$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143662.roa File: AS143662.roa (raw, json) Hash identifier: jtZKmIjVSAssLzbIXKzvZh6pkgsA2VUW60lvSiq8WY8= Subject key identifier: 12:70:0C:24:53:5A:24:35:90:29:00:BF:54:E9:DE:34:AD:1C:9C:2B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 012354CA0BE20D3F4406E28D1E3EE7C6A48A6568 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143662.roa Signing time: Wed 04 Mar 2026 06:15:26 +0000 ROA not before: Wed 04 Mar 2026 06:10:26 +0000 ROA not after: Wed 03 Mar 2027 06:15:26 +0000 asID: 143662 IP address blocks: 240a:a3f4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:23:54:ca:0b:e2:0d:3f:44:06:e2:8d:1e:3e:e7:c6:a4:8a:65:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:26 2026 GMT Not After : Mar 3 06:15:26 2027 GMT Subject: CN=12700C24535A2435902900BF54E9DE34AD1C9C2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b8:54:89:4b:a3:c0:d5:21:ac:89:e3:f4:04: 91:b7:42:23:2d:1b:1b:6b:e1:dc:11:b5:59:a0:f2: 6a:94:31:ab:89:3f:a7:42:c2:62:be:fe:24:d0:55: 10:0b:53:71:84:86:f6:04:b9:67:1b:6d:3d:62:e4: 52:83:aa:53:d2:a7:ee:5c:43:1c:c8:56:2c:1a:8f: e9:4b:b9:79:01:50:62:78:8c:5f:a9:3d:c4:75:ec: 98:af:b0:4b:9c:fa:09:09:d4:47:86:f8:f6:ce:8e: a5:9a:1c:3b:c9:19:ec:87:d7:5e:b4:01:b0:d1:75: 21:02:da:f2:f0:b6:35:ae:43:df:64:eb:22:fd:cd: 1b:7e:cb:04:bc:d3:7f:d8:2a:a9:92:b8:38:94:46: 5d:be:35:55:20:73:8b:c2:f7:97:f1:33:85:a8:ad: 60:84:c9:87:44:10:9a:ab:d2:7f:24:b6:05:2d:1d: 1f:73:c5:0e:25:57:60:c7:2a:9d:22:d5:43:6e:be: ff:24:d2:19:ae:23:5e:08:3a:2c:af:c8:13:30:a6: 7b:c6:da:be:be:62:69:6d:c4:f8:1b:0b:e5:23:3f: f1:61:75:98:22:44:6c:79:dc:83:06:89:67:69:6d: de:e0:f6:a1:80:63:b4:f6:18:a3:b8:ba:5f:29:93: 0a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:70:0C:24:53:5A:24:35:90:29:00:BF:54:E9:DE:34:AD:1C:9C:2B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143662.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3f4::/32 Signature Algorithm: sha256WithRSAEncryption 9e:fb:19:3d:46:6d:be:0e:ba:8b:24:cf:30:3b:2f:9d:0d:cc: 2b:67:d6:dd:2a:96:a0:8e:68:bf:cf:e1:7a:1f:44:17:76:a7: 1f:a0:52:02:58:ce:c3:2d:bb:16:9a:d7:3a:c8:7c:88:95:b8: af:2c:18:f7:10:b3:ec:74:6b:91:f6:25:d5:5c:a5:9d:58:cc: 3d:88:4f:74:22:12:43:e7:c1:00:67:8c:33:bc:bd:fd:01:d1: 75:fa:bd:d5:23:60:60:f9:94:f9:4d:46:c0:b9:2a:47:c5:70: bd:8b:dc:32:4a:9c:76:de:6c:70:14:00:35:27:7d:52:d5:70: 43:8a:37:1d:3d:37:c8:77:e9:d5:a9:d3:01:a6:cc:f3:21:82: d0:d3:81:bf:ae:80:57:31:89:41:38:7a:1b:b0:4a:43:f6:09: 59:b5:e8:0a:cd:1c:96:07:01:9f:11:b5:bd:f4:2f:55:b3:cc: d2:ba:3e:d1:85:4e:0f:87:34:43:80:93:c1:bb:1f:76:02:96: 43:7c:36:ea:c3:38:4d:cb:2f:be:33:35:32:bb:64:67:7f:74: a0:ca:0e:46:02:3e:73:1a:6d:e2:91:73:80:1b:55:ed:9e:62: fc:e2:62:c6:06:27:4e:01:7c:81:0d:2f:00:c7:17:4c:d6:82: 93:26:cc:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUASNUygviDT9EBuKNHj7nxqSKZWgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyNloX DTI3MDMwMzA2MTUyNlowMzExMC8GA1UEAxMoMTI3MDBDMjQ1MzVBMjQzNTkwMjkw MEJGNTRFOURFMzRBRDFDOUMyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALC4VIlLo8DVIayJ4/QEkbdCIy0bG2vh3BG1WaDyapQxq4k/p0LCYr7+JNBV EAtTcYSG9gS5ZxttPWLkUoOqU9Kn7lxDHMhWLBqP6Uu5eQFQYniMX6k9xHXsmK+w S5z6CQnUR4b49s6OpZocO8kZ7IfXXrQBsNF1IQLa8vC2Na5D32TrIv3NG37LBLzT f9gqqZK4OJRGXb41VSBzi8L3l/EzhaitYITJh0QQmqvSfyS2BS0dH3PFDiVXYMcq nSLVQ26+/yTSGa4jXgg6LK/IEzCme8bavr5iaW3E+BsL5SM/8WF1mCJEbHncgwaJ Z2lt3uD2oYBjtPYYo7i6XymTCq8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQScAwk U1okNZApAL9U6d40rRycKzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY2Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o/QwDQYJKoZIhvcNAQELBQADggEBAJ77GT1Gbb4OuoskzzA7L50NzCtn1t0qlqCO aL/P4XofRBd2px+gUgJYzsMtuxaa1zrIfIiVuK8sGPcQs+x0a5H2JdVcpZ1YzD2I T3QiEkPnwQBnjDO8vf0B0XX6vdUjYGD5lPlNRsC5KkfFcL2L3DJKnHbebHAUADUn fVLVcEOKNx09N8h36dWp0wGmzPMhgtDTgb+ugFcxiUE4ehuwSkP2CVm16ArNHJYH AZ8Rtb30L1WzzNK6PtGFTg+HNEOAk8G7H3YClkN8NurDOE3LL74zNTK7ZGd/dKDK DkYCPnMabeKRc4AbVe2eYvziYsYGJ04BfIENLwDHF0zWgpMmzJA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:06 2026 by rpki-client