$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144234.roa File: AS144234.roa (raw, json) Hash identifier: /bWLsPjdPKYExTNeK16Cbsi5jTyjb9KfD3uxpCSsl8c= Subject key identifier: D8:E5:60:52:C1:52:AC:B7:8D:EA:18:7E:D7:B3:EF:21:43:BC:AD:FC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3DBB2103EAF428425C5E313C33E23C729EA00D1D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144234.roa Signing time: Wed 04 Mar 2026 06:15:33 +0000 ROA not before: Wed 04 Mar 2026 06:10:33 +0000 ROA not after: Wed 03 Mar 2027 06:15:33 +0000 asID: 144234 IP address blocks: 240a:a630::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:bb:21:03:ea:f4:28:42:5c:5e:31:3c:33:e2:3c:72:9e:a0:0d:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:33 2026 GMT Not After : Mar 3 06:15:33 2027 GMT Subject: CN=D8E56052C152ACB78DEA187ED7B3EF2143BCADFC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:4c:73:7a:e7:ef:dc:18:1c:e5:ae:52:9a:ab: 60:88:1f:d9:ea:97:85:b1:24:76:a1:40:1b:d3:54: 65:94:d6:41:b5:a9:64:85:17:9e:33:90:ca:c5:42: e8:c0:75:86:5e:ae:3c:8a:1f:9c:b5:2b:28:47:6b: 34:7e:62:97:4c:3c:27:5b:51:c3:84:52:e4:9c:5b: 6a:6f:48:9a:42:53:bd:2f:a0:e9:4f:cd:74:59:b9: 8c:8b:87:ca:58:33:87:22:b8:85:31:0a:8a:21:9e: 62:00:ac:2a:54:4f:05:ca:9c:63:4a:4d:e1:d8:92: 17:c6:14:5a:64:a0:6f:80:89:b0:31:d1:94:10:3a: 25:7b:50:f7:fc:7a:4b:bf:5b:cf:12:c5:ad:d9:73: 19:07:97:8a:1d:9b:83:52:32:fd:ea:09:04:87:38: 6f:40:ef:eb:dd:da:a7:f2:bb:27:d2:7d:cf:78:b1: d5:4d:44:06:ae:10:59:ce:d9:63:30:ec:bb:1c:a0: 8f:3e:f5:1d:6b:2a:1b:33:75:31:f2:d2:e2:8f:1a: 6b:b0:71:ff:ad:0a:db:df:48:14:e0:17:ac:4b:ef: 69:00:a9:18:70:42:b7:ef:8e:35:bd:b7:a3:0e:73: 3e:63:a2:92:b7:e5:5a:19:cf:d9:80:66:92:57:2f: 8b:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:E5:60:52:C1:52:AC:B7:8D:EA:18:7E:D7:B3:EF:21:43:BC:AD:FC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a630::/32 Signature Algorithm: sha256WithRSAEncryption 38:92:6e:9a:1d:12:6e:bd:81:9c:3f:15:32:ee:3c:81:17:09: 74:8b:ae:d6:b5:d8:2d:c1:d0:99:e8:8e:ea:9c:3b:27:e5:ca: 12:b9:f7:32:5c:15:14:0e:16:99:55:33:4b:4a:9d:c4:ce:25: 4c:e2:d3:4c:70:12:0a:74:94:80:98:52:0f:be:53:98:db:df: bb:a1:2a:0e:f8:57:ba:7f:28:0e:a3:9f:7b:a2:45:62:92:52: fc:df:a6:b9:bc:0b:d8:14:a7:43:29:9e:74:b5:98:19:15:8d: 01:3e:80:8b:ae:a8:75:96:ea:1b:00:4f:ef:ae:ad:b2:bd:d6: fb:96:8b:ad:6c:bf:cd:2e:3e:1d:75:e3:63:6d:09:08:38:83: e3:47:88:b3:5a:ae:21:11:d4:2a:b4:2b:77:f6:d0:3a:aa:a1: 4c:b1:77:b4:64:2c:63:f2:12:0a:e6:54:42:12:ad:99:16:02: a4:18:8d:b4:2f:cc:f2:61:af:3f:05:ab:62:19:61:7c:73:5c: 5e:85:88:be:78:cf:a3:ae:4b:fe:d2:86:6d:9d:fd:f4:84:b7: 5a:67:4f:8f:79:03:9a:a6:42:2c:8c:02:17:09:27:01:ba:3d: 97:02:d5:81:6f:75:ad:72:e0:24:6b:3b:b3:64:46:5c:7e:cb: de:11:50:2c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPbshA+r0KEJcXjE8M+I8cp6gDR0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzM1oX DTI3MDMwMzA2MTUzM1owMzExMC8GA1UEAxMoRDhFNTYwNTJDMTUyQUNCNzhERUEx ODdFRDdCM0VGMjE0M0JDQURGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZMc3rn79wYHOWuUpqrYIgf2eqXhbEkdqFAG9NUZZTWQbWpZIUXnjOQysVC 6MB1hl6uPIofnLUrKEdrNH5il0w8J1tRw4RS5Jxbam9ImkJTvS+g6U/NdFm5jIuH ylgzhyK4hTEKiiGeYgCsKlRPBcqcY0pN4diSF8YUWmSgb4CJsDHRlBA6JXtQ9/x6 S79bzxLFrdlzGQeXih2bg1Iy/eoJBIc4b0Dv693ap/K7J9J9z3ix1U1EBq4QWc7Z YzDsuxygjz71HWsqGzN1MfLS4o8aa7Bx/60K299IFOAXrEvvaQCpGHBCt++ONb23 ow5zPmOikrflWhnP2YBmklcviy8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTY5WBS wVKst43qGH7Xs+8hQ7yt/DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pjAwDQYJKoZIhvcNAQELBQADggEBADiSbpodEm69gZw/FTLuPIEXCXSLrta12C3B 0JnojuqcOyflyhK59zJcFRQOFplVM0tKncTOJUzi00xwEgp0lICYUg++U5jb37uh Kg74V7p/KA6jn3uiRWKSUvzfprm8C9gUp0MpnnS1mBkVjQE+gIuuqHWW6hsAT++u rbK91vuWi61sv80uPh1142NtCQg4g+NHiLNariER1Cq0K3f20DqqoUyxd7RkLGPy EgrmVEISrZkWAqQYjbQvzPJhrz8Fq2IZYXxzXF6FiL54z6OuS/7Shm2d/fSEt1pn T495A5qmQiyMAhcJJwG6PZcC1YFvda1y4CRrO7NkRlx+y94RUCw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:42 2026 by rpki-client