$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143330.roa File: AS143330.roa (raw, json) Hash identifier: aK1km6qKUCnMo6ya0oXEhOINFTAq/p97qeEK+Kyal58= Subject key identifier: 65:75:11:BE:84:C8:9D:47:5F:11:81:CA:0C:BE:41:F9:65:03:96:C6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2DF30A93B2C7CA859871BC2CE9A86E0672BDD02A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143330.roa Signing time: Wed 04 Mar 2026 06:06:40 +0000 ROA not before: Wed 04 Mar 2026 06:01:40 +0000 ROA not after: Wed 03 Mar 2027 06:06:40 +0000 asID: 143330 IP address blocks: 240a:a2a8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:f3:0a:93:b2:c7:ca:85:98:71:bc:2c:e9:a8:6e:06:72:bd:d0:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:40 2026 GMT Not After : Mar 3 06:06:40 2027 GMT Subject: CN=657511BE84C89D475F1181CA0CBE41F9650396C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:5a:fd:8d:e4:59:ea:4c:d0:c8:23:ed:20:69: 9d:18:fd:12:b4:e6:12:c5:da:15:2b:42:c1:e0:bd: a1:f0:f2:28:44:6b:d6:6f:8a:3f:bc:55:60:fb:0d: aa:06:dc:3e:19:33:db:52:f4:c8:66:a9:63:a1:f0: fc:2f:e6:57:95:5f:8c:5e:a1:e8:fe:f9:ab:9c:f5: d1:2f:7f:ff:ea:89:df:22:3f:e6:ea:e5:38:6b:a5: 19:00:92:03:6d:e7:af:78:3e:aa:e1:3c:9f:7b:51: 45:be:e3:3a:8a:d4:b3:15:41:1f:d6:95:15:38:2f: 08:bf:54:f3:4b:3d:ee:57:50:34:20:9b:a4:fc:8f: 21:ed:33:74:c1:46:d0:b5:81:cd:ee:6d:2d:3a:6f: 9a:52:05:22:2e:54:42:c9:2e:18:5e:80:af:89:fd: 0e:5e:e0:7c:fb:13:0d:56:4e:77:1c:db:f1:7e:7b: c7:23:0a:2b:76:c4:27:82:cf:ae:2c:38:a5:3b:a2: 05:50:de:88:3d:9c:ef:eb:f5:62:d8:3d:d3:55:9a: 55:14:d1:50:e7:f3:6a:41:fc:11:00:a2:c8:e0:e0: ea:f1:5b:5b:f2:9b:5d:0e:36:ea:11:ab:c6:d7:d7: f6:1d:18:f4:8c:b7:41:e1:8a:37:77:90:07:84:69: 1c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:75:11:BE:84:C8:9D:47:5F:11:81:CA:0C:BE:41:F9:65:03:96:C6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143330.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2a8::/32 Signature Algorithm: sha256WithRSAEncryption c0:4e:99:72:4f:52:24:af:1a:40:26:97:95:d2:48:ea:2a:c5: e7:04:17:0b:a5:39:ac:6f:eb:c7:ca:1a:b1:eb:f5:71:74:3f: 7a:bc:c9:31:4d:06:a2:da:be:0e:47:80:24:22:37:dd:e4:93: ac:8c:d3:f7:67:7a:5f:30:63:c4:0a:df:de:80:a6:07:47:98: 2b:a3:bb:04:c5:e2:8e:42:04:0e:57:39:3d:ee:37:83:aa:19: 9e:e8:4f:dd:23:c6:e8:d0:c6:d7:76:10:3e:9e:2f:96:df:c8: 37:47:9e:07:79:fa:67:c8:71:1f:fa:f0:16:c4:28:50:0e:36: 06:36:c3:0d:06:ae:75:92:f8:ef:23:ff:38:07:12:47:bd:c4: 70:3d:92:fe:16:08:e5:b8:04:56:8f:4b:8c:f6:cb:87:c4:3a: 03:5d:54:67:0d:b0:d7:1a:f6:2b:de:12:ce:93:f5:bc:64:08: ae:2f:fe:0c:c3:2d:e6:5a:88:00:92:0e:18:16:50:bd:36:9f: 01:b3:9d:97:76:45:05:c9:a8:e6:96:09:2f:f6:9d:6a:ee:92: ab:e3:de:47:ba:98:14:e6:bf:2f:d8:0d:c4:60:a6:4f:51:d5: d2:09:fe:0e:49:07:00:0c:92:1f:1d:61:bb:ca:40:2d:c2:1b: 30:e5:30:40 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULfMKk7LHyoWYcbws6ahuBnK90CowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0MFoX DTI3MDMwMzA2MDY0MFowMzExMC8GA1UEAxMoNjU3NTExQkU4NEM4OUQ0NzVGMTE4 MUNBMENCRTQxRjk2NTAzOTZDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJZa/Y3kWepM0Mgj7SBpnRj9ErTmEsXaFStCweC9ofDyKERr1m+KP7xVYPsN qgbcPhkz21L0yGapY6Hw/C/mV5VfjF6h6P75q5z10S9//+qJ3yI/5urlOGulGQCS A23nr3g+quE8n3tRRb7jOorUsxVBH9aVFTgvCL9U80s97ldQNCCbpPyPIe0zdMFG 0LWBze5tLTpvmlIFIi5UQskuGF6Ar4n9Dl7gfPsTDVZOdxzb8X57xyMKK3bEJ4LP riw4pTuiBVDeiD2c7+v1Ytg901WaVRTRUOfzakH8EQCiyODg6vFbW/KbXQ426hGr xtfX9h0Y9Iy3QeGKN3eQB4RpHEMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRldRG+ hMidR18RgcoMvkH5ZQOWxjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMzMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oqgwDQYJKoZIhvcNAQELBQADggEBAMBOmXJPUiSvGkAml5XSSOoqxecEFwulOaxv 68fKGrHr9XF0P3q8yTFNBqLavg5HgCQiN93kk6yM0/dnel8wY8QK396ApgdHmCuj uwTF4o5CBA5XOT3uN4OqGZ7oT90jxujQxtd2ED6eL5bfyDdHngd5+mfIcR/68BbE KFAONgY2ww0GrnWS+O8j/zgHEke9xHA9kv4WCOW4BFaPS4z2y4fEOgNdVGcNsNca 9iveEs6T9bxkCK4v/gzDLeZaiACSDhgWUL02nwGznZd2RQXJqOaWCS/2nWrukqvj 3ke6mBTmvy/YDcRgpk9R1dIJ/g5JBwAMkh8dYbvKQC3CGzDlMEA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:45 2026 by rpki-client