$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143432.roa File: AS143432.roa (raw, json) Hash identifier: B04lWue9GcjvVUDHxM7Ob5uVU793w46Sfuo6x+UX7nA= Subject key identifier: FF:E9:48:19:25:1C:C4:CA:92:68:6B:B9:72:BE:8D:28:8F:3B:3D:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2C70EAC806E8EFD7AFF05521D5456202AF0D6152 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143432.roa Signing time: Wed 04 Mar 2026 06:06:43 +0000 ROA not before: Wed 04 Mar 2026 06:01:43 +0000 ROA not after: Wed 03 Mar 2027 06:06:43 +0000 asID: 143432 IP address blocks: 240a:a30e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:70:ea:c8:06:e8:ef:d7:af:f0:55:21:d5:45:62:02:af:0d:61:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:43 2026 GMT Not After : Mar 3 06:06:43 2027 GMT Subject: CN=FFE94819251CC4CA92686BB972BE8D288F3B3DE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e5:be:06:d7:db:d9:29:f2:fe:f1:aa:de:44: 51:08:f1:12:e9:81:28:7a:32:ef:39:37:a6:5b:b9: 54:a6:c3:1d:28:c6:ee:d9:4e:6e:fa:51:fc:07:41: eb:42:33:dd:1a:9e:0e:7d:74:41:e9:a0:8a:ed:54: bd:04:db:6e:6f:28:35:6d:2a:1e:17:4b:c6:ed:3e: c5:32:44:d4:85:bd:f1:23:c8:af:03:ef:ad:62:3d: ab:58:a2:1e:09:78:85:c3:f6:82:e1:1a:0e:9a:81: ac:57:be:c2:2d:5b:06:64:06:f1:5b:1f:99:70:74: 3d:7a:c7:23:e4:e0:ee:ac:62:be:b6:fb:af:42:d2: e7:7c:17:a4:18:10:5e:12:f5:39:4d:53:0a:8c:3d: d0:bb:bc:f0:1f:dc:56:3f:5d:95:fe:fa:95:ae:64: bd:81:d7:c4:f5:4d:1a:fc:35:6c:3e:db:63:6e:38: 82:ab:8e:a1:20:e8:05:1a:46:24:b0:e1:84:21:d6: 6d:fc:22:ad:ca:23:f9:ef:8c:76:d5:85:b7:f7:41: 34:fb:73:84:45:a4:2b:f0:7e:34:43:fe:2e:c7:bc: ac:d8:cd:ab:d9:93:94:4b:3c:1f:f4:a0:1e:8a:58: a5:22:3c:b7:30:7f:02:d6:f9:13:16:ee:82:e6:69: 01:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:E9:48:19:25:1C:C4:CA:92:68:6B:B9:72:BE:8D:28:8F:3B:3D:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a30e::/32 Signature Algorithm: sha256WithRSAEncryption 80:b8:a4:2e:12:e6:74:f6:9e:de:11:91:5d:aa:78:6e:8d:ed: 0d:3a:4a:31:af:3f:a3:4a:56:6a:80:10:9e:73:c6:c7:fc:f2: 9a:b2:cd:57:77:1a:8f:7d:0b:c2:55:5e:49:98:e0:1e:53:65: c7:d1:29:b5:c9:08:22:2b:f9:06:b4:74:0a:c9:68:cf:5c:2a: e8:ee:e8:16:1c:28:86:19:08:ac:12:f1:34:75:74:ca:da:3f: 6d:9c:38:6d:70:aa:7e:1b:b3:e5:9d:fe:17:cb:7f:15:4f:08: 29:ba:4d:ee:da:80:cb:50:ae:81:60:fe:fa:fa:b9:7f:1e:3f: 45:a7:ea:b4:6c:c5:c2:d7:ee:3b:fd:6e:27:1d:d0:17:c9:7b: 5e:89:b1:cb:be:4b:2d:4f:86:1b:98:c2:22:7f:2f:86:58:7d: ef:df:82:63:9b:ab:e6:46:b5:1e:e5:9b:f7:91:1a:c5:66:85: 29:93:06:2e:c8:a4:74:b9:11:02:56:ae:7d:44:6c:72:76:81: 23:6c:62:0e:45:c0:0b:8c:a1:6f:f2:bd:c0:51:e6:fe:2a:f2: 66:9d:3a:cb:72:7c:33:fd:10:62:33:4b:ad:d9:29:76:59:ff: 29:02:73:7a:05:83:a8:93:76:91:29:99:40:78:9b:36:83:ae: 0b:93:49:36 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULHDqyAbo79ev8FUh1UViAq8NYVIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0M1oX DTI3MDMwMzA2MDY0M1owMzExMC8GA1UEAxMoRkZFOTQ4MTkyNTFDQzRDQTkyNjg2 QkI5NzJCRThEMjg4RjNCM0RFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJvlvgbX29kp8v7xqt5EUQjxEumBKHoy7zk3plu5VKbDHSjG7tlObvpR/AdB 60Iz3RqeDn10Qemgiu1UvQTbbm8oNW0qHhdLxu0+xTJE1IW98SPIrwPvrWI9q1ii Hgl4hcP2guEaDpqBrFe+wi1bBmQG8VsfmXB0PXrHI+Tg7qxivrb7r0LS53wXpBgQ XhL1OU1TCow90Lu88B/cVj9dlf76la5kvYHXxPVNGvw1bD7bY244gquOoSDoBRpG JLDhhCHWbfwircoj+e+MdtWFt/dBNPtzhEWkK/B+NEP+Lse8rNjNq9mTlEs8H/Sg HopYpSI8tzB/Atb5ExbuguZpAesCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT/6UgZ JRzEypJoa7lyvo0ojzs94zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ow4wDQYJKoZIhvcNAQELBQADggEBAIC4pC4S5nT2nt4RkV2qeG6N7Q06SjGvP6NK VmqAEJ5zxsf88pqyzVd3Go99C8JVXkmY4B5TZcfRKbXJCCIr+Qa0dArJaM9cKuju 6BYcKIYZCKwS8TR1dMraP22cOG1wqn4bs+Wd/hfLfxVPCCm6Te7agMtQroFg/vr6 uX8eP0Wn6rRsxcLX7jv9bicd0BfJe16Jscu+Sy1PhhuYwiJ/L4ZYfe/fgmObq+ZG tR7lm/eRGsVmhSmTBi7IpHS5EQJWrn1EbHJ2gSNsYg5FwAuMoW/yvcBR5v4q8mad OstyfDP9EGIzS63ZKXZZ/ykCc3oFg6iTdpEpmUB4mzaDrguTSTY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:19 2026 by rpki-client