$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143730.roa File: AS143730.roa (raw, json) Hash identifier: qB1X4AvILo+/+WRxExiX6BiEaW8eBbvKh5SOThc2y9M= Subject key identifier: 0B:27:3B:82:D3:14:67:F1:56:E1:78:31:44:7A:57:32:5A:EE:27:2B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 441D8F9805B9C710DDC68D98812830ADC720BE93 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143730.roa Signing time: Wed 04 Mar 2026 06:14:58 +0000 ROA not before: Wed 04 Mar 2026 06:09:58 +0000 ROA not after: Wed 03 Mar 2027 06:14:58 +0000 asID: 143730 IP address blocks: 240a:a438::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:1d:8f:98:05:b9:c7:10:dd:c6:8d:98:81:28:30:ad:c7:20:be:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:58 2026 GMT Not After : Mar 3 06:14:58 2027 GMT Subject: CN=0B273B82D31467F156E17831447A57325AEE272B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:52:b3:35:c5:a7:df:14:16:13:c5:14:fe:4a: d8:c0:ad:7f:2d:02:93:8b:d2:6e:59:01:d5:a8:34: 14:d6:c6:e3:9d:6e:2c:53:8e:dc:f6:52:2a:c8:ef: d3:02:c6:f8:af:1e:1b:fe:66:5b:fb:29:88:84:35: f4:d7:65:02:8f:0e:f1:3a:e4:54:b5:18:04:de:66: 37:47:02:f9:d4:22:b5:41:9f:a5:8a:d6:91:91:13: 1b:8b:4f:b0:1d:a1:ae:f7:99:27:a4:67:79:35:ba: a3:a2:54:1f:f4:e1:64:23:59:30:26:8c:e8:de:15: 56:10:40:00:b9:93:31:93:c8:61:d6:26:cc:ad:58: 45:59:d9:3f:7f:02:e6:cd:6a:e9:00:a2:8a:4b:8d: 67:52:06:76:0b:a1:73:7a:d0:45:50:06:3d:10:02: c8:72:22:c2:8a:d6:41:8c:2d:57:7e:f3:e5:b3:cf: 08:21:b6:0b:5d:c8:a4:15:57:a0:56:05:7e:54:2c: 46:f9:16:01:59:b3:4a:67:8e:a4:d5:36:04:f8:ae: 7b:58:95:82:2f:22:46:3f:22:55:65:71:f2:55:be: 05:8e:1d:18:11:be:21:1e:cb:54:b8:88:c5:86:e3: 02:f9:3d:71:e6:37:66:02:ed:39:27:3a:a5:42:be: f0:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:27:3B:82:D3:14:67:F1:56:E1:78:31:44:7A:57:32:5A:EE:27:2B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a438::/32 Signature Algorithm: sha256WithRSAEncryption 85:e9:b0:39:87:ac:69:cd:91:02:64:cb:bd:cb:8a:13:73:73: b0:c9:0e:c1:18:a9:60:8e:89:5b:17:b8:5e:3d:cb:af:b0:f6: ca:6d:71:0d:d2:4f:47:0e:33:1e:37:60:68:26:99:91:47:ce: 0b:15:82:8e:67:80:02:4b:40:6b:5b:65:1c:55:68:84:db:f6: 25:5b:ae:ad:d4:29:a0:95:be:10:99:b4:5a:74:f7:e3:a7:01: a6:0d:c1:0d:ed:19:c5:18:37:95:db:65:37:af:df:ee:57:f9: 20:b4:98:a1:7a:8f:80:fe:e3:e9:f0:bf:ce:55:cb:08:4c:8e: ec:6b:98:ab:20:cd:b3:5b:60:46:6c:a1:fe:f1:e1:a4:e7:76: c2:00:8e:7a:71:ce:9c:a8:97:7e:19:63:d8:01:f8:16:5d:85: c0:ae:07:c5:50:c3:e9:da:70:ed:7d:ef:f8:8f:a7:6d:7b:c0: 06:b8:9c:7a:15:32:ed:fa:79:7e:53:78:0b:4e:2b:55:2a:3d: ba:6e:ed:0b:c0:5e:14:52:1c:29:a4:13:79:c4:f7:9d:98:f1: 18:7c:dc:0c:6d:7b:c1:06:d6:5e:77:f7:b7:07:77:6a:ac:eb: fd:cb:8d:f4:41:18:43:4b:e3:a1:ec:a4:5f:03:4a:28:78:14: b5:e8:98:94 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURB2PmAW5xxDdxo2YgSgwrccgvpMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk1OFoX DTI3MDMwMzA2MTQ1OFowMzExMC8GA1UEAxMoMEIyNzNCODJEMzE0NjdGMTU2RTE3 ODMxNDQ3QTU3MzI1QUVFMjcyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMxSszXFp98UFhPFFP5K2MCtfy0Ck4vSblkB1ag0FNbG451uLFOO3PZSKsjv 0wLG+K8eG/5mW/spiIQ19NdlAo8O8TrkVLUYBN5mN0cC+dQitUGfpYrWkZETG4tP sB2hrveZJ6RneTW6o6JUH/ThZCNZMCaM6N4VVhBAALmTMZPIYdYmzK1YRVnZP38C 5s1q6QCiikuNZ1IGdguhc3rQRVAGPRACyHIiworWQYwtV37z5bPPCCG2C13IpBVX oFYFflQsRvkWAVmzSmeOpNU2BPiue1iVgi8iRj8iVWVx8lW+BY4dGBG+IR7LVLiI xYbjAvk9ceY3ZgLtOSc6pUK+8O0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQLJzuC 0xRn8VbheDFEelcyWu4nKzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzczMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pDgwDQYJKoZIhvcNAQELBQADggEBAIXpsDmHrGnNkQJky73LihNzc7DJDsEYqWCO iVsXuF49y6+w9sptcQ3ST0cOMx43YGgmmZFHzgsVgo5ngAJLQGtbZRxVaITb9iVb rq3UKaCVvhCZtFp09+OnAaYNwQ3tGcUYN5XbZTev3+5X+SC0mKF6j4D+4+nwv85V ywhMjuxrmKsgzbNbYEZsof7x4aTndsIAjnpxzpyol34ZY9gB+BZdhcCuB8VQw+na cO197/iPp217wAa4nHoVMu36eX5TeAtOK1UqPbpu7QvAXhRSHCmkE3nE952Y8Rh8 3Axte8EG1l5397cHd2qs6/3LjfRBGENL46HspF8DSih4FLXomJQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:28 2026 by rpki-client