$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144038.roa File: AS144038.roa (raw, json) Hash identifier: 4RoNnLCbaLjTXete9hDFI3SMZerh4nXAzUOBkg19qM0= Subject key identifier: 07:97:09:E3:33:0B:B4:61:1F:BA:2E:73:BF:E7:79:31:6C:90:D1:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 43A1926AAA52E106C16ECFE676D090894F743170 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144038.roa Signing time: Wed 04 Mar 2026 06:15:09 +0000 ROA not before: Wed 04 Mar 2026 06:10:09 +0000 ROA not after: Wed 03 Mar 2027 06:15:09 +0000 asID: 144038 IP address blocks: 240a:a56c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:a1:92:6a:aa:52:e1:06:c1:6e:cf:e6:76:d0:90:89:4f:74:31:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:09 2026 GMT Not After : Mar 3 06:15:09 2027 GMT Subject: CN=079709E3330BB4611FBA2E73BFE779316C90D134 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:a8:e9:c5:41:77:3d:47:34:24:23:53:e4:d8: 08:94:36:26:81:5d:82:a7:39:2d:07:6d:17:3d:47: 59:eb:b9:ac:65:61:1d:5c:54:ae:8e:d6:33:9e:56: ad:e3:22:52:c9:31:8f:02:24:77:49:8f:de:0f:cf: bb:a7:37:41:cd:41:67:de:31:89:81:e4:69:08:cb: eb:be:bb:38:49:ec:77:9b:d2:0a:be:d0:b7:f6:ef: 4d:dc:74:2b:78:8c:c0:76:96:a4:16:c2:4c:7f:8f: e9:7d:b3:08:ec:37:19:87:b1:b7:ad:a4:9f:91:9b: 3e:d5:58:e7:a9:11:16:56:ac:49:3f:b1:3f:88:06: d2:b0:df:e7:8f:94:b5:98:bf:65:5d:e4:b9:af:42: ce:64:53:80:13:ef:e7:f8:81:2e:63:ee:8a:d8:c0: 1c:26:61:b9:9d:46:2a:07:cb:44:27:28:01:b5:9c: 3d:04:49:f1:82:25:ff:98:4d:5f:77:c1:bf:00:c9: fe:7b:6c:cf:bd:42:26:3a:76:57:c1:fc:11:d1:cc: d1:2b:7b:1a:ae:d9:d2:de:7d:b0:86:35:34:81:75: 8a:fe:92:f6:a5:b3:1b:83:23:d5:ad:8c:8e:d0:23: 93:f5:9f:e7:48:d2:e6:ab:75:8f:12:c7:6b:3d:91: 10:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:97:09:E3:33:0B:B4:61:1F:BA:2E:73:BF:E7:79:31:6C:90:D1:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a56c::/32 Signature Algorithm: sha256WithRSAEncryption 67:c6:6f:60:a2:6b:31:6c:82:2b:b4:22:1a:d2:6f:fe:ed:af: b2:00:19:82:6e:b9:a2:61:6d:45:45:00:51:20:b3:12:b4:41: 7f:b7:33:c7:59:47:5c:15:6e:0c:94:2b:57:28:bb:4a:3b:2c: a1:44:29:d5:f8:61:be:a2:17:74:42:10:0b:e5:d3:db:65:05: 48:77:37:71:46:86:6f:71:ed:bd:83:18:65:17:f0:5f:0a:5a: 4c:2b:ab:73:7e:92:54:de:f4:7d:50:f2:4b:9c:b6:69:d1:d7: bb:d8:b3:06:ac:ed:9d:d3:7d:2a:cb:97:63:8d:4d:df:b1:e3: 3a:1a:25:8c:f2:8d:02:3f:6a:ce:2d:dd:6b:d3:e3:6a:0c:21: 44:c5:7a:29:98:c4:f7:fc:c7:4b:2a:1c:5b:0d:f2:28:18:5c: d4:70:a7:10:d0:39:83:37:c1:4c:b2:9e:98:05:06:4b:35:a8: 39:6b:e7:28:34:80:50:39:12:a1:8a:63:a8:31:29:19:30:42: d2:31:a7:ab:4b:d1:37:25:27:12:2a:b7:b1:84:02:b7:80:c1: f7:54:8e:2c:6e:04:0d:7b:06:f3:d6:d4:2d:64:2e:2e:3f:69: 2f:a4:df:04:5a:fb:3f:f7:3d:da:23:9f:b7:bd:0e:29:93:69: c7:82:e3:45 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQ6GSaqpS4QbBbs/mdtCQiU90MXAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwOVoX DTI3MDMwMzA2MTUwOVowMzExMC8GA1UEAxMoMDc5NzA5RTMzMzBCQjQ2MTFGQkEy RTczQkZFNzc5MzE2QzkwRDEzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOuo6cVBdz1HNCQjU+TYCJQ2JoFdgqc5LQdtFz1HWeu5rGVhHVxUro7WM55W reMiUskxjwIkd0mP3g/Pu6c3Qc1BZ94xiYHkaQjL6767OEnsd5vSCr7Qt/bvTdx0 K3iMwHaWpBbCTH+P6X2zCOw3GYext62kn5GbPtVY56kRFlasST+xP4gG0rDf54+U tZi/ZV3kua9CzmRTgBPv5/iBLmPuitjAHCZhuZ1GKgfLRCcoAbWcPQRJ8YIl/5hN X3fBvwDJ/ntsz71CJjp2V8H8EdHM0St7Gq7Z0t59sIY1NIF1iv6S9qWzG4Mj1a2M jtAjk/Wf50jS5qt1jxLHaz2RENUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQHlwnj Mwu0YR+6LnO/53kxbJDRNDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pWwwDQYJKoZIhvcNAQELBQADggEBAGfGb2CiazFsgiu0IhrSb/7tr7IAGYJuuaJh bUVFAFEgsxK0QX+3M8dZR1wVbgyUK1cou0o7LKFEKdX4Yb6iF3RCEAvl09tlBUh3 N3FGhm9x7b2DGGUX8F8KWkwrq3N+klTe9H1Q8kuctmnR17vYswas7Z3TfSrLl2ON Td+x4zoaJYzyjQI/as4t3WvT42oMIUTFeimYxPf8x0sqHFsN8igYXNRwpxDQOYM3 wUyynpgFBks1qDlr5yg0gFA5EqGKY6gxKRkwQtIxp6tL0TclJxIqt7GEAreAwfdU jixuBA17BvPW1C1kLi4/aS+k3wRa+z/3Pdojn7e9DimTaceC40U= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:30 2026 by rpki-client