$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143665.roa File: AS143665.roa (raw, json) Hash identifier: S3+7oAhNJAbuWHjWyCHn6P5KKvQ/5P8Q+NAAT/SHdoA= Subject key identifier: 66:8A:A4:42:EF:41:17:7C:FA:DB:E1:55:C8:4A:18:F1:96:03:41:D7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1D88A3358F838B2CA0E1BEB3F95FEADB55A27D6B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143665.roa Signing time: Wed 04 Mar 2026 06:13:01 +0000 ROA not before: Wed 04 Mar 2026 06:08:01 +0000 ROA not after: Wed 03 Mar 2027 06:13:01 +0000 asID: 143665 IP address blocks: 240a:a3f7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:88:a3:35:8f:83:8b:2c:a0:e1:be:b3:f9:5f:ea:db:55:a2:7d:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:01 2026 GMT Not After : Mar 3 06:13:01 2027 GMT Subject: CN=668AA442EF41177CFADBE155C84A18F1960341D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e2:1b:f0:ab:44:93:d0:08:35:fd:a1:be:3a: fa:9f:56:56:09:bb:59:67:70:1f:83:dc:26:b1:82: 45:69:67:18:32:ff:a9:1f:a7:5b:2a:be:a4:e9:9c: 4f:63:ec:d3:c4:a5:55:a3:8c:09:5d:36:c6:a1:74: 60:14:ae:1c:12:96:7d:9c:f3:bf:c1:68:a3:19:30: a0:79:78:42:09:3a:0a:e1:1f:19:f7:48:7e:cc:ff: 6c:e9:06:ea:67:4b:8c:53:11:76:a0:73:eb:1d:16: 3c:e5:1f:b4:a3:cd:ba:8f:c5:28:90:58:74:7e:6c: 3c:e2:0d:cc:d9:02:f3:b5:f7:56:1f:a5:2d:9f:46: 70:1d:0a:49:d2:bf:84:c7:71:ea:b7:60:65:70:ed: cf:66:d3:fb:5a:25:f4:9b:f4:a6:d1:00:53:98:79: 3c:61:1f:8e:0e:f8:d3:39:01:b7:cc:d5:8f:f0:c4: 82:6e:c2:76:04:9e:45:0e:4d:11:37:c0:79:d0:77: b7:d9:7c:74:08:ca:27:46:51:da:81:7a:99:78:ec: 3e:f8:9e:85:a5:17:45:67:0a:2d:72:17:f2:f1:bc: 4c:62:de:73:10:25:59:aa:f9:0c:0f:04:79:90:ab: ab:c2:62:16:1a:91:f2:b2:56:18:dd:38:4a:ba:75: 1e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:8A:A4:42:EF:41:17:7C:FA:DB:E1:55:C8:4A:18:F1:96:03:41:D7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143665.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3f7::/32 Signature Algorithm: sha256WithRSAEncryption 7a:55:4c:fd:87:57:79:62:19:44:da:ca:f8:98:24:a2:c2:a4: d8:c9:50:cd:54:a6:e0:b0:8b:3a:60:2f:3f:53:c4:7d:cd:04: a9:54:85:fc:83:78:b1:c0:21:52:23:ce:90:d9:e3:7f:cf:94: d8:c5:f7:6d:fc:99:d5:12:c2:ed:d4:de:cb:9e:4d:09:4d:9a: 35:74:66:5d:de:f2:07:29:7c:cb:61:c5:7a:3f:89:c1:58:c9: 15:88:ee:1a:c1:f9:76:d0:10:47:9b:15:7a:68:46:e1:c8:46: 5c:2c:55:92:9a:a5:5f:26:f9:e1:c3:d1:39:a5:be:18:95:72: 83:60:60:9d:0c:70:46:8c:d8:a3:fb:3f:ab:8c:72:11:66:26: 0d:f2:a2:07:69:fc:cb:d9:b6:d6:e7:fd:a4:c6:2b:11:32:c2: 08:3c:e6:85:2f:25:1a:16:8a:bc:ea:9b:5a:d5:13:be:f8:b6: ea:24:dc:73:77:60:2d:7a:29:21:16:aa:66:ce:48:01:6c:5c: 21:6d:a1:d9:02:53:d9:d0:9c:0f:4c:69:95:8f:d7:ef:ac:45: dc:da:7d:15:f4:9a:57:65:aa:e3:f9:01:23:df:c5:4f:3d:2d: 69:69:85:c5:9c:97:fe:bd:7a:eb:3f:21:e5:5c:77:17:95:5a: 64:97:a7:eb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHYijNY+Diyyg4b6z+V/q21WifWswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwMVoX DTI3MDMwMzA2MTMwMVowMzExMC8GA1UEAxMoNjY4QUE0NDJFRjQxMTc3Q0ZBREJF MTU1Qzg0QTE4RjE5NjAzNDFENzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKniG/CrRJPQCDX9ob46+p9WVgm7WWdwH4PcJrGCRWlnGDL/qR+nWyq+pOmc T2Ps08SlVaOMCV02xqF0YBSuHBKWfZzzv8FooxkwoHl4Qgk6CuEfGfdIfsz/bOkG 6mdLjFMRdqBz6x0WPOUftKPNuo/FKJBYdH5sPOINzNkC87X3Vh+lLZ9GcB0KSdK/ hMdx6rdgZXDtz2bT+1ol9Jv0ptEAU5h5PGEfjg740zkBt8zVj/DEgm7CdgSeRQ5N ETfAedB3t9l8dAjKJ0ZR2oF6mXjsPviehaUXRWcKLXIX8vG8TGLecxAlWar5DA8E eZCrq8JiFhqR8rJWGN04Srp1Hl8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRmiqRC 70EXfPrb4VXIShjxlgNB1zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY2NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o/cwDQYJKoZIhvcNAQELBQADggEBAHpVTP2HV3liGUTayviYJKLCpNjJUM1UpuCw izpgLz9TxH3NBKlUhfyDeLHAIVIjzpDZ43/PlNjF9238mdUSwu3U3sueTQlNmjV0 Zl3e8gcpfMthxXo/icFYyRWI7hrB+XbQEEebFXpoRuHIRlwsVZKapV8m+eHD0Tml vhiVcoNgYJ0McEaM2KP7P6uMchFmJg3yogdp/MvZttbn/aTGKxEywgg85oUvJRoW irzqm1rVE774tuok3HN3YC16KSEWqmbOSAFsXCFtodkCU9nQnA9MaZWP1++sRdza fRX0mldlquP5ASPfxU89LWlphcWcl/69eus/IeVcdxeVWmSXp+s= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:39 2026 by rpki-client