$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144209.roa File: AS144209.roa (raw, json) Hash identifier: AJ8ZdJvldXkb8qSZXHdW8jT8kYPZ/ewIkIdzugv/Wbw= Subject key identifier: 06:91:FB:4E:C0:DD:7A:67:D3:94:86:33:2C:47:AB:FB:3C:BF:DD:50 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3215C67FA46CEFC03E744BF400E6A6A3A365CC71 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144209.roa Signing time: Wed 04 Mar 2026 06:13:00 +0000 ROA not before: Wed 04 Mar 2026 06:08:00 +0000 ROA not after: Wed 03 Mar 2027 06:13:00 +0000 asID: 144209 IP address blocks: 240a:a617::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:15:c6:7f:a4:6c:ef:c0:3e:74:4b:f4:00:e6:a6:a3:a3:65:cc:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:00 2026 GMT Not After : Mar 3 06:13:00 2027 GMT Subject: CN=0691FB4EC0DD7A67D39486332C47ABFB3CBFDD50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a2:74:89:82:3f:2e:4f:b5:1b:9e:b7:9e:62: ed:64:91:47:2a:0b:ad:81:7f:e5:f9:79:05:fe:bd: 5e:84:cd:ad:8f:6c:12:24:12:36:af:1f:43:a5:a0: d9:0b:08:2e:5d:ec:39:aa:da:07:f3:25:ff:70:0d: 5a:86:5e:74:2c:ab:b7:62:99:5f:3b:4c:4b:d7:32: f5:dd:93:78:c4:d3:70:5b:5f:dc:60:2d:6f:ed:ac: 2e:05:a9:3e:49:b5:a9:58:a4:a9:42:f9:66:e7:e1: c0:4f:d5:03:2a:9d:4e:25:b1:92:d8:dc:8a:bd:d3: f8:4b:1d:fb:94:fb:6c:fa:c9:3b:01:96:f2:46:ab: b3:10:d5:bc:89:19:04:9c:4b:88:4e:5e:08:21:69: 85:c9:06:66:6d:6e:e4:5e:eb:8d:fd:c4:23:a6:d7: 2e:c1:44:a7:d4:bd:70:03:46:ff:55:ba:94:53:1c: 60:30:5a:8d:2a:26:03:8c:60:81:7f:1a:fa:bc:db: a4:15:66:b4:cf:2a:32:92:95:13:b2:7d:fd:8f:dd: 00:16:35:a6:66:5b:29:eb:5e:22:0f:6d:71:85:cb: 8c:65:64:9f:d6:44:42:65:73:16:d2:86:d4:7b:77: f8:a6:c2:1a:4f:16:e5:7b:c4:87:e8:61:a5:1c:ab: 03:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:91:FB:4E:C0:DD:7A:67:D3:94:86:33:2C:47:AB:FB:3C:BF:DD:50 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144209.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a617::/32 Signature Algorithm: sha256WithRSAEncryption a3:30:02:a9:89:34:93:bf:41:61:83:e1:32:06:f5:37:c7:b4: 05:84:0f:f9:70:17:41:e5:28:d5:df:a7:51:59:df:83:65:3a: 57:5c:72:f7:db:63:bd:3b:60:c3:3c:92:00:8c:40:5b:86:eb: 63:b9:cd:c2:37:24:cf:12:f4:1a:ae:2f:00:28:6d:8e:bb:25: bc:81:67:44:d9:75:41:d2:64:96:7f:17:80:96:5b:3f:26:e5: 05:f9:6a:b7:ad:79:9c:ce:29:b9:7e:8a:d0:b8:05:b4:f7:33: ac:e3:59:1c:73:a4:db:46:2a:7c:63:eb:d1:31:10:f6:6e:52: 27:f4:67:30:99:af:b1:ca:4b:68:12:d3:a3:ed:d4:ae:d1:15: 25:aa:33:52:d2:43:f0:de:cb:17:e9:a6:6e:a5:7d:22:3c:16: 65:44:18:c5:bf:28:82:1a:30:02:55:0f:a2:6c:4b:9e:6c:cc: 35:10:97:9c:e3:de:9e:b4:a2:b3:f5:44:d6:38:36:ea:a7:f9: 32:3f:d9:15:81:4b:fa:61:93:ae:0f:81:f6:e5:c8:f5:c0:3c: d6:f6:0a:f8:31:4d:81:69:d7:85:45:19:c8:a9:30:f6:2a:fa: c8:e4:fd:6a:94:9d:4b:57:2b:ce:b4:44:4d:37:85:20:6f:01: 41:78:08:cc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMhXGf6Rs78A+dEv0AOamo6NlzHEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwMFoX DTI3MDMwMzA2MTMwMFowMzExMC8GA1UEAxMoMDY5MUZCNEVDMEREN0E2N0QzOTQ4 NjMzMkM0N0FCRkIzQ0JGREQ1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN2idImCPy5PtRuet55i7WSRRyoLrYF/5fl5Bf69XoTNrY9sEiQSNq8fQ6Wg 2QsILl3sOaraB/Ml/3ANWoZedCyrt2KZXztMS9cy9d2TeMTTcFtf3GAtb+2sLgWp Pkm1qVikqUL5ZufhwE/VAyqdTiWxktjcir3T+Esd+5T7bPrJOwGW8karsxDVvIkZ BJxLiE5eCCFphckGZm1u5F7rjf3EI6bXLsFEp9S9cANG/1W6lFMcYDBajSomA4xg gX8a+rzbpBVmtM8qMpKVE7J9/Y/dABY1pmZbKeteIg9tcYXLjGVkn9ZEQmVzFtKG 1Ht3+KbCGk8W5XvEh+hhpRyrA30CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQGkftO wN16Z9OUhjMsR6v7PL/dUDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK phcwDQYJKoZIhvcNAQELBQADggEBAKMwAqmJNJO/QWGD4TIG9TfHtAWED/lwF0Hl KNXfp1FZ34NlOldccvfbY707YMM8kgCMQFuG62O5zcI3JM8S9BquLwAobY67JbyB Z0TZdUHSZJZ/F4CWWz8m5QX5areteZzOKbl+itC4BbT3M6zjWRxzpNtGKnxj69Ex EPZuUif0ZzCZr7HKS2gS06Pt1K7RFSWqM1LSQ/Deyxfppm6lfSI8FmVEGMW/KIIa MAJVD6JsS55szDUQl5zj3p60orP1RNY4Nuqn+TI/2RWBS/phk64PgfblyPXAPNb2 CvgxTYFp14VFGcipMPYq+sjk/WqUnUtXK860RE03hSBvAUF4CMw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:24 2026 by rpki-client