$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143932.roa File: AS143932.roa (raw, json) Hash identifier: 8+CgH7nLHw5hsol86o/5S0KlVLGenJjBkg+jWRYkLE8= Subject key identifier: DC:5D:A6:90:D8:CC:DD:69:DA:84:9C:6A:83:93:1F:8B:B1:71:F6:F8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 03F7AF7137E9318F9549226ADAC91AEC6A069F12 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143932.roa Signing time: Wed 04 Mar 2026 06:13:20 +0000 ROA not before: Wed 04 Mar 2026 06:08:20 +0000 ROA not after: Wed 03 Mar 2027 06:13:20 +0000 asID: 143932 IP address blocks: 240a:a502::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:f7:af:71:37:e9:31:8f:95:49:22:6a:da:c9:1a:ec:6a:06:9f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:20 2026 GMT Not After : Mar 3 06:13:20 2027 GMT Subject: CN=DC5DA690D8CCDD69DA849C6A83931F8BB171F6F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ad:54:10:41:73:9e:1d:c6:df:a4:f5:1d:8d: 50:7b:91:f8:10:78:58:c3:1b:79:b8:f5:24:98:85: 52:e7:9b:af:97:4f:bd:e0:f5:3c:29:a1:2d:2d:59: 52:e8:e0:f2:c3:b3:61:0f:fe:a8:3f:d0:de:e9:45: dd:6e:7a:49:6f:1f:47:f5:12:25:2b:a2:46:bf:04: d3:c1:ab:c3:22:ac:5f:e2:80:ef:03:5d:9a:6e:eb: 5d:db:f7:3a:08:1b:a5:b7:bf:b2:b3:25:4e:30:02: 62:cf:f0:54:ea:8a:6b:74:7f:f6:51:37:34:0d:3c: 19:43:61:23:39:bf:af:af:c1:53:90:e9:20:10:fb: 42:ba:e6:1e:08:28:ed:9d:f0:74:f4:4f:9c:07:a4: 88:85:21:3d:70:9e:1f:84:c8:e7:39:8c:cc:42:12: 1f:b6:1e:80:8d:55:1d:50:3d:96:1e:3b:5a:f4:60: cb:fa:54:3b:46:77:5f:4e:f5:5c:f4:4f:64:31:d2: b2:6f:1a:7f:a5:0e:65:c0:89:1e:0a:d9:31:36:82: ba:fd:49:03:dd:cb:e6:85:bb:1f:2d:2d:0f:fa:c1: 18:e6:83:2b:18:99:a3:f2:4e:60:b5:ad:74:d6:22: f3:3b:4c:d0:17:94:f1:ee:b7:a9:4c:29:c9:db:39: ef:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:5D:A6:90:D8:CC:DD:69:DA:84:9C:6A:83:93:1F:8B:B1:71:F6:F8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143932.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a502::/32 Signature Algorithm: sha256WithRSAEncryption 78:26:82:b1:25:d4:f3:fe:c6:88:91:4c:32:06:3c:ad:46:22: 1f:00:7f:83:85:23:fd:16:7e:d7:1d:56:1c:ca:9e:2b:2f:90: e4:51:6d:40:d0:d8:83:40:fb:57:d4:ff:06:dd:64:cb:87:ca: dd:5c:2d:3d:bd:76:a8:f1:13:f3:32:c8:05:69:d6:7b:dc:a4: c5:80:34:22:3c:2a:78:92:a8:14:2c:74:bb:c6:14:b9:2a:2d: 13:17:ee:a0:85:f1:5c:80:56:29:75:2f:4f:05:e9:9b:92:04: 7f:2a:b6:40:f4:00:77:fe:e9:91:52:cd:0e:a1:92:77:43:44: 85:16:39:bc:07:8e:bc:b9:0f:d9:e9:5f:77:fd:00:c8:d6:75: 7d:08:0c:46:1b:4c:c1:e1:1d:37:03:b6:60:e3:ff:b4:eb:17: c6:20:24:61:41:19:f0:c9:91:9d:87:f8:87:22:46:cc:79:e0: 7b:2a:ef:db:0c:48:c8:c6:62:e5:00:cc:00:78:74:11:0e:bc: cd:0f:51:24:fe:28:a0:53:dd:07:bc:bf:9c:c2:f4:67:33:8a: 5d:73:74:16:b5:3f:c6:bc:d0:9e:aa:42:85:3e:cc:e9:ac:7c: 5d:15:b4:61:2d:40:63:e2:2b:d7:1b:52:8d:35:e9:0a:22:c6: 90:af:d3:cc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA/evcTfpMY+VSSJq2ska7GoGnxIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyMFoX DTI3MDMwMzA2MTMyMFowMzExMC8GA1UEAxMoREM1REE2OTBEOENDREQ2OURBODQ5 QzZBODM5MzFGOEJCMTcxRjZGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALStVBBBc54dxt+k9R2NUHuR+BB4WMMbebj1JJiFUuebr5dPveD1PCmhLS1Z Uujg8sOzYQ/+qD/Q3ulF3W56SW8fR/USJSuiRr8E08GrwyKsX+KA7wNdmm7rXdv3 Oggbpbe/srMlTjACYs/wVOqKa3R/9lE3NA08GUNhIzm/r6/BU5DpIBD7QrrmHggo 7Z3wdPRPnAekiIUhPXCeH4TI5zmMzEISH7YegI1VHVA9lh47WvRgy/pUO0Z3X071 XPRPZDHSsm8af6UOZcCJHgrZMTaCuv1JA93L5oW7Hy0tD/rBGOaDKxiZo/JOYLWt dNYi8ztM0BeU8e63qUwpyds57+8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTcXaaQ 2MzdadqEnGqDkx+LsXH2+DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQIwDQYJKoZIhvcNAQELBQADggEBAHgmgrEl1PP+xoiRTDIGPK1GIh8Af4OFI/0W ftcdVhzKnisvkORRbUDQ2INA+1fU/wbdZMuHyt1cLT29dqjxE/MyyAVp1nvcpMWA NCI8KniSqBQsdLvGFLkqLRMX7qCF8VyAVil1L08F6ZuSBH8qtkD0AHf+6ZFSzQ6h kndDRIUWObwHjry5D9npX3f9AMjWdX0IDEYbTMHhHTcDtmDj/7TrF8YgJGFBGfDJ kZ2H+IciRsx54Hsq79sMSMjGYuUAzAB4dBEOvM0PUST+KKBT3Qe8v5zC9Gczil1z dBa1P8a80J6qQoU+zOmsfF0VtGEtQGPiK9cbUo016QoixpCv08w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:34 2026 by rpki-client