$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143699.roa File: AS143699.roa (raw, json) Hash identifier: xRGh1mCSlDuvRsOM58M35xXplQVTJ6C/kNgB8MI6EFE= Subject key identifier: A4:D8:60:F9:11:5C:A7:C9:30:C6:7B:AF:9F:C3:89:F2:82:AB:11:43 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3AB0D3E470C084917A4C54037A377A12D89CCC9C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143699.roa Signing time: Wed 04 Mar 2026 06:13:41 +0000 ROA not before: Wed 04 Mar 2026 06:08:41 +0000 ROA not after: Wed 03 Mar 2027 06:13:41 +0000 asID: 143699 IP address blocks: 240a:a419::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:b0:d3:e4:70:c0:84:91:7a:4c:54:03:7a:37:7a:12:d8:9c:cc:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:41 2026 GMT Not After : Mar 3 06:13:41 2027 GMT Subject: CN=A4D860F9115CA7C930C67BAF9FC389F282AB1143 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:6e:6c:fe:a0:b0:ab:21:82:52:21:3c:df:bc: 10:b2:c9:92:2d:89:8c:e2:b8:4f:f3:55:b2:aa:a5: 38:2b:c5:50:3a:db:fe:61:5c:04:21:ce:b2:63:56: 0a:07:6a:b4:29:c7:cb:9b:8b:95:59:c9:56:d5:24: 69:00:26:31:67:a8:e9:f9:0b:1e:4f:77:16:0f:df: f7:7b:73:6d:fd:58:0d:be:6e:15:cd:84:54:a9:74: 73:e9:b8:08:b9:3b:30:21:a6:fd:4f:e9:4e:5e:8d: c7:53:bb:a1:61:a2:60:54:65:a7:9c:42:e2:fe:77: 8b:35:75:2f:a6:dc:2a:e5:18:08:32:3b:b9:b9:bc: 51:3c:aa:dc:11:e0:aa:4d:2c:93:b7:7b:ae:af:f6: c2:5d:19:c9:5e:2f:2d:c5:98:e8:f7:6a:8c:40:e7: be:64:17:0d:ac:44:5d:ba:80:a7:f4:fe:db:85:2e: e8:4b:91:6e:6d:c2:3f:c4:02:c1:6e:ec:33:f0:af: c9:5c:f3:d7:ad:f9:48:e9:ae:92:d1:8a:19:f0:b7: 3f:77:18:06:81:d6:60:5e:32:c9:69:1b:01:34:fb: f6:45:68:03:24:e7:b2:d7:17:db:f7:d7:b7:52:71: 4c:86:62:54:e4:ea:dc:0e:c6:b1:62:9d:3a:f1:51: e3:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:D8:60:F9:11:5C:A7:C9:30:C6:7B:AF:9F:C3:89:F2:82:AB:11:43 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143699.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a419::/32 Signature Algorithm: sha256WithRSAEncryption 87:c0:9a:17:0d:a5:12:b8:53:3c:fa:65:d4:b8:58:ba:b1:0e: a2:7d:bf:3a:87:35:3f:a9:91:ca:6e:7e:60:19:37:e4:6f:c7: 8b:16:0d:fa:e0:c7:52:9d:66:31:e2:f2:99:8b:47:91:4d:cd: da:fe:7b:1f:63:32:03:24:08:b2:9f:14:88:e2:b7:cd:e5:48: ea:ee:c8:06:d6:9c:23:f5:da:77:11:32:db:a4:d6:b4:fe:e6: e1:a8:81:51:d0:26:d5:4a:2e:51:33:61:62:db:ed:bd:cb:1b: 0a:b3:92:d1:8c:7a:2f:60:b3:04:72:23:20:80:e1:13:b8:73: 3f:14:9c:63:86:65:1c:16:ec:5e:1c:aa:25:8b:19:4c:1a:16: a1:d1:e6:6d:d1:d4:cb:ca:22:49:24:71:e1:76:cc:43:9e:76: a6:a4:c3:0a:0d:47:29:a7:fe:08:21:a2:72:37:fd:08:23:ec: 67:c8:61:78:62:f0:7f:28:7c:98:8c:25:da:66:f7:74:66:41: d5:07:a6:9c:a8:d7:0e:68:8f:1f:b7:8e:c3:a1:5f:22:61:3b: 09:02:64:8a:3e:b6:01:26:74:ba:23:a8:10:ad:69:5e:3f:b1: 60:ef:ad:38:69:06:1d:9b:ff:b1:42:98:1d:8a:9a:74:68:2b: 51:cf:b4:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOrDT5HDAhJF6TFQDejd6EticzJwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0MVoX DTI3MDMwMzA2MTM0MVowMzExMC8GA1UEAxMoQTREODYwRjkxMTVDQTdDOTMwQzY3 QkFGOUZDMzg5RjI4MkFCMTE0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZubP6gsKshglIhPN+8ELLJki2JjOK4T/NVsqqlOCvFUDrb/mFcBCHOsmNW CgdqtCnHy5uLlVnJVtUkaQAmMWeo6fkLHk93Fg/f93tzbf1YDb5uFc2EVKl0c+m4 CLk7MCGm/U/pTl6Nx1O7oWGiYFRlp5xC4v53izV1L6bcKuUYCDI7ubm8UTyq3BHg qk0sk7d7rq/2wl0ZyV4vLcWY6PdqjEDnvmQXDaxEXbqAp/T+24Uu6EuRbm3CP8QC wW7sM/CvyVzz1635SOmuktGKGfC3P3cYBoHWYF4yyWkbATT79kVoAyTnstcX2/fX t1JxTIZiVOTq3A7GsWKdOvFR45sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSk2GD5 EVynyTDGe6+fw4nygqsRQzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pBkwDQYJKoZIhvcNAQELBQADggEBAIfAmhcNpRK4Uzz6ZdS4WLqxDqJ9vzqHNT+p kcpufmAZN+Rvx4sWDfrgx1KdZjHi8pmLR5FNzdr+ex9jMgMkCLKfFIjit83lSOru yAbWnCP12ncRMtuk1rT+5uGogVHQJtVKLlEzYWLb7b3LGwqzktGMei9gswRyIyCA 4RO4cz8UnGOGZRwW7F4cqiWLGUwaFqHR5m3R1MvKIkkkceF2zEOedqakwwoNRymn /gghonI3/Qgj7GfIYXhi8H8ofJiMJdpm93RmQdUHppyo1w5ojx+3jsOhXyJhOwkC ZIo+tgEmdLojqBCtaV4/sWDvrThpBh2b/7FCmB2KmnRoK1HPtNY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:37 2026 by rpki-client