$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143691.roa File: AS143691.roa (raw, json) Hash identifier: ZnKCel5NGRp7uR9X/g20e/8jiyhXo0uyr883GTaxSb8= Subject key identifier: 35:DE:EF:3D:26:9D:16:6B:46:1E:A6:F2:6B:A0:B8:6B:6A:A5:18:39 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 45346A1060EA936B7E8AD98585176AE4EF099AC2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143691.roa Signing time: Wed 04 Mar 2026 06:12:35 +0000 ROA not before: Wed 04 Mar 2026 06:07:35 +0000 ROA not after: Wed 03 Mar 2027 06:12:35 +0000 asID: 143691 IP address blocks: 240a:a411::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:34:6a:10:60:ea:93:6b:7e:8a:d9:85:85:17:6a:e4:ef:09:9a:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:35 2026 GMT Not After : Mar 3 06:12:35 2027 GMT Subject: CN=35DEEF3D269D166B461EA6F26BA0B86B6AA51839 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:35:00:78:45:b7:b8:64:9d:ca:0a:f3:25:be: c9:71:89:37:d6:fe:71:3f:c4:a1:6e:62:d8:05:1b: 89:62:90:d7:9a:e7:b6:f6:8b:d3:33:53:18:a8:f8: e2:5a:d8:96:e8:c2:6a:28:f0:07:f0:41:90:3d:ac: e6:07:92:72:d6:56:ff:54:03:1c:8b:f4:e1:69:f8: 47:f2:4c:e6:b4:b3:e7:94:0f:8a:4e:d1:1e:ee:05: b9:65:c5:0b:d7:e2:01:30:a5:b5:55:5d:e2:2c:ee: d7:a3:7e:83:50:76:d4:09:30:de:56:5d:44:60:99: c4:8d:56:ef:5c:57:2a:b5:20:71:a7:7d:aa:45:ea: ba:75:b2:5f:27:29:1e:ce:01:2d:f7:1e:1f:38:ff: 11:21:f4:a3:51:02:bf:c7:b3:86:c7:a3:71:71:0b: 1f:8b:19:73:3a:47:d3:ef:9d:fa:1b:af:75:55:14: 9e:e7:24:e8:19:e3:c5:a5:a3:4a:e4:f8:0a:35:de: 0f:dd:95:87:b9:45:c2:76:0c:f8:02:49:42:81:76: 0f:ab:80:af:77:2d:0b:4f:ea:2c:d5:f6:48:54:16: df:e9:34:c9:0f:1a:46:b6:c2:8c:e7:77:0b:22:a0: 0e:8b:0e:d6:ef:9c:ec:09:46:3c:f4:4f:0c:6e:99: 0f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DE:EF:3D:26:9D:16:6B:46:1E:A6:F2:6B:A0:B8:6B:6A:A5:18:39 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143691.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a411::/32 Signature Algorithm: sha256WithRSAEncryption b4:7d:ca:d7:07:54:a9:1a:7a:40:75:c8:2b:46:39:aa:70:49: 95:40:ac:ac:52:52:f5:e5:40:30:08:7a:d5:3f:6a:2e:40:9a: 86:77:22:ee:a9:fe:cc:b6:36:f5:9f:07:f1:96:dd:28:c4:1e: be:66:a0:58:93:00:63:50:d8:1c:25:f9:e7:b5:97:13:ef:cc: 77:5a:b8:54:23:4e:a4:e0:f9:57:14:ad:ac:b2:b4:01:8c:8a: 98:5a:bc:1c:e9:7f:a3:6d:09:e9:79:69:64:e1:73:b8:95:2a: a0:57:f9:08:93:d7:50:8a:e0:ba:b0:ec:56:a8:b5:ef:dd:10: 4c:53:4b:80:08:00:ad:4d:4e:3b:b3:4e:40:da:b3:ae:ab:cb: 23:72:65:d7:22:6d:a3:e3:ae:b7:34:13:e2:38:29:72:c1:e7: 24:d4:c7:5b:f7:e6:07:ec:95:5e:3d:44:2a:a6:bb:fb:cc:1d: 9c:a8:7d:66:4e:a4:40:a0:2f:7c:85:87:1d:02:ad:c9:b7:23: 19:e0:45:53:dd:32:a9:e5:b4:fd:40:54:a7:18:2f:a4:bf:5b: 07:52:ff:50:2e:c3:57:2b:78:2a:ce:9b:56:16:66:00:de:1d: ce:91:f2:7a:b3:1a:10:1a:c3:8f:46:ba:2c:a5:bc:d3:6d:9d: 7d:64:e2:97 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURTRqEGDqk2t+itmFhRdq5O8JmsIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczNVoX DTI3MDMwMzA2MTIzNVowMzExMC8GA1UEAxMoMzVERUVGM0QyNjlEMTY2QjQ2MUVB NkYyNkJBMEI4NkI2QUE1MTgzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANE1AHhFt7hkncoK8yW+yXGJN9b+cT/EoW5i2AUbiWKQ15rntvaL0zNTGKj4 4lrYlujCaijwB/BBkD2s5geSctZW/1QDHIv04Wn4R/JM5rSz55QPik7RHu4FuWXF C9fiATCltVVd4izu16N+g1B21Akw3lZdRGCZxI1W71xXKrUgcad9qkXqunWyXycp Hs4BLfceHzj/ESH0o1ECv8ezhsejcXELH4sZczpH0++d+huvdVUUnuck6BnjxaWj SuT4CjXeD92Vh7lFwnYM+AJJQoF2D6uAr3ctC0/qLNX2SFQW3+k0yQ8aRrbCjOd3 CyKgDosO1u+c7AlGPPRPDG6ZDwECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ13u89 Jp0Wa0YepvJroLhraqUYOTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pBEwDQYJKoZIhvcNAQELBQADggEBALR9ytcHVKkaekB1yCtGOapwSZVArKxSUvXl QDAIetU/ai5AmoZ3Iu6p/sy2NvWfB/GW3SjEHr5moFiTAGNQ2Bwl+ee1lxPvzHda uFQjTqTg+VcUrayytAGMiphavBzpf6NtCel5aWThc7iVKqBX+QiT11CK4Lqw7Fao te/dEExTS4AIAK1NTjuzTkDas66ryyNyZdcibaPjrrc0E+I4KXLB5yTUx1v35gfs lV49RCqmu/vMHZyofWZOpECgL3yFhx0Crcm3IxngRVPdMqnltP1AVKcYL6S/WwdS /1Auw1creCrOm1YWZgDeHc6R8nqzGhAaw49GuiylvNNtnX1k4pc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:44 2026 by rpki-client