$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143429.roa File: AS143429.roa (raw, json) Hash identifier: LSJ1T1yfaU7Osxos7vCKNZ9lF/fLzonViXh1Fo4s4Vo= Subject key identifier: E3:15:9D:E4:2F:16:58:CD:87:09:B9:17:A9:B0:A7:74:7B:F3:D8:7E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5951F2A092C58804596B40139D7252284F3C5886 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143429.roa Signing time: Wed 04 Mar 2026 06:08:03 +0000 ROA not before: Wed 04 Mar 2026 06:03:03 +0000 ROA not after: Wed 03 Mar 2027 06:08:03 +0000 asID: 143429 IP address blocks: 240a:a30b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:51:f2:a0:92:c5:88:04:59:6b:40:13:9d:72:52:28:4f:3c:58:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:03:03 2026 GMT Not After : Mar 3 06:08:03 2027 GMT Subject: CN=E3159DE42F1658CD8709B917A9B0A7747BF3D87E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e3:06:8e:62:29:15:8f:46:6a:43:6d:f1:4c: ff:3c:7e:4a:8b:67:5e:7f:b8:a2:f4:f3:f1:3b:49: f1:9c:e9:03:0a:01:a0:da:55:97:6b:e5:18:09:f9: f9:2e:bb:e6:ba:7e:de:57:d3:34:61:ff:2f:5c:04: 92:fb:1f:ff:ef:16:10:c4:70:c1:ce:ac:cc:15:f9: 8c:33:c7:a6:37:55:84:32:1d:a2:35:3a:af:0c:15: 3c:5e:7d:8c:84:bf:5d:db:23:ef:21:bc:e2:1f:cc: 30:a5:28:df:3f:ab:90:10:bf:16:a1:56:f4:69:c0: d0:87:3b:76:0a:40:e1:8a:86:4c:65:02:ce:5f:29: 4c:c7:23:10:34:86:f1:ec:f6:3f:46:e5:47:84:32: 04:69:8c:0e:c9:38:a7:cd:a6:60:7c:0e:9e:70:e6: 8b:f1:2d:97:7e:7d:e4:b4:1c:41:ed:15:09:f5:1c: 70:dd:94:c7:41:44:b4:b0:37:be:97:b9:5e:f5:b1: 15:3a:9a:b0:72:93:4c:9a:98:63:ae:77:a3:d0:3c: c7:c4:d7:af:f0:85:c7:72:ce:99:25:6e:e3:76:07: 92:b6:e7:7e:d1:e4:47:1f:98:75:ad:41:f1:c4:20: af:e0:16:82:ec:5d:6f:80:d6:ca:ce:4d:c3:bd:99: 13:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:15:9D:E4:2F:16:58:CD:87:09:B9:17:A9:B0:A7:74:7B:F3:D8:7E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143429.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a30b::/32 Signature Algorithm: sha256WithRSAEncryption 7d:14:be:5b:b0:07:ce:f6:8b:68:30:1c:46:56:59:c7:9c:b8: c6:fc:c6:7c:9b:7f:59:03:eb:0e:77:37:ab:a2:07:e6:8b:2a: d4:91:18:1e:26:72:e5:41:de:8c:25:39:1b:0d:06:ce:17:17: a9:4d:bc:26:6a:b1:50:cf:db:47:54:f0:30:a9:25:cd:92:4f: 40:de:86:c0:00:42:0c:4a:80:6e:5b:d8:98:a2:6f:ac:c9:88: d4:8d:7b:66:bc:29:b5:f8:5d:5e:64:6d:22:18:61:da:a5:23: ad:2d:bb:39:23:80:5e:b8:fe:ce:e7:61:4d:8c:a5:ba:b3:13: 52:7b:7f:d5:7e:7b:4e:2d:a0:b1:f8:08:11:ec:4f:18:b6:38: 46:11:ff:16:54:95:e5:eb:38:66:c8:b7:87:03:3d:69:2d:8d: e7:c5:20:72:77:7a:28:76:23:cc:58:93:3e:59:8b:87:89:e0: f5:94:a6:a9:35:19:d2:06:ae:b2:ac:de:33:d0:1c:74:f8:a0: a9:20:04:d2:1a:45:45:9f:b8:21:78:fc:20:99:fc:69:c6:c3: 4c:55:19:1f:9a:e7:6e:24:2d:c8:75:41:a6:5b:97:13:d9:14: ab:08:ec:2e:b1:d1:2b:c5:cb:b8:5a:92:52:50:17:d7:73:6e: cd:41:66:00 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWVHyoJLFiARZa0ATnXJSKE88WIYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDMwM1oX DTI3MDMwMzA2MDgwM1owMzExMC8GA1UEAxMoRTMxNTlERTQyRjE2NThDRDg3MDlC OTE3QTlCMEE3NzQ3QkYzRDg3RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7jBo5iKRWPRmpDbfFM/zx+SotnXn+4ovTz8TtJ8ZzpAwoBoNpVl2vlGAn5 +S675rp+3lfTNGH/L1wEkvsf/+8WEMRwwc6szBX5jDPHpjdVhDIdojU6rwwVPF59 jIS/Xdsj7yG84h/MMKUo3z+rkBC/FqFW9GnA0Ic7dgpA4YqGTGUCzl8pTMcjEDSG 8ez2P0blR4QyBGmMDsk4p82mYHwOnnDmi/Etl3595LQcQe0VCfUccN2Ux0FEtLA3 vpe5XvWxFTqasHKTTJqYY653o9A8x8TXr/CFx3LOmSVu43YHkrbnftHkRx+Yda1B 8cQgr+AWguxdb4DWys5Nw72ZE7MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTjFZ3k LxZYzYcJuRepsKd0e/PYfjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK owswDQYJKoZIhvcNAQELBQADggEBAH0UvluwB872i2gwHEZWWcecuMb8xnybf1kD 6w53N6uiB+aLKtSRGB4mcuVB3owlORsNBs4XF6lNvCZqsVDP20dU8DCpJc2ST0De hsAAQgxKgG5b2Jiib6zJiNSNe2a8KbX4XV5kbSIYYdqlI60tuzkjgF64/s7nYU2M pbqzE1J7f9V+e04toLH4CBHsTxi2OEYR/xZUleXrOGbIt4cDPWktjefFIHJ3eih2 I8xYkz5Zi4eJ4PWUpqk1GdIGrrKs3jPQHHT4oKkgBNIaRUWfuCF4/CCZ/GnGw0xV GR+a524kLch1QaZblxPZFKsI7C6x0SvFy7haklJQF9dzbs1BZgA= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:19 2026 by rpki-client