$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143685.roa File: AS143685.roa (raw, json) Hash identifier: Ij40VfOy4tDdk2XbnUADqmri1BBfCGGnxid6HyZxf3w= Subject key identifier: 81:5C:5D:45:FF:BA:02:E4:6A:D8:23:08:5B:40:18:A4:34:39:CC:FB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: F7D24F54C86FA526E74D27D0A6019F2E86F3EF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143685.roa Signing time: Wed 04 Mar 2026 06:13:37 +0000 ROA not before: Wed 04 Mar 2026 06:08:37 +0000 ROA not after: Wed 03 Mar 2027 06:13:37 +0000 asID: 143685 IP address blocks: 240a:a40b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: f7:d2:4f:54:c8:6f:a5:26:e7:4d:27:d0:a6:01:9f:2e:86:f3:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:37 2026 GMT Not After : Mar 3 06:13:37 2027 GMT Subject: CN=815C5D45FFBA02E46AD823085B4018A43439CCFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8d:1b:31:04:cc:e8:61:58:6f:55:c0:17:a3: ba:d0:cb:8f:dd:71:16:e8:ee:2c:3d:5e:8f:1b:5f: 67:bb:57:06:68:34:b4:db:df:e1:99:e9:5b:96:ab: 57:5f:3e:0b:af:47:2d:36:13:7e:79:c6:23:8f:c3: 84:d5:0e:ef:6a:13:b1:c7:fa:7d:4e:50:04:e2:25: a3:56:84:78:f8:ad:8b:e5:30:b1:0e:b5:a2:56:7c: e2:5e:b9:4a:cb:99:dc:fa:43:ec:6b:f4:91:51:84: 89:f2:fb:5c:68:08:8f:f9:21:27:16:0d:c4:3c:d3: 41:8a:e0:3f:c5:d2:62:e7:fd:43:2d:8a:20:76:51: 0d:f6:d9:e6:3e:48:49:e7:9d:e8:6c:ff:3e:63:92: 19:b6:40:84:b1:37:60:f3:f0:a7:8d:2e:7b:90:66: 91:33:47:bd:e3:27:5c:78:88:30:68:2b:8a:43:e5: 37:51:55:89:53:62:9a:c4:5c:71:e5:0f:5c:3b:a0: be:70:6f:d2:05:07:81:c1:0d:6c:9e:9b:8c:93:9f: 84:98:3c:b5:b4:8e:6b:b9:a3:5a:b3:b1:c6:13:7d: b4:30:e6:26:5f:47:45:eb:3d:ef:03:37:36:0a:d0: 16:a8:28:74:60:6a:68:1c:57:e8:ae:40:46:83:64: 04:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:5C:5D:45:FF:BA:02:E4:6A:D8:23:08:5B:40:18:A4:34:39:CC:FB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143685.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a40b::/32 Signature Algorithm: sha256WithRSAEncryption ae:7b:81:e6:77:25:ae:88:9c:0d:23:76:5b:ff:cb:6c:bc:0c: 2f:cf:c2:05:68:e5:7a:94:32:bb:03:c9:56:2f:6d:04:aa:66: 6b:5f:0e:ec:2a:6d:23:c8:cf:7f:4d:50:bc:47:a6:d1:01:fa: 41:e4:19:14:2b:01:cf:ca:44:33:2d:e7:8f:0b:bd:af:4d:f6: 06:4a:5a:69:47:ff:3e:b8:f4:95:b1:d5:f3:9a:fe:e0:c9:e7: f4:83:97:8c:41:e7:a5:dd:74:bc:b4:5e:1c:be:2b:58:e2:b3: f9:bd:bb:70:1e:5c:1e:1a:29:48:a5:4d:6c:be:09:ae:7c:e1: cd:58:8d:9b:d0:82:1b:c8:29:27:90:e6:72:3a:df:fc:68:ba: f5:c7:77:a2:ec:1a:b7:b7:c5:62:96:75:e0:fa:b4:69:9d:50: 15:c8:5b:0d:02:a8:a9:70:5e:bb:34:06:1b:9a:33:29:6a:dc: 70:ea:05:9a:84:92:4e:57:01:a0:2a:dd:6b:48:fc:1f:dd:53: ce:9c:93:ad:fb:e4:d2:19:22:94:60:f7:1e:b9:a7:0c:bc:1d: ee:f5:2e:49:9d:3c:8f:16:89:96:50:73:69:39:f6:f3:e9:0b: 57:50:79:14:fe:53:c7:37:1f:af:1a:14:65:85:63:39:e0:02: dd:c2:04:de -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAPfST1TIb6Um500n0KYBny6G8+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzN1oX DTI3MDMwMzA2MTMzN1owMzExMC8GA1UEAxMoODE1QzVENDVGRkJBMDJFNDZBRDgy MzA4NUI0MDE4QTQzNDM5Q0NGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqNGzEEzOhhWG9VwBejutDLj91xFujuLD1ejxtfZ7tXBmg0tNvf4ZnpW5ar V18+C69HLTYTfnnGI4/DhNUO72oTscf6fU5QBOIlo1aEePiti+UwsQ61olZ84l65 SsuZ3PpD7Gv0kVGEifL7XGgIj/khJxYNxDzTQYrgP8XSYuf9Qy2KIHZRDfbZ5j5I Seed6Gz/PmOSGbZAhLE3YPPwp40ue5BmkTNHveMnXHiIMGgrikPlN1FViVNimsRc ceUPXDugvnBv0gUHgcENbJ6bjJOfhJg8tbSOa7mjWrOxxhN9tDDmJl9HRes97wM3 NgrQFqgodGBqaBxX6K5ARoNkBGkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSBXF1F /7oC5GrYIwhbQBikNDnM+zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pAswDQYJKoZIhvcNAQELBQADggEBAK57geZ3Ja6InA0jdlv/y2y8DC/PwgVo5XqU MrsDyVYvbQSqZmtfDuwqbSPIz39NULxHptEB+kHkGRQrAc/KRDMt548Lva9N9gZK WmlH/z649JWx1fOa/uDJ5/SDl4xB56XddLy0Xhy+K1jis/m9u3AeXB4aKUilTWy+ Ca584c1YjZvQghvIKSeQ5nI63/xouvXHd6LsGre3xWKWdeD6tGmdUBXIWw0CqKlw Xrs0BhuaMylq3HDqBZqEkk5XAaAq3WtI/B/dU86ck6375NIZIpRg9x65pwy8He71 LkmdPI8WiZZQc2k59vPpC1dQeRT+U8c3H68aFGWFYzngAt3CBN4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:49 2026 by rpki-client