$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143681.roa File: AS143681.roa (raw, json) Hash identifier: hmmNkYDMQ7GyOLP9kkgWz1hewfP6g+EzZg629oOhacY= Subject key identifier: 97:2D:A8:3B:A6:CF:DC:24:C0:4B:37:E4:FE:9C:84:CE:FF:2B:68:0E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 14C443B6FB9C9FFF119FF6E0475F707DDAE040DD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143681.roa Signing time: Wed 04 Mar 2026 06:13:57 +0000 ROA not before: Wed 04 Mar 2026 06:08:57 +0000 ROA not after: Wed 03 Mar 2027 06:13:57 +0000 asID: 143681 IP address blocks: 240a:a407::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:c4:43:b6:fb:9c:9f:ff:11:9f:f6:e0:47:5f:70:7d:da:e0:40:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:57 2026 GMT Not After : Mar 3 06:13:57 2027 GMT Subject: CN=972DA83BA6CFDC24C04B37E4FE9C84CEFF2B680E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:53:cd:66:42:a3:ff:9c:a0:3d:69:9c:d2:8a: 14:dc:2a:b0:95:c2:8d:ae:db:cc:79:d6:dc:f4:70: 85:96:43:97:8d:36:3f:c5:3c:12:29:8c:77:77:d6: 21:1a:46:05:6f:f5:a0:af:95:6c:12:4d:15:99:42: ca:c9:b9:8e:ed:1d:24:d5:8a:f3:77:ed:8f:fb:28: b7:68:f8:59:3d:2b:c0:d4:57:ab:41:ae:9f:77:4f: 55:3d:10:e9:87:e1:46:6f:9d:7d:1a:c6:3a:29:8d: e3:e2:6c:a3:8e:6a:b8:a0:68:95:3f:c2:36:d5:6a: 9a:3c:60:3c:cc:13:b1:56:ae:08:ab:69:8b:4a:56: a9:a0:92:d6:bf:b0:59:63:50:e5:c2:62:48:cc:ac: 14:69:d5:f8:da:da:34:12:be:d8:cf:9a:52:5d:15: ec:67:1b:89:c2:37:ef:38:38:d7:c6:28:9c:c8:ff: e1:f4:9b:ad:c4:f7:32:9e:04:97:9f:75:60:39:a4: 33:ee:00:13:3f:6a:aa:c1:b0:ab:cd:79:96:15:0b: 71:c9:fe:80:69:b5:a0:2d:b1:2c:ac:e6:bb:3b:57: ea:66:fb:28:77:ce:1c:32:b7:17:c7:45:c9:08:0e: 84:db:62:75:ca:5a:67:ab:ab:3f:ee:6d:35:47:41: 95:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:2D:A8:3B:A6:CF:DC:24:C0:4B:37:E4:FE:9C:84:CE:FF:2B:68:0E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143681.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a407::/32 Signature Algorithm: sha256WithRSAEncryption 34:8c:6a:ba:2a:dc:d4:78:87:c2:fe:9a:0e:0f:0b:1b:95:aa: 21:7d:a1:fd:61:cb:6e:1e:cb:29:3d:ca:2b:23:95:3e:7b:7f: 92:4f:81:b9:d6:e9:fb:c8:71:27:db:2d:d1:50:b3:8e:c3:34: 72:af:fc:5d:dc:e6:c0:10:b3:e8:19:dd:10:7e:ea:0f:28:ea: cf:a2:f1:11:40:0b:81:c2:e3:ca:55:0f:46:00:e0:3c:09:e9: 2a:8e:71:5e:84:c3:84:eb:b4:e7:fe:b2:d9:6a:79:be:ad:53: 89:b0:01:0e:76:42:c1:d2:88:82:88:89:30:47:dd:71:84:37: 18:cd:8e:6a:52:48:c4:dc:05:45:41:40:e7:53:39:2e:9a:90: bc:fa:8f:f7:21:79:86:37:5e:ae:0e:05:f2:18:b0:9a:05:19: f8:3d:6d:b7:48:7d:e9:5b:35:6c:48:21:eb:2a:f2:e3:4f:7a: 57:19:02:cd:3c:33:59:54:12:aa:bb:a9:83:2f:2a:3f:cf:02: a6:36:96:94:c0:82:01:d7:1e:b0:be:79:30:be:53:74:21:f7: c1:ce:ca:65:fb:7b:b7:2f:28:5a:55:af:19:be:c5:b6:d0:ac: e2:4b:16:fd:28:6a:ee:48:b9:a8:88:6d:f6:db:ac:78:ee:b2: 21:1c:ec:4d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFMRDtvucn/8Rn/bgR19wfdrgQN0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1N1oX DTI3MDMwMzA2MTM1N1owMzExMC8GA1UEAxMoOTcyREE4M0JBNkNGREMyNEMwNEIz N0U0RkU5Qzg0Q0VGRjJCNjgwRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO9TzWZCo/+coD1pnNKKFNwqsJXCja7bzHnW3PRwhZZDl402P8U8EimMd3fW IRpGBW/1oK+VbBJNFZlCysm5ju0dJNWK83ftj/sot2j4WT0rwNRXq0Gun3dPVT0Q 6YfhRm+dfRrGOimN4+Jso45quKBolT/CNtVqmjxgPMwTsVauCKtpi0pWqaCS1r+w WWNQ5cJiSMysFGnV+NraNBK+2M+aUl0V7GcbicI37zg418YonMj/4fSbrcT3Mp4E l591YDmkM+4AEz9qqsGwq815lhULccn+gGm1oC2xLKzmuztX6mb7KHfOHDK3F8dF yQgOhNtidcpaZ6urP+5tNUdBlcECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSXLag7 ps/cJMBLN+T+nITO/ytoDjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY4MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pAcwDQYJKoZIhvcNAQELBQADggEBADSMaroq3NR4h8L+mg4PCxuVqiF9of1hy24e yyk9yisjlT57f5JPgbnW6fvIcSfbLdFQs47DNHKv/F3c5sAQs+gZ3RB+6g8o6s+i 8RFAC4HC48pVD0YA4DwJ6SqOcV6Ew4TrtOf+stlqeb6tU4mwAQ52QsHSiIKIiTBH 3XGENxjNjmpSSMTcBUVBQOdTOS6akLz6j/cheYY3Xq4OBfIYsJoFGfg9bbdIfelb NWxIIesq8uNPelcZAs08M1lUEqq7qYMvKj/PAqY2lpTAggHXHrC+eTC+U3Qh98HO ymX7e7cvKFpVrxm+xbbQrOJLFv0oau5IuaiIbfbbrHjusiEc7E0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:34 2026 by rpki-client