$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143658.roa File: AS143658.roa (raw, json) Hash identifier: Ref+cwySTHQ7xnkQz+vhYCTm1MRJLnSWqKKGRdI8sjo= Subject key identifier: F8:34:44:D2:06:F9:22:79:49:C9:86:CB:4A:5F:6A:54:52:C3:78:4D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1B4EEB2DF40E4366EDB5C3A56769113BE152D0EA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143658.roa Signing time: Wed 04 Mar 2026 06:14:42 +0000 ROA not before: Wed 04 Mar 2026 06:09:42 +0000 ROA not after: Wed 03 Mar 2027 06:14:42 +0000 asID: 143658 IP address blocks: 240a:a3f0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:4e:eb:2d:f4:0e:43:66:ed:b5:c3:a5:67:69:11:3b:e1:52:d0:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:42 2026 GMT Not After : Mar 3 06:14:42 2027 GMT Subject: CN=F83444D206F9227949C986CB4A5F6A5452C3784D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:17:78:fc:20:3f:71:b9:34:bb:ee:7f:d1:2f: 85:e3:d5:1c:4b:1f:81:12:c0:17:d8:22:bd:55:a1: 25:11:47:29:b8:85:0f:16:4c:64:5f:96:eb:aa:63: 13:e9:71:7b:4e:f9:56:44:5b:e0:8e:d8:4c:91:d8: b5:a3:03:18:d6:bf:72:9a:41:d0:c6:f4:2c:ca:1c: 86:b9:d8:e3:11:5b:d4:e6:0b:4e:f5:1c:86:3b:18: c1:da:20:15:69:fd:4c:93:74:54:11:8b:09:90:5d: 2c:13:dd:a6:25:a7:91:b8:c0:0d:11:10:ce:34:68: 72:f4:3b:be:29:8b:08:4f:50:3b:f4:fd:50:c5:e0: fd:3e:9a:84:ff:c7:12:ae:96:21:06:cf:dc:10:80: 91:21:f3:75:4c:e7:27:24:50:85:53:71:20:fe:dd: 01:f0:29:2b:09:32:57:da:ae:2f:f1:d7:4e:59:8d: a7:6f:8a:0e:36:60:4d:26:48:76:f9:37:19:af:2e: 45:0f:b1:ce:66:47:e1:29:36:7c:07:39:b2:14:43: 1c:49:c4:36:94:c6:77:ad:9b:85:ec:4d:24:fd:fa: 2d:2e:3d:51:42:eb:63:c2:d9:81:72:62:61:c3:41: e9:d5:c0:73:ef:fb:17:f4:8d:2c:49:bc:42:bc:bf: 34:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:34:44:D2:06:F9:22:79:49:C9:86:CB:4A:5F:6A:54:52:C3:78:4D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143658.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3f0::/32 Signature Algorithm: sha256WithRSAEncryption 82:83:55:df:d5:47:8c:8a:e3:0b:45:6e:74:b8:69:c4:a5:72: c8:db:b0:0e:0f:ad:d6:35:1e:24:1b:0c:40:75:37:85:30:ba: 98:66:84:40:65:3a:dd:cc:32:01:de:59:ec:a4:e5:59:b4:af: 08:4f:45:50:af:6a:25:9d:ac:36:0c:e4:25:ac:6a:a7:7c:5e: e8:56:7a:04:30:3b:31:5d:48:42:99:03:36:2d:4f:4f:ec:95: 6d:a1:4d:ec:74:35:e1:0d:4c:ab:05:b4:3e:6e:a9:7a:ae:d4: f3:ea:09:19:d4:7d:ae:07:3c:1f:4c:bf:94:50:c8:78:4f:86: 7c:5b:06:a4:0a:21:71:6f:3e:1c:ff:f3:f7:9c:71:27:eb:1c: 04:ed:14:79:3d:b2:2f:b6:20:57:fc:15:12:a4:f7:24:e7:6f: 6e:79:47:28:33:2f:28:41:fd:fe:40:96:a3:5d:76:f6:f5:bb: a7:17:d7:de:aa:60:e1:e4:d3:b2:89:68:13:9a:a5:e5:e0:c1: 50:14:71:e9:f2:16:bb:49:da:e0:40:22:ed:c0:dd:3d:8b:e4: 9c:5c:ab:c7:6a:9d:33:c6:1d:60:4b:64:67:31:10:21:41:be: fd:a1:ea:23:55:c4:cb:80:aa:2b:73:d9:3c:42:dc:ea:d1:b7: 7c:b0:0c:42 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG07rLfQOQ2bttcOlZ2kRO+FS0OowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0MloX DTI3MDMwMzA2MTQ0MlowMzExMC8GA1UEAxMoRjgzNDQ0RDIwNkY5MjI3OTQ5Qzk4 NkNCNEE1RjZBNTQ1MkMzNzg0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAXePwgP3G5NLvuf9EvhePVHEsfgRLAF9givVWhJRFHKbiFDxZMZF+W66pj E+lxe075VkRb4I7YTJHYtaMDGNa/cppB0Mb0LMochrnY4xFb1OYLTvUchjsYwdog FWn9TJN0VBGLCZBdLBPdpiWnkbjADREQzjRocvQ7vimLCE9QO/T9UMXg/T6ahP/H Eq6WIQbP3BCAkSHzdUznJyRQhVNxIP7dAfApKwkyV9quL/HXTlmNp2+KDjZgTSZI dvk3Ga8uRQ+xzmZH4Sk2fAc5shRDHEnENpTGd62bhexNJP36LS49UULrY8LZgXJi YcNB6dXAc+/7F/SNLEm8Qry/NOECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT4NETS BvkieUnJhstKX2pUUsN4TTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o/AwDQYJKoZIhvcNAQELBQADggEBAIKDVd/VR4yK4wtFbnS4acSlcsjbsA4PrdY1 HiQbDEB1N4UwuphmhEBlOt3MMgHeWeyk5Vm0rwhPRVCvaiWdrDYM5CWsaqd8XuhW egQwOzFdSEKZAzYtT0/slW2hTex0NeENTKsFtD5uqXqu1PPqCRnUfa4HPB9Mv5RQ yHhPhnxbBqQKIXFvPhz/8/eccSfrHATtFHk9si+2IFf8FRKk9yTnb255RygzLyhB /f5AlqNddvb1u6cX196qYOHk07KJaBOapeXgwVAUcenyFrtJ2uBAIu3A3T2L5Jxc q8dqnTPGHWBLZGcxECFBvv2h6iNVxMuAqitz2TxC3OrRt3ywDEI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:50 2026 by rpki-client