$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143671.roa File: AS143671.roa (raw, json) Hash identifier: woWON0xwA8H2lSgOHcZccScKAQGtzG7g5DWCmK6/kJ4= Subject key identifier: 5A:11:00:4D:00:2F:D3:A1:C7:09:21:E3:A8:7D:1E:EB:3B:01:DA:9E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 45CF22FFECC34AF74252C188597CD19E9C33A87D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143671.roa Signing time: Wed 04 Mar 2026 06:14:38 +0000 ROA not before: Wed 04 Mar 2026 06:09:38 +0000 ROA not after: Wed 03 Mar 2027 06:14:38 +0000 asID: 143671 IP address blocks: 240a:a3fd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:cf:22:ff:ec:c3:4a:f7:42:52:c1:88:59:7c:d1:9e:9c:33:a8:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:38 2026 GMT Not After : Mar 3 06:14:38 2027 GMT Subject: CN=5A11004D002FD3A1C70921E3A87D1EEB3B01DA9E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:41:8e:00:4c:ae:da:d5:56:ba:9b:93:07:8e: 00:e0:00:98:ec:2e:6b:a5:01:5f:64:f4:9e:ca:24: 1a:97:eb:5a:8d:db:5e:4f:72:1c:08:d0:3f:ea:82: 8e:63:42:cd:df:d0:30:8f:3e:93:8c:21:9d:04:cd: 01:8e:c7:bb:a8:6d:d5:d8:a2:3c:88:6b:98:33:a9: e1:ec:aa:bf:ae:a6:5d:0f:3c:99:55:17:14:c5:bf: c0:22:e9:95:fd:67:31:47:ea:9c:d3:01:71:c5:b0: 5c:4a:98:66:ff:80:f8:21:61:57:99:91:38:48:92: 8e:01:bb:2d:0c:77:e4:bf:b4:99:b6:6e:b4:dc:27: 7e:54:82:19:6d:10:61:35:a0:76:31:dc:34:92:08: fd:fb:ce:06:55:c9:bf:12:fd:e4:d7:8d:e3:0b:e4: 3f:6a:f5:48:23:43:78:fb:31:cc:10:05:65:60:fe: 79:73:6c:07:90:98:52:c5:f0:28:20:2f:d0:1f:10: 2a:c3:9c:c8:30:59:c9:ce:ef:77:a0:6a:ac:0a:ee: ff:72:30:f0:3a:73:2b:33:61:f9:67:27:3f:dd:ab: 1b:9d:52:18:08:35:c8:ca:84:55:2a:08:16:4d:88: c1:c0:10:7d:67:2e:04:d1:b8:31:14:d0:de:6a:a3: 07:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:11:00:4D:00:2F:D3:A1:C7:09:21:E3:A8:7D:1E:EB:3B:01:DA:9E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143671.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3fd::/32 Signature Algorithm: sha256WithRSAEncryption a9:bf:1f:91:d9:b2:73:5e:a6:84:a5:45:16:91:6f:a9:c2:f5: c0:1d:63:29:11:a9:99:73:a7:b5:33:99:05:21:89:e4:d8:ac: 8c:6f:81:5b:69:7f:24:88:51:cc:6d:01:69:60:da:51:3a:fa: 32:36:17:3a:73:39:db:4f:57:4d:33:3a:81:8d:b7:8a:09:e3: 16:1c:de:ab:d1:73:bf:7b:b5:4f:0d:a9:7b:14:e1:0b:b0:95: 8a:78:73:63:79:42:b3:93:f9:8c:ca:ab:ad:5f:07:c5:da:6d: 9c:f0:d6:d6:a8:00:ee:08:d6:54:e4:74:2d:ed:68:0b:03:eb: 36:9b:ac:16:ae:c8:3e:14:dd:55:10:a1:fe:b6:28:fc:a1:55: e0:73:f3:3f:c1:e1:00:18:97:b4:e2:e9:51:1c:b8:1c:d2:a5: 74:3d:54:7b:02:46:e0:a0:ff:e5:32:57:14:66:15:73:d3:86: 01:f1:68:06:df:7f:47:3d:0b:52:6d:3e:58:4c:76:b5:4f:c1: fd:b0:8c:00:7d:e6:7c:81:e2:14:83:2d:16:4c:f2:b1:c0:c0: 70:46:b0:f3:88:dd:26:64:e9:cd:d8:64:ef:60:da:4c:a6:cd: aa:ee:21:c6:9b:ac:b3:19:76:4d:1c:f0:74:0e:f2:14:9d:e1: 42:2c:e9:cd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURc8i/+zDSvdCUsGIWXzRnpwzqH0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzOFoX DTI3MDMwMzA2MTQzOFowMzExMC8GA1UEAxMoNUExMTAwNEQwMDJGRDNBMUM3MDky MUUzQTg3RDFFRUIzQjAxREE5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOJBjgBMrtrVVrqbkweOAOAAmOwua6UBX2T0nsokGpfrWo3bXk9yHAjQP+qC jmNCzd/QMI8+k4whnQTNAY7Hu6ht1diiPIhrmDOp4eyqv66mXQ88mVUXFMW/wCLp lf1nMUfqnNMBccWwXEqYZv+A+CFhV5mROEiSjgG7LQx35L+0mbZutNwnflSCGW0Q YTWgdjHcNJII/fvOBlXJvxL95NeN4wvkP2r1SCNDePsxzBAFZWD+eXNsB5CYUsXw KCAv0B8QKsOcyDBZyc7vd6BqrAru/3Iw8DpzKzNh+WcnP92rG51SGAg1yMqEVSoI Fk2IwcAQfWcuBNG4MRTQ3mqjB9sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRaEQBN AC/ToccJIeOofR7rOwHanjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o/0wDQYJKoZIhvcNAQELBQADggEBAKm/H5HZsnNepoSlRRaRb6nC9cAdYykRqZlz p7UzmQUhieTYrIxvgVtpfySIUcxtAWlg2lE6+jI2FzpzOdtPV00zOoGNt4oJ4xYc 3qvRc797tU8NqXsU4QuwlYp4c2N5QrOT+YzKq61fB8XabZzw1taoAO4I1lTkdC3t aAsD6zabrBauyD4U3VUQof62KPyhVeBz8z/B4QAYl7Ti6VEcuBzSpXQ9VHsCRuCg /+UyVxRmFXPThgHxaAbff0c9C1JtPlhMdrVPwf2wjAB95nyB4hSDLRZM8rHAwHBG sPOI3SZk6c3YZO9g2kymzaruIcabrLMZdk0c8HQO8hSd4UIs6c0= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:34 2026 by rpki-client