$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144033.roa File: AS144033.roa (raw, json) Hash identifier: xV9cn+CsdeMESh7m6A2SdoKtv+VHjw+WNAeDb9+Qypg= Subject key identifier: 33:9B:F6:DA:C2:A6:7F:CB:77:51:B5:A7:F9:81:28:9C:8B:EC:DF:58 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4C658756573C57184CD4B05D518A0045C6E75EAE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144033.roa Signing time: Wed 04 Mar 2026 06:14:16 +0000 ROA not before: Wed 04 Mar 2026 06:09:16 +0000 ROA not after: Wed 03 Mar 2027 06:14:16 +0000 asID: 144033 IP address blocks: 240a:a567::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:65:87:56:57:3c:57:18:4c:d4:b0:5d:51:8a:00:45:c6:e7:5e:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:16 2026 GMT Not After : Mar 3 06:14:16 2027 GMT Subject: CN=339BF6DAC2A67FCB7751B5A7F981289C8BECDF58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:2b:3a:84:cb:52:21:4f:f6:7d:49:34:6c:aa: d5:0e:4f:0a:93:b3:e4:c5:1c:65:2a:cc:71:27:d0: 88:3d:63:23:91:65:3a:49:63:fb:5b:6d:20:d8:3b: cd:ec:48:ff:06:85:85:8d:e4:f6:61:5d:d1:f6:b0: ea:22:a5:cc:3a:55:20:68:a3:9d:df:3d:d8:3a:61: 66:f7:ea:b6:b6:e8:31:06:6e:3a:b8:ce:bc:65:c8: 15:fe:ca:f0:d2:c6:36:a4:64:77:9c:f0:32:a0:17: 02:04:f2:ab:7d:3a:6b:fc:ea:f9:9f:d4:8d:d8:f2: 5d:50:3f:2e:d9:67:a9:04:1a:99:47:b6:1d:30:f8: 68:d1:22:01:6f:0a:b4:4e:4c:52:79:b5:e2:03:48: 82:8f:92:f3:1a:5a:c3:80:45:c0:fb:2a:e0:3c:21: a7:b7:66:74:71:0b:a8:38:a6:cd:30:2f:1a:a4:1f: 54:05:d1:7a:48:6c:24:c7:14:9d:d4:91:0f:4f:ae: 1b:94:4c:9a:a6:e1:5c:47:e8:ef:1f:cb:7d:1a:24: b3:d3:df:a3:cb:df:4a:f3:9a:ea:54:d2:ea:38:07: 06:43:ce:a2:6e:89:fc:fd:b1:5e:15:a6:3e:16:20: ec:f2:fe:d6:8e:4e:08:ac:20:a4:fe:a9:f6:31:00: 70:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:9B:F6:DA:C2:A6:7F:CB:77:51:B5:A7:F9:81:28:9C:8B:EC:DF:58 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144033.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a567::/32 Signature Algorithm: sha256WithRSAEncryption cd:4a:a3:47:c6:8d:62:8d:2d:58:49:d8:69:32:7d:64:50:86: 92:ac:53:35:7b:5f:fc:03:82:66:1f:27:76:4e:7f:73:9d:eb: ac:ee:5e:8a:c3:22:f5:17:81:b7:a3:c8:e4:10:30:b5:4a:7a: 34:f9:17:e5:a7:53:14:6c:4d:cb:92:84:2d:65:57:fc:41:2d: d2:81:9c:3c:48:4a:7f:5c:15:10:92:ce:ff:2b:a3:98:1d:10: dc:7c:6d:53:c3:cc:0b:c6:6a:6a:32:5d:98:88:50:93:8d:1f: c8:df:04:8c:0a:24:88:1f:ab:03:ca:65:c9:78:85:9e:a1:04: 28:17:4f:56:c6:2c:84:68:59:6e:32:98:4b:4c:6a:ea:30:ee: eb:cc:03:38:5d:d4:88:9b:ee:0a:d5:8e:cd:56:81:84:a5:6c: 26:ba:7a:ba:9b:a3:16:7c:07:7a:45:3c:f2:dc:ab:ca:d3:0c: 99:df:4a:78:1a:f2:f2:03:70:fd:1b:65:76:2c:f1:65:72:73: 8e:35:7e:01:01:92:7f:8b:d7:d5:e2:01:c8:1b:b7:77:b3:d9: 4e:78:09:c6:8e:33:32:03:f1:20:fe:76:ea:e0:5c:38:e5:c2: 68:c8:44:33:85:25:e3:0a:72:0d:bd:a4:ea:38:21:8c:35:38: ef:2e:07:53 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTGWHVlc8VxhM1LBdUYoARcbnXq4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxNloX DTI3MDMwMzA2MTQxNlowMzExMC8GA1UEAxMoMzM5QkY2REFDMkE2N0ZDQjc3NTFC NUE3Rjk4MTI4OUM4QkVDREY1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgrOoTLUiFP9n1JNGyq1Q5PCpOz5MUcZSrMcSfQiD1jI5FlOklj+1ttINg7 zexI/waFhY3k9mFd0faw6iKlzDpVIGijnd892DphZvfqtrboMQZuOrjOvGXIFf7K 8NLGNqRkd5zwMqAXAgTyq306a/zq+Z/UjdjyXVA/LtlnqQQamUe2HTD4aNEiAW8K tE5MUnm14gNIgo+S8xpaw4BFwPsq4Dwhp7dmdHELqDimzTAvGqQfVAXRekhsJMcU ndSRD0+uG5RMmqbhXEfo7x/LfRoks9Pfo8vfSvOa6lTS6jgHBkPOom6J/P2xXhWm PhYg7PL+1o5OCKwgpP6p9jEAcJMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQzm/ba wqZ/y3dRtaf5gSici+zfWDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pWcwDQYJKoZIhvcNAQELBQADggEBAM1Ko0fGjWKNLVhJ2GkyfWRQhpKsUzV7X/wD gmYfJ3ZOf3Od66zuXorDIvUXgbejyOQQMLVKejT5F+WnUxRsTcuShC1lV/xBLdKB nDxISn9cFRCSzv8ro5gdENx8bVPDzAvGamoyXZiIUJONH8jfBIwKJIgfqwPKZcl4 hZ6hBCgXT1bGLIRoWW4ymEtMauow7uvMAzhd1Iib7grVjs1WgYSlbCa6erqboxZ8 B3pFPPLcq8rTDJnfSnga8vIDcP0bZXYs8WVyc441fgEBkn+L19XiAcgbt3ez2U54 CcaOMzID8SD+durgXDjlwmjIRDOFJeMKcg29pOo4IYw1OO8uB1M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:05 2026 by rpki-client