$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143683.roa File: AS143683.roa (raw, json) Hash identifier: /lSfm27aLcQz32+2i14DQFjb+HIoiT6Xdi9mIVCADVk= Subject key identifier: EF:BC:94:8B:C3:7C:04:E8:CE:31:58:B3:E8:46:87:24:1C:1C:CD:93 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 20A8BD197761FC7E961A1D96CF866E2D0C3C1582 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143683.roa Signing time: Wed 04 Mar 2026 06:15:31 +0000 ROA not before: Wed 04 Mar 2026 06:10:31 +0000 ROA not after: Wed 03 Mar 2027 06:15:31 +0000 asID: 143683 IP address blocks: 240a:a409::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:a8:bd:19:77:61:fc:7e:96:1a:1d:96:cf:86:6e:2d:0c:3c:15:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:31 2026 GMT Not After : Mar 3 06:15:31 2027 GMT Subject: CN=EFBC948BC37C04E8CE3158B3E84687241C1CCD93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:20:cb:a2:fa:f3:bd:5a:3d:03:fa:35:df:28: a5:f1:b4:2c:b4:00:77:97:af:9d:56:06:9a:69:03: a7:f3:7d:5c:ae:83:fd:bd:30:13:52:0e:cb:72:b2: ce:f7:b2:02:18:be:1e:53:31:01:d7:69:ef:4d:cc: 70:c0:48:d1:76:b7:61:e8:9f:6a:8a:81:a6:9c:ed: 4b:ba:fb:7c:25:38:33:b0:8d:4f:05:db:85:06:03: 09:d3:5c:b5:bf:20:6f:c7:fe:94:d9:b8:24:ae:7e: 16:02:de:42:c8:78:9b:11:4c:96:1c:b0:11:d2:74: b4:b4:61:d5:f5:be:d4:45:ea:27:be:71:fc:c3:ee: f3:2d:c7:69:05:22:75:e9:c7:a7:88:ca:65:f5:93: a1:ec:e1:a0:24:a0:65:a7:8e:e9:10:bd:ea:a2:58: d8:f4:de:a8:be:85:9e:c2:49:24:ef:19:d9:09:f6: 1f:5e:fe:5a:d2:6e:a3:53:9e:d9:85:89:63:d4:8b: 42:2a:c6:33:9c:98:34:a1:9c:4b:cd:a5:e7:93:af: 1b:cf:2b:aa:25:b9:e3:19:7a:f1:07:cd:f6:53:44: 78:b1:39:36:5a:0b:be:9d:85:81:aa:ac:ca:42:1c: e4:8a:1e:37:85:74:31:da:7f:fa:bf:24:92:a9:d4: 6c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:BC:94:8B:C3:7C:04:E8:CE:31:58:B3:E8:46:87:24:1C:1C:CD:93 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143683.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a409::/32 Signature Algorithm: sha256WithRSAEncryption 71:50:b8:c0:87:76:40:31:57:21:48:c6:cb:3b:b8:37:5d:5e: 92:54:ca:94:91:a7:af:e5:10:e0:b7:ce:65:d2:e4:71:96:48: 12:40:05:7d:33:97:e3:74:1c:cd:ac:51:28:27:13:24:25:f2: 5d:b0:7e:bb:88:15:87:69:eb:33:e2:6d:08:28:b0:88:25:19: 7a:c5:1d:3c:67:a7:c6:02:f4:37:09:34:2a:a9:b8:6d:53:11: c6:ea:8b:b6:0f:62:5a:b5:9f:2b:9b:13:52:2f:95:57:fe:16: a6:2e:c7:a0:47:2d:63:5e:e6:42:8e:84:de:3f:49:53:77:75: 20:58:8b:04:22:92:bc:32:80:bc:4c:db:0b:25:d4:77:3a:b7: 7d:a3:f8:8c:3a:68:c9:20:88:06:8f:eb:f2:ce:fc:bd:d5:dd: 76:52:13:27:15:6f:49:40:ff:48:04:cd:ae:13:33:a5:e3:18: 0e:15:dc:1a:88:04:c9:00:7e:8f:2d:b3:c0:e1:a5:42:0a:b5: e9:75:20:81:f9:6f:7c:b1:a3:b0:57:d6:3c:9d:a9:24:e0:21: 95:bb:90:ba:88:ce:4a:82:3c:b0:2c:65:5f:36:40:a4:25:a3: 62:e8:30:be:6f:05:e3:2f:b9:25:b8:e8:03:f3:16:cb:0e:65: c2:61:37:ac -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIKi9GXdh/H6WGh2Wz4ZuLQw8FYIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzMVoX DTI3MDMwMzA2MTUzMVowMzExMC8GA1UEAxMoRUZCQzk0OEJDMzdDMDRFOENFMzE1 OEIzRTg0Njg3MjQxQzFDQ0Q5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsgy6L6871aPQP6Nd8opfG0LLQAd5evnVYGmmkDp/N9XK6D/b0wE1IOy3Ky zveyAhi+HlMxAddp703McMBI0Xa3YeifaoqBppztS7r7fCU4M7CNTwXbhQYDCdNc tb8gb8f+lNm4JK5+FgLeQsh4mxFMlhywEdJ0tLRh1fW+1EXqJ75x/MPu8y3HaQUi denHp4jKZfWToezhoCSgZaeO6RC96qJY2PTeqL6FnsJJJO8Z2Qn2H17+WtJuo1Oe 2YWJY9SLQirGM5yYNKGcS82l55OvG88rqiW54xl68QfN9lNEeLE5NloLvp2Fgaqs ykIc5IoeN4V0Mdp/+r8kkqnUbF0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTvvJSL w3wE6M4xWLPoRockHBzNkzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY4My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pAkwDQYJKoZIhvcNAQELBQADggEBAHFQuMCHdkAxVyFIxss7uDddXpJUypSRp6/l EOC3zmXS5HGWSBJABX0zl+N0HM2sUSgnEyQl8l2wfruIFYdp6zPibQgosIglGXrF HTxnp8YC9DcJNCqpuG1TEcbqi7YPYlq1nyubE1IvlVf+FqYux6BHLWNe5kKOhN4/ SVN3dSBYiwQikrwygLxM2wsl1Hc6t32j+Iw6aMkgiAaP6/LO/L3V3XZSEycVb0lA /0gEza4TM6XjGA4V3BqIBMkAfo8ts8DhpUIKtel1IIH5b3yxo7BX1jydqSTgIZW7 kLqIzkqCPLAsZV82QKQlo2LoML5vBeMvuSW46APzFssOZcJhN6w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:51 2026 by rpki-client