$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143660.roa File: AS143660.roa (raw, json) Hash identifier: SKaApJd4PBqmUq57Z1ZNHaHsyOXYtk87KcaLslsx3T0= Subject key identifier: 93:77:8D:7E:B3:5E:B8:8C:1B:05:C3:94:2D:23:91:8F:F6:6A:8D:4B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 18901A80B82DF01BE0609E992EE964E27F2241D7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143660.roa Signing time: Wed 04 Mar 2026 06:15:39 +0000 ROA not before: Wed 04 Mar 2026 06:10:39 +0000 ROA not after: Wed 03 Mar 2027 06:15:39 +0000 asID: 143660 IP address blocks: 240a:a3f2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:90:1a:80:b8:2d:f0:1b:e0:60:9e:99:2e:e9:64:e2:7f:22:41:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:39 2026 GMT Not After : Mar 3 06:15:39 2027 GMT Subject: CN=93778D7EB35EB88C1B05C3942D23918FF66A8D4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:37:13:77:7a:89:2b:38:c9:4f:76:fe:ef:ad: df:1e:57:62:88:f2:78:80:bf:56:f1:19:7b:47:06: ca:f6:a3:fb:5b:63:0e:8f:44:c5:cc:cc:ba:dd:cd: 80:80:65:04:4b:29:78:18:ec:06:01:a1:a3:3f:f8: 78:bd:de:f4:b4:60:ee:af:b6:11:94:71:65:65:0a: ee:d6:1a:77:f5:b8:ec:4e:99:b8:3a:0c:10:71:02: 12:e3:ab:b7:20:c9:3c:16:8b:cc:d6:a4:6a:fb:e2: 9f:3c:19:bc:b5:7a:2f:42:c4:84:d8:d6:3b:7c:2b: 86:e9:b8:b3:b6:32:3b:93:d5:ed:6b:5f:62:b0:08: bb:0c:5a:d2:b9:74:62:e2:1f:42:d1:cd:6e:73:b9: 26:25:00:7b:76:79:1a:5e:85:57:0f:3c:6b:0e:b7: 7a:13:2d:12:7c:12:83:e1:13:4b:b5:28:08:d2:50: d7:ff:74:f4:f4:53:f5:1b:e4:a1:78:11:d7:78:9f: 25:fd:b4:eb:4d:b1:9c:8e:4e:b3:cb:ba:1c:09:a6: 23:0e:94:e2:05:1b:4a:2f:fe:e6:27:77:66:a3:0b: 65:81:cb:9c:84:dc:e9:d0:b8:df:e1:4a:6d:2e:72: 0b:d6:38:3d:8e:2b:fa:a6:9c:c1:b6:22:a6:c2:16: 13:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:77:8D:7E:B3:5E:B8:8C:1B:05:C3:94:2D:23:91:8F:F6:6A:8D:4B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143660.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3f2::/32 Signature Algorithm: sha256WithRSAEncryption 53:4b:f8:8d:39:9d:a9:35:bd:74:e8:6d:ee:86:ba:f4:9e:80: cc:5b:ae:66:51:6d:93:6e:51:27:7d:ec:92:78:fa:8c:27:7d: 4d:c9:28:7b:8c:51:9f:06:40:f5:8d:54:10:da:11:19:74:e0: f4:92:98:66:67:b3:b2:d5:35:76:ac:d0:f6:46:3f:a0:71:ed: ef:3e:e9:eb:18:27:83:c3:31:e6:0b:bc:a1:45:87:ae:92:d4: 08:31:ee:cd:a1:36:a3:9f:e5:d2:69:43:43:55:1f:46:82:94: 91:be:e0:d2:3b:55:f5:bb:bb:4d:1c:51:d3:37:51:ec:41:ea: ec:5f:2c:b4:9f:0a:a3:b2:26:1e:cc:98:5e:61:70:08:9b:37: 57:d9:64:27:99:cf:10:0e:7c:b7:ba:e8:a6:b8:37:60:1a:3e: 07:5e:07:30:57:1b:dc:81:93:a9:30:7f:de:22:e3:ef:6c:06: b5:71:22:94:b8:d8:8d:45:ab:84:fd:1e:8d:6f:15:c9:7c:68: eb:a5:2f:69:a3:3c:cd:30:90:df:1d:a1:46:6c:7b:51:16:44: 88:90:7d:e6:f7:ba:62:a2:af:22:cc:d8:7d:21:53:75:00:86: 6a:dc:c1:f6:2d:de:c7:59:ec:30:78:50:69:4e:2f:80:a8:14: d2:11:97:92 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGJAagLgt8BvgYJ6ZLulk4n8iQdcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzOVoX DTI3MDMwMzA2MTUzOVowMzExMC8GA1UEAxMoOTM3NzhEN0VCMzVFQjg4QzFCMDVD Mzk0MkQyMzkxOEZGNjZBOEQ0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMw3E3d6iSs4yU92/u+t3x5XYojyeIC/VvEZe0cGyvaj+1tjDo9ExczMut3N gIBlBEspeBjsBgGhoz/4eL3e9LRg7q+2EZRxZWUK7tYad/W47E6ZuDoMEHECEuOr tyDJPBaLzNakavvinzwZvLV6L0LEhNjWO3wrhum4s7YyO5PV7WtfYrAIuwxa0rl0 YuIfQtHNbnO5JiUAe3Z5Gl6FVw88aw63ehMtEnwSg+ETS7UoCNJQ1/909PRT9Rvk oXgR13ifJf20602xnI5Os8u6HAmmIw6U4gUbSi/+5id3ZqMLZYHLnITc6dC43+FK bS5yC9Y4PY4r+qacwbYipsIWE+kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSTd41+ s164jBsFw5QtI5GP9mqNSzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o/IwDQYJKoZIhvcNAQELBQADggEBAFNL+I05nak1vXTobe6GuvSegMxbrmZRbZNu USd97JJ4+ownfU3JKHuMUZ8GQPWNVBDaERl04PSSmGZns7LVNXas0PZGP6Bx7e8+ 6esYJ4PDMeYLvKFFh66S1Agx7s2hNqOf5dJpQ0NVH0aClJG+4NI7VfW7u00cUdM3 UexB6uxfLLSfCqOyJh7MmF5hcAibN1fZZCeZzxAOfLe66Ka4N2AaPgdeBzBXG9yB k6kwf94i4+9sBrVxIpS42I1Fq4T9Ho1vFcl8aOulL2mjPM0wkN8doUZse1EWRIiQ feb3umKiryLM2H0hU3UAhmrcwfYt3sdZ7DB4UGlOL4CoFNIRl5I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:20 2026 by rpki-client