8:e0:97:e4:d6:42:a6:35:97: a2:2d:10:9c:22:a3:f5:81:dc:93:e9:0d:fc:9d:0e:1a:23:e0: d5:d7:44:f3:f7:82:78:ec:df:10:af:92:98:2b:aa:ac:8e:b0: 3e:ca:d8:6d:6e:0b:79:13:2d:79:32:e7:4f:63:1a:e8:f4:88: 4f:76:f5:12:d3:41:94:1d:de:ef:e4:b1:84:d8:0c:4d:db:12: 4f:44:a3:8e:67:f4:62:88:0c:dc:e4:53:5a:56:89:b8:91:00: fe:fd:8c:b5:7f:8b:c0:5a:f9:fa:f2:fc:35:5b:ae:cb:d8:e9: de:b8:df:fe:80:3e:a8:97:c4:ce:ee:58:2b:bd:0e:c4:50:9f: fe:62:f8:59:9a:0d:dd:37:ae:44:26:ae:7d:c0:1c:64:20:71: d2:ef:7c:97:ef:4a:8d:eb:9d:52:99:f4:3d:ad:0a:fa:8b:9f: a0:e7:64:db:89:70:83:1f:18:8f:58:67:f4:70:ee:43:99:3c: 9a:31:30:23:80:88:20:f6:58:70:e0:b3:fc:b2:58:20:52:2a: 20:64:b1:62:09:73:2e:bc:01:1c:d5:c7:9a:81:03:a5:a7:1f: aa:6d:23:12:fd:89:6b:ba:3d:2f:40:8a:6a:6b:e3:ba:b6:df: 2c:a7:98:de -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJM9344JmlN3lJsRy0Da13NodfGUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzMloX DTI3MDMwMzA2MTMzMlowMzExMC8GA1UEAxMoOUM0NTYwNzhDNERERjI0MTA2QjA0 MTlBMjMyMjM3QjQxQTM1MTVDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKOiJU8GF4dDqdL1BhEWzwWAXO3k+HhCSY+u/9+lkMuicqknPrcLC1B5Wqnp prdb2und/b913WJ3nOzvIajQDWgVjfvpYs5aGPkLgFotP1ybV/PpJGSGalZvufPC DDpoksRe1RCTtVwQOzXclM+2YVs3aUwbVxuH0fJkl0NhnzYL4Fm7X1tW94DfHW/C zF62vq9nz05FyipQfueOf5i8G0+JA8ojjOdfP7YoFv/FYkHO9Ph4SriXYunQWAKd EVMz8f9S15BP5xy4w1UKjvWtTprL372VhlNr4NKt7QRZF5aE2R7Mu4oQrZg70isE aJ+Tyo19ritlxVpK8EJWMhstXacCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBScRWB4 xN3yQQawQZojIje0GjUVwjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+4wDQYJKoZIhvcNAQELBQADggEBAGuYb71Fk+ciEsjgl+TWQqY1l6ItEJwio/WB 3JPpDfydDhoj4NXXRPP3gnjs3xCvkpgrqqyOsD7K2G1uC3kTLXky509jGuj0iE92 9RLTQZQd3u/ksYTYDE3bEk9Eo45n9GKIDNzkU1pWibiRAP79jLV/i8Ba+fry/DVb rsvY6d643/6APqiXxM7uWCu9DsRQn/5i+FmaDd03rkQmrn3AHGQgcdLvfJfvSo3r nVKZ9D2tCvqLn6DnZNuJcIMfGI9YZ/Rw7kOZPJoxMCOAiCD2WHDgs/yyWCBSKiBk sWIJcy68ARzVx5qBA6WnH6ptIxL9iWu6PS9Aimpr47q23yynmN4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:02 2026 by rpki-client