$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143688.roa File: AS143688.roa (raw, json) Hash identifier: UbTUVbTi4k0/8ZkgNIJ8lRe1uZuixHzimkYRMW19ViU= Subject key identifier: 04:06:91:9F:B6:0A:75:AE:50:33:B5:70:65:FC:0A:A5:63:77:89:17 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2D71E5DF19E5DB82CD2594454D6AC1E452D0E70C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143688.roa Signing time: Wed 04 Mar 2026 06:14:42 +0000 ROA not before: Wed 04 Mar 2026 06:09:42 +0000 ROA not after: Wed 03 Mar 2027 06:14:42 +0000 asID: 143688 IP address blocks: 240a:a40e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:71:e5:df:19:e5:db:82:cd:25:94:45:4d:6a:c1:e4:52:d0:e7:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:42 2026 GMT Not After : Mar 3 06:14:42 2027 GMT Subject: CN=0406919FB60A75AE5033B57065FC0AA563778917 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b5:ac:d6:fa:60:be:8e:a3:2f:1d:cc:b4:b1: 64:0b:0a:f5:1f:c4:81:f2:96:e3:41:b1:ca:54:35: 14:7c:aa:56:4c:63:9b:95:d6:74:5c:03:50:3c:4e: 18:5c:34:24:67:bc:fa:6c:7c:36:3c:d4:81:bf:42: fb:b1:2c:7f:6d:af:2d:a4:f1:91:15:8a:d1:2b:9b: 77:3b:8e:0d:56:ca:da:d7:8b:38:48:1f:09:b5:64: 2d:db:c8:6b:60:03:cf:a9:60:0f:fa:7d:96:22:59: 7a:78:d9:76:7b:f0:b7:bd:68:c4:37:ef:2b:c5:4e: a1:05:df:f9:c6:c5:23:f3:4a:7a:da:d9:b6:dc:dc: 0f:ea:df:33:fc:54:99:05:08:85:44:4c:0b:e6:6d: ff:08:36:cb:02:37:39:87:dd:a4:1f:b9:27:d6:e7: 89:2a:86:e6:62:0f:6f:7c:30:3e:8d:7b:9f:74:7e: 7f:fb:0d:fe:c4:b4:95:20:42:bb:2c:88:49:70:bc: 7e:49:07:37:98:36:16:36:59:25:56:bb:57:29:3f: 0d:50:1a:f0:e0:44:e7:0d:0e:f0:b2:19:e1:a5:ac: 4f:6b:1b:a9:89:9c:0e:ad:c7:3c:ee:64:0a:19:ef: 92:98:9e:52:55:0e:8b:b2:32:a8:e3:de:3a:12:d8: f3:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:06:91:9F:B6:0A:75:AE:50:33:B5:70:65:FC:0A:A5:63:77:89:17 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143688.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a40e::/32 Signature Algorithm: sha256WithRSAEncryption cf:a0:6e:02:9a:43:6e:ca:f7:e3:1c:d4:2c:3f:4f:19:c7:09: 3b:34:40:fe:fd:5f:c5:0e:81:17:0d:f7:5b:6c:29:ff:c0:97: df:20:a3:53:5a:aa:4b:04:b7:b0:3e:8f:be:ca:07:44:24:82: ea:e5:4e:5d:d4:8c:e3:0b:cf:60:0f:50:f0:e7:e1:6a:58:df: c1:67:b5:07:92:6d:19:90:97:44:77:6f:0c:44:a7:c9:05:5f: a8:1f:02:21:73:4e:92:98:fb:42:4a:c7:03:c2:16:88:b9:98: ca:93:1b:3b:39:07:98:21:89:be:08:8a:af:92:31:73:c8:20: cc:85:b9:0f:f6:43:ea:81:d8:bf:84:7b:03:ea:76:60:fe:98: ca:48:ba:e1:23:ea:07:e9:53:11:74:d6:c1:2b:cf:1b:91:23: 2e:9f:97:55:f5:d9:70:00:5e:20:0b:d9:bf:d3:1d:85:8e:ab: 11:34:54:c1:46:39:bc:7b:77:d8:27:aa:24:b7:ee:9d:44:39: 67:45:d9:77:3d:6b:41:5b:08:54:6e:e8:3b:d4:02:72:b5:c2: c5:ac:82:1c:de:76:ce:f7:42:92:25:b2:69:00:58:5b:29:77: fb:f5:5b:39:73:c8:a5:ef:f9:2f:dd:87:c2:d9:9e:7c:68:e6: 39:9c:e7:85 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULXHl3xnl24LNJZRFTWrB5FLQ5wwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0MloX DTI3MDMwMzA2MTQ0MlowMzExMC8GA1UEAxMoMDQwNjkxOUZCNjBBNzVBRTUwMzNC NTcwNjVGQzBBQTU2Mzc3ODkxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM61rNb6YL6Ooy8dzLSxZAsK9R/EgfKW40GxylQ1FHyqVkxjm5XWdFwDUDxO GFw0JGe8+mx8NjzUgb9C+7Esf22vLaTxkRWK0SubdzuODVbK2teLOEgfCbVkLdvI a2ADz6lgD/p9liJZenjZdnvwt71oxDfvK8VOoQXf+cbFI/NKetrZttzcD+rfM/xU mQUIhURMC+Zt/wg2ywI3OYfdpB+5J9bniSqG5mIPb3wwPo17n3R+f/sN/sS0lSBC uyyISXC8fkkHN5g2FjZZJVa7Vyk/DVAa8OBE5w0O8LIZ4aWsT2sbqYmcDq3HPO5k ChnvkpieUlUOi7IyqOPeOhLY838CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQEBpGf tgp1rlAztXBl/AqlY3eJFzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pA4wDQYJKoZIhvcNAQELBQADggEBAM+gbgKaQ27K9+Mc1Cw/TxnHCTs0QP79X8UO gRcN91tsKf/Al98go1NaqksEt7A+j77KB0QkgurlTl3UjOMLz2APUPDn4WpY38Fn tQeSbRmQl0R3bwxEp8kFX6gfAiFzTpKY+0JKxwPCFoi5mMqTGzs5B5ghib4Iiq+S MXPIIMyFuQ/2Q+qB2L+EewPqdmD+mMpIuuEj6gfpUxF01sErzxuRIy6fl1X12XAA XiAL2b/THYWOqxE0VMFGObx7d9gnqiS37p1EOWdF2Xc9a0FbCFRu6DvUAnK1wsWs ghzeds73QpIlsmkAWFspd/v1WzlzyKXv+S/dh8LZnnxo5jmc54U= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:23 2026 by rpki-client