$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143930.roa File: AS143930.roa (raw, json) Hash identifier: Ht3e+syPZ/Somcvd5anbpq+vp6w6LRaKcxX289E512Q= Subject key identifier: 3A:BA:C9:24:53:21:17:3C:99:33:1D:1E:9B:6D:B6:02:83:2C:21:9E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 475E20FBFA58F7C9F27F19F643E0D0DE0327E362 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143930.roa Signing time: Wed 04 Mar 2026 06:13:32 +0000 ROA not before: Wed 04 Mar 2026 06:08:32 +0000 ROA not after: Wed 03 Mar 2027 06:13:32 +0000 asID: 143930 IP address blocks: 240a:a500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:5e:20:fb:fa:58:f7:c9:f2:7f:19:f6:43:e0:d0:de:03:27:e3:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:32 2026 GMT Not After : Mar 3 06:13:32 2027 GMT Subject: CN=3ABAC9245321173C99331D1E9B6DB602832C219E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f4:7a:00:19:00:65:c9:0b:71:9d:74:ad:6b: fb:db:a1:2a:a2:4e:47:43:47:f7:04:26:65:6c:e0: a8:53:ed:81:5f:ed:d1:6d:60:ce:33:f8:ce:85:a6: 62:da:7a:2a:d6:96:2a:5e:cd:38:9c:a7:89:b8:b7: 71:f0:78:80:cd:59:9b:3f:9b:0a:90:44:19:6c:09: 18:66:75:13:f0:2d:4a:67:05:93:e1:8b:61:85:84: 38:bf:f2:3c:ff:18:6e:63:03:fe:70:ec:d1:69:98: 21:9f:c2:33:cb:b6:ad:0a:db:2e:f5:26:3b:09:fe: 13:6c:16:dd:9a:0c:e2:c4:98:cf:38:7b:29:fd:a0: c9:b1:b0:0d:36:91:da:5b:84:be:d4:85:a6:01:d7: cb:36:2b:6c:ef:39:91:a6:23:26:cd:44:fe:e3:3b: b6:bf:0d:79:d5:b3:f8:54:b1:79:f5:38:18:7a:f0: b3:19:7e:c5:3e:a0:c8:a6:4f:bc:c7:9e:b3:0e:c0: 5d:d4:95:67:f7:6d:cc:82:ca:12:2b:c9:40:d7:65: 41:5c:06:c3:e9:a4:11:07:ed:eb:40:02:00:6f:fb: 65:77:61:05:16:6d:4a:c3:ca:0c:66:66:67:66:5c: b8:fd:f3:c4:c6:be:f0:51:10:ac:aa:e1:2a:30:d8: 0b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:BA:C9:24:53:21:17:3C:99:33:1D:1E:9B:6D:B6:02:83:2C:21:9E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143930.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a500::/32 Signature Algorithm: sha256WithRSAEncryption 27:2b:f0:2b:bc:56:c1:65:5f:52:90:2d:f5:d2:71:32:e3:34: 27:fc:19:81:d5:48:9e:86:76:6b:d0:01:fd:19:76:3c:6c:52: 06:8d:60:2f:fb:6f:ce:dd:90:f3:f2:30:59:64:57:4d:46:d9: 9e:65:3a:f0:57:7e:75:b5:ea:ea:d8:88:59:29:c8:b9:be:20: 47:de:b2:84:de:14:ef:f1:d0:25:fd:7b:e9:02:ca:b0:e7:f0: 03:83:a2:71:9a:92:19:5e:03:8a:0e:1e:f9:b6:c4:09:1e:a5: cb:da:1e:dc:5e:56:fd:e0:8d:27:65:ec:6a:b0:81:71:2c:ad: ed:ae:03:03:52:ee:70:ec:4b:65:3a:07:ad:30:9d:ed:bd:ac: 83:5d:3f:c1:3e:cd:fc:c2:de:8f:3c:b7:ad:c8:0d:18:34:62: 11:f2:22:a0:41:58:a1:aa:2d:5c:aa:d7:23:2f:c2:9e:93:c7: f3:9e:ba:b4:f6:72:0a:00:1d:b5:f5:53:6f:14:f2:71:43:c6: 66:9e:24:58:4c:29:8f:16:3c:36:16:f4:c5:50:53:4d:67:bc: c7:23:d3:20:1c:95:8a:09:3d:b9:1e:53:b8:8c:85:09:11:8e: 24:15:72:83:9b:1e:3a:5f:fe:1b:d7:2f:02:05:7c:31:0f:d9: 57:7b:95:22 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUR14g+/pY98nyfxn2Q+DQ3gMn42IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzMloX DTI3MDMwMzA2MTMzMlowMzExMC8GA1UEAxMoM0FCQUM5MjQ1MzIxMTczQzk5MzMx RDFFOUI2REI2MDI4MzJDMjE5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/0egAZAGXJC3GddK1r+9uhKqJOR0NH9wQmZWzgqFPtgV/t0W1gzjP4zoWm Ytp6KtaWKl7NOJynibi3cfB4gM1Zmz+bCpBEGWwJGGZ1E/AtSmcFk+GLYYWEOL/y PP8YbmMD/nDs0WmYIZ/CM8u2rQrbLvUmOwn+E2wW3ZoM4sSYzzh7Kf2gybGwDTaR 2luEvtSFpgHXyzYrbO85kaYjJs1E/uM7tr8NedWz+FSxefU4GHrwsxl+xT6gyKZP vMeesw7AXdSVZ/dtzILKEivJQNdlQVwGw+mkEQft60ACAG/7ZXdhBRZtSsPKDGZm Z2ZcuP3zxMa+8FEQrKrhKjDYCzECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ6uskk UyEXPJkzHR6bbbYCgywhnjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkzMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQAwDQYJKoZIhvcNAQELBQADggEBACcr8Cu8VsFlX1KQLfXScTLjNCf8GYHVSJ6G dmvQAf0ZdjxsUgaNYC/7b87dkPPyMFlkV01G2Z5lOvBXfnW16urYiFkpyLm+IEfe soTeFO/x0CX9e+kCyrDn8AODonGakhleA4oOHvm2xAkepcvaHtxeVv3gjSdl7Gqw gXEsre2uAwNS7nDsS2U6B60wne29rINdP8E+zfzC3o88t63IDRg0YhHyIqBBWKGq LVyq1yMvwp6Tx/OeurT2cgoAHbX1U28U8nFDxmaeJFhMKY8WPDYW9MVQU01nvMcj 0yAclYoJPbkeU7iMhQkRjiQVcoObHjpf/hvXLwIFfDEP2Vd7lSI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:21 2026 by rpki-client