$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143657.roa File: AS143657.roa (raw, json) Hash identifier: GkjQ1pR0EZGE1NaKsiULNTHi2AKZZdvGtzla7aN8OSI= Subject key identifier: F2:45:25:C7:9B:AE:31:28:D1:C1:3B:3D:AD:8F:53:21:DA:F8:0B:A6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 66F809B5A01DFF2B02E49E3692B6374E00322E82 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143657.roa Signing time: Wed 04 Mar 2026 06:13:40 +0000 ROA not before: Wed 04 Mar 2026 06:08:40 +0000 ROA not after: Wed 03 Mar 2027 06:13:40 +0000 asID: 143657 IP address blocks: 240a:a3ef::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:f8:09:b5:a0:1d:ff:2b:02:e4:9e:36:92:b6:37:4e:00:32:2e:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:40 2026 GMT Not After : Mar 3 06:13:40 2027 GMT Subject: CN=F24525C79BAE3128D1C13B3DAD8F5321DAF80BA6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:65:ab:9b:87:11:fb:f9:2b:70:61:30:e3:78: af:45:df:b4:c1:fc:31:43:1d:e8:11:b5:fc:fe:2b: ac:3a:f2:07:6b:be:21:42:fd:4a:2b:93:64:2a:38: c9:df:2f:cf:43:d4:79:ae:55:37:88:59:76:8e:9e: 03:43:de:e2:9d:0e:e6:99:e3:47:8e:d5:2d:65:82: ef:ca:38:19:a3:3f:0c:a0:60:64:5b:89:01:62:a8: 04:2b:5d:7c:74:e7:3b:1f:29:4c:98:ae:d8:12:aa: 62:6c:6c:73:14:cb:bf:30:c9:d1:e9:be:f8:b0:d5: 21:c2:71:4a:90:0d:98:a3:30:9b:28:57:dd:88:6a: 51:b0:39:41:cf:1d:29:48:6e:d8:ae:81:63:bb:99: f9:02:a6:e7:72:8c:3a:a0:3b:77:e4:74:97:77:ca: 2d:29:fc:5b:da:18:15:a3:b3:17:35:79:06:86:ed: e4:e0:60:b0:9e:e9:6e:0f:8c:cd:31:4e:2b:f3:f2: e9:49:95:0f:75:ab:55:fc:12:e9:1b:0e:af:40:f8: d5:d5:b7:ef:1d:ec:64:70:3e:5e:39:66:44:26:85: 80:b8:3f:01:99:38:33:da:4b:c4:7f:9e:61:58:43: e3:89:0d:a8:bd:4f:e1:6a:8a:4f:c7:7d:aa:6a:33: 0b:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:45:25:C7:9B:AE:31:28:D1:C1:3B:3D:AD:8F:53:21:DA:F8:0B:A6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143657.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3ef::/32 Signature Algorithm: sha256WithRSAEncryption ac:c1:74:36:39:88:5b:e3:16:ee:1a:fb:dc:3f:ed:4e:2c:de: d1:70:5d:81:6e:71:4c:12:d2:cc:2f:39:6f:ac:4a:ed:04:16: 7e:78:9d:e6:0c:30:3c:8e:d4:fc:64:fe:e6:c1:2d:f6:db:e1: d5:92:18:1a:07:0c:fb:fd:76:d2:ec:25:6a:83:eb:d2:76:4f: eb:42:ec:b8:62:3a:ec:56:75:d6:7c:9e:7a:72:b4:e4:9e:52: 9a:63:98:7e:b7:20:3a:06:09:a9:ca:df:9e:cb:8c:3a:e0:3d: e7:f8:91:26:50:c2:c0:59:38:0b:1d:6d:51:6c:17:18:f1:76: 86:65:23:00:12:99:54:1a:95:0f:25:d2:79:a9:d6:6b:df:7d: e4:34:54:8b:75:04:9b:b2:67:a9:9f:93:4d:bf:ca:07:f0:46: 83:a7:ba:56:78:a4:3b:9a:b1:5b:d6:9b:fc:00:6b:2b:22:77: 8c:88:32:fb:7c:ea:60:33:c5:fe:f0:81:de:cc:f1:1e:cc:d4: fd:aa:7b:7e:fc:2a:02:0a:51:01:6f:89:82:c4:35:de:28:48: ee:ef:fb:ce:83:f0:63:be:0f:35:c8:ed:c3:07:e0:f9:ee:91: c7:8e:d5:bc:f4:9b:38:94:69:b2:46:05:dd:4f:b7:82:36:d1: a2:90:7d:c3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZvgJtaAd/ysC5J42krY3TgAyLoIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0MFoX DTI3MDMwMzA2MTM0MFowMzExMC8GA1UEAxMoRjI0NTI1Qzc5QkFFMzEyOEQxQzEz QjNEQUQ4RjUzMjFEQUY4MEJBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALRlq5uHEfv5K3BhMON4r0XftMH8MUMd6BG1/P4rrDryB2u+IUL9SiuTZCo4 yd8vz0PUea5VN4hZdo6eA0Pe4p0O5pnjR47VLWWC78o4GaM/DKBgZFuJAWKoBCtd fHTnOx8pTJiu2BKqYmxscxTLvzDJ0em++LDVIcJxSpANmKMwmyhX3YhqUbA5Qc8d KUhu2K6BY7uZ+QKm53KMOqA7d+R0l3fKLSn8W9oYFaOzFzV5Bobt5OBgsJ7pbg+M zTFOK/Py6UmVD3WrVfwS6RsOr0D41dW37x3sZHA+XjlmRCaFgLg/AZk4M9pLxH+e YVhD44kNqL1P4WqKT8d9qmozC5cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTyRSXH m64xKNHBOz2tj1Mh2vgLpjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+8wDQYJKoZIhvcNAQELBQADggEBAKzBdDY5iFvjFu4a+9w/7U4s3tFwXYFucUwS 0swvOW+sSu0EFn54neYMMDyO1Pxk/ubBLfbb4dWSGBoHDPv9dtLsJWqD69J2T+tC 7LhiOuxWddZ8nnpytOSeUppjmH63IDoGCanK357LjDrgPef4kSZQwsBZOAsdbVFs FxjxdoZlIwASmVQalQ8l0nmp1mvffeQ0VIt1BJuyZ6mfk02/ygfwRoOnulZ4pDua sVvWm/wAaysid4yIMvt86mAzxf7wgd7M8R7M1P2qe378KgIKUQFviYLENd4oSO7v +86D8GO+DzXI7cMH4PnukceO1bz0mziUabJGBd1Pt4I20aKQfcM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:02 2026 by rpki-client