$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144029.roa File: AS144029.roa (raw, json) Hash identifier: rZAD5/IMZZgXmLmb9I0RemPd4bzzNNe1MUrMtX4rqs0= Subject key identifier: 5B:09:D7:0C:DD:13:25:EC:2A:67:12:0A:01:2F:27:5B:31:9F:79:03 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 51C30BDDC77B5C70A3092CE40B459E37E4F06111 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144029.roa Signing time: Wed 04 Mar 2026 06:13:11 +0000 ROA not before: Wed 04 Mar 2026 06:08:11 +0000 ROA not after: Wed 03 Mar 2027 06:13:11 +0000 asID: 144029 IP address blocks: 240a:a563::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:c3:0b:dd:c7:7b:5c:70:a3:09:2c:e4:0b:45:9e:37:e4:f0:61:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:11 2026 GMT Not After : Mar 3 06:13:11 2027 GMT Subject: CN=5B09D70CDD1325EC2A67120A012F275B319F7903 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:71:98:2b:0d:33:f8:8b:2a:a4:55:0b:38:65: ca:8e:c8:f1:1a:00:f1:b9:51:aa:95:7b:44:20:b4: ab:d5:74:73:74:d8:93:05:57:a9:1c:fd:a2:1e:2d: 96:23:99:80:ae:83:a0:35:8c:37:38:6f:f4:1e:2f: 03:da:94:5a:9b:79:40:1d:22:96:ac:50:80:d4:f5: 8d:7d:47:da:22:5f:32:6b:2b:58:63:d7:6b:a6:f0: 6b:a7:75:8b:eb:0d:fd:9e:0d:e5:53:9d:e7:62:f1: dc:a5:00:76:fc:f2:1c:7e:cd:5b:1b:17:7f:73:44: f5:1f:20:95:2c:c1:fe:32:43:45:b8:15:ed:cf:f5: ed:31:d3:d6:70:42:b6:eb:3f:10:3f:37:98:a9:b8: 3c:85:64:6d:ba:8a:33:21:ee:00:1b:de:bf:ab:86: ab:76:48:24:a8:28:99:e4:4c:03:c6:e1:40:b0:46: a7:eb:6c:4e:36:92:53:e6:07:5f:02:5a:8c:6a:ef: 22:69:2e:d5:5e:75:ea:10:29:b7:4c:58:7a:97:3d: d3:22:17:9f:23:c7:88:40:4e:d2:83:19:98:62:e7: 77:aa:b3:a6:71:00:2f:ec:1a:27:03:68:16:7a:a2: 69:af:c0:41:af:bb:1d:69:a8:bb:80:67:11:3e:bf: 21:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:09:D7:0C:DD:13:25:EC:2A:67:12:0A:01:2F:27:5B:31:9F:79:03 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144029.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a563::/32 Signature Algorithm: sha256WithRSAEncryption 4b:5a:10:92:1f:29:77:b8:f9:04:e4:cc:7c:14:b7:d8:ff:aa: 77:39:dc:69:90:a8:04:ec:e0:e7:ac:0a:9a:5d:20:96:06:13: c9:43:68:bf:ba:a0:cf:36:c0:15:cb:42:0e:05:c5:1a:0a:df: e9:b6:dd:1d:82:09:f8:f1:8c:74:63:de:35:10:cb:49:91:ef: 29:43:07:d1:b4:f5:ee:cc:86:3c:92:94:db:cd:7b:c1:51:72: ca:59:6a:f2:13:d9:f1:b3:84:f2:e1:e9:0b:09:15:06:af:13: 12:1a:1b:e2:03:60:fa:fe:6b:d3:5d:92:d6:17:49:4a:75:05: 40:3a:a6:42:e9:ba:f3:cb:b4:a6:c5:4f:bb:35:7e:28:51:4d: a7:96:74:7f:a2:1d:fe:66:65:97:9d:2c:78:fe:d7:91:d7:a9: 01:9a:e9:8c:80:32:87:0e:56:8a:a3:da:ea:76:04:a1:9a:97: 00:5e:1b:f5:16:91:49:3a:56:12:36:dc:b1:fe:28:dc:c4:c6: d6:0a:ed:2f:ce:3a:80:da:d8:02:b3:62:fe:2c:44:47:7c:ea: aa:be:f7:11:d9:d3:e9:4e:da:da:91:9e:19:5c:7f:3a:ee:bd: 70:c3:cf:0e:cc:f1:23:f5:3f:96:95:f7:45:37:1e:20:d1:25: e3:1f:49:c1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUcML3cd7XHCjCSzkC0WeN+TwYREwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMVoX DTI3MDMwMzA2MTMxMVowMzExMC8GA1UEAxMoNUIwOUQ3MENERDEzMjVFQzJBNjcx MjBBMDEyRjI3NUIzMTlGNzkwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO5xmCsNM/iLKqRVCzhlyo7I8RoA8blRqpV7RCC0q9V0c3TYkwVXqRz9oh4t liOZgK6DoDWMNzhv9B4vA9qUWpt5QB0ilqxQgNT1jX1H2iJfMmsrWGPXa6bwa6d1 i+sN/Z4N5VOd52Lx3KUAdvzyHH7NWxsXf3NE9R8glSzB/jJDRbgV7c/17THT1nBC tus/ED83mKm4PIVkbbqKMyHuABvev6uGq3ZIJKgomeRMA8bhQLBGp+tsTjaSU+YH XwJajGrvImku1V516hApt0xYepc90yIXnyPHiEBO0oMZmGLnd6qzpnEAL+waJwNo Fnqiaa/AQa+7HWmou4BnET6/IbsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRbCdcM 3RMl7CpnEgoBLydbMZ95AzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pWMwDQYJKoZIhvcNAQELBQADggEBAEtaEJIfKXe4+QTkzHwUt9j/qnc53GmQqATs 4OesCppdIJYGE8lDaL+6oM82wBXLQg4FxRoK3+m23R2CCfjxjHRj3jUQy0mR7ylD B9G09e7MhjySlNvNe8FRcspZavIT2fGzhPLh6QsJFQavExIaG+IDYPr+a9NdktYX SUp1BUA6pkLpuvPLtKbFT7s1fihRTaeWdH+iHf5mZZedLHj+15HXqQGa6YyAMocO Voqj2up2BKGalwBeG/UWkUk6VhI23LH+KNzExtYK7S/OOoDa2AKzYv4sREd86qq+ 9xHZ0+lO2tqRnhlcfzruvXDDzw7M8SP1P5aV90U3HiDRJeMfScE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:54 2026 by rpki-client