$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144021.roa File: AS144021.roa (raw, json) Hash identifier: L0w8VSgb6/pYjG7+6MYyGhTWBKF79c6wQHZ2c6ZU+DQ= Subject key identifier: 5E:41:3F:28:90:29:E8:4B:6C:29:89:91:6F:AA:46:A9:66:6E:4F:86 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2CF20C218E85CFFB8CBF287585C28C3305D9BEF3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144021.roa Signing time: Wed 04 Mar 2026 06:13:36 +0000 ROA not before: Wed 04 Mar 2026 06:08:36 +0000 ROA not after: Wed 03 Mar 2027 06:13:36 +0000 asID: 144021 IP address blocks: 240a:a55b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:f2:0c:21:8e:85:cf:fb:8c:bf:28:75:85:c2:8c:33:05:d9:be:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:36 2026 GMT Not After : Mar 3 06:13:36 2027 GMT Subject: CN=5E413F289029E84B6C2989916FAA46A9666E4F86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:68:85:3b:00:3e:3b:64:c3:01:16:ca:22:ea: 3f:40:f6:9c:40:65:75:46:5d:0f:bf:e7:d1:f5:d5: b6:00:c2:30:96:4d:ba:39:30:bb:3c:f7:77:2c:f6: 27:a6:06:69:d5:48:b3:fc:63:83:ed:ef:dd:be:d8: 4e:7d:cc:d5:8b:57:9b:fe:04:11:fd:ac:24:70:2d: d9:95:26:e9:e5:37:03:ae:4c:d8:74:07:89:84:a5: 6f:d6:76:e2:45:60:62:fe:dc:9b:77:63:8c:7b:0c: 24:71:e3:37:8c:5d:ec:d0:66:80:42:92:11:d4:f8: bb:d1:4e:d6:65:66:45:20:a4:4e:88:70:a5:cb:03: fd:a0:8a:4c:6f:98:66:25:52:8e:19:d1:08:c8:50: 32:86:41:3e:c7:81:79:2e:71:09:4a:de:86:e8:e4: 2e:55:b2:a7:69:a3:80:54:76:44:0c:94:7f:48:cb: 23:2a:0c:12:70:76:24:43:ed:ba:2f:e9:23:23:08: 7b:06:6e:69:59:49:ce:99:48:e0:fa:e2:d9:6b:ab: 69:10:50:d4:c2:48:2a:bf:fc:9b:85:ed:da:45:4d: bf:55:3c:86:1a:22:2c:a2:4c:90:b5:d1:03:04:46: ca:d4:db:89:8d:f0:c3:5c:54:d0:56:a2:df:1f:16: a9:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:41:3F:28:90:29:E8:4B:6C:29:89:91:6F:AA:46:A9:66:6E:4F:86 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144021.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a55b::/32 Signature Algorithm: sha256WithRSAEncryption 6d:9e:2c:b5:d3:54:8b:49:65:d4:54:1f:5d:9e:83:60:16:6d: d3:91:24:17:ec:41:6d:44:fd:09:82:5d:97:36:5b:a9:63:1c: e8:a9:f2:87:fd:c0:9a:5b:1a:6b:76:c3:95:0a:85:84:5a:86: bb:c5:79:83:67:cf:84:c7:b8:24:6c:c5:04:30:a8:c2:6e:47: 69:4f:88:71:13:ab:03:05:5d:52:c7:ff:3b:c0:7f:6b:54:9f: 43:cc:2e:bf:1e:34:53:e1:31:ec:10:b1:02:b4:c7:3b:7e:2e: 28:02:8b:60:e9:0d:47:07:3a:61:25:6a:94:0e:1c:08:e1:ef: d6:4b:f5:b8:65:0e:9f:0f:61:c2:f7:a0:92:45:da:44:0d:ee: 09:08:98:d1:33:f0:ec:18:f9:1b:e6:e3:a8:81:4b:b7:0d:d4: 50:82:20:01:93:73:80:1a:18:16:d4:f5:3c:7a:5b:7a:c7:82: 4a:67:45:35:ea:9f:59:d7:06:ee:e2:8a:07:76:48:ce:bb:5f: b0:87:50:3d:d8:14:57:eb:e8:68:40:78:50:92:0a:51:93:6e: 92:d6:e0:87:4a:a7:95:27:f8:f2:b0:1d:8a:72:5d:30:45:59: 91:32:bc:06:44:ff:cb:6d:82:5d:9d:d1:99:9d:a8:2a:71:a2: 43:31:ff:70 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULPIMIY6Fz/uMvyh1hcKMMwXZvvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzNloX DTI3MDMwMzA2MTMzNlowMzExMC8GA1UEAxMoNUU0MTNGMjg5MDI5RTg0QjZDMjk4 OTkxNkZBQTQ2QTk2NjZFNEY4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ5ohTsAPjtkwwEWyiLqP0D2nEBldUZdD7/n0fXVtgDCMJZNujkwuzz3dyz2 J6YGadVIs/xjg+3v3b7YTn3M1YtXm/4EEf2sJHAt2ZUm6eU3A65M2HQHiYSlb9Z2 4kVgYv7cm3djjHsMJHHjN4xd7NBmgEKSEdT4u9FO1mVmRSCkTohwpcsD/aCKTG+Y ZiVSjhnRCMhQMoZBPseBeS5xCUrehujkLlWyp2mjgFR2RAyUf0jLIyoMEnB2JEPt ui/pIyMIewZuaVlJzplI4Pri2WuraRBQ1MJIKr/8m4Xt2kVNv1U8hhoiLKJMkLXR AwRGytTbiY3ww1xU0Fai3x8WqScCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBReQT8o kCnoS2wpiZFvqkapZm5PhjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pVswDQYJKoZIhvcNAQELBQADggEBAG2eLLXTVItJZdRUH12eg2AWbdORJBfsQW1E /QmCXZc2W6ljHOip8of9wJpbGmt2w5UKhYRahrvFeYNnz4THuCRsxQQwqMJuR2lP iHETqwMFXVLH/zvAf2tUn0PMLr8eNFPhMewQsQK0xzt+LigCi2DpDUcHOmElapQO HAjh79ZL9bhlDp8PYcL3oJJF2kQN7gkImNEz8OwY+Rvm46iBS7cN1FCCIAGTc4Aa GBbU9Tx6W3rHgkpnRTXqn1nXBu7iigd2SM67X7CHUD3YFFfr6GhAeFCSClGTbpLW 4IdKp5Un+PKwHYpyXTBFWZEyvAZE/8ttgl2d0ZmdqCpxokMx/3A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:31 2026 by rpki-client