$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144251.roa File: AS144251.roa (raw, json) Hash identifier: Ztms0BP1nXioJBV/R2M1GI3PbsM8lHTTA3lqjblcDYw= Subject key identifier: 55:2A:42:F1:00:33:20:9B:C2:D9:3E:31:BB:DB:D6:83:68:43:39:54 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 23A4FA6FA13840C7A2B0081A43D24E3A49940C34 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144251.roa Signing time: Wed 04 Mar 2026 06:15:31 +0000 ROA not before: Wed 04 Mar 2026 06:10:31 +0000 ROA not after: Wed 03 Mar 2027 06:15:31 +0000 asID: 144251 IP address blocks: 240a:a641::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:a4:fa:6f:a1:38:40:c7:a2:b0:08:1a:43:d2:4e:3a:49:94:0c:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:31 2026 GMT Not After : Mar 3 06:15:31 2027 GMT Subject: CN=552A42F10033209BC2D93E31BBDBD68368433954 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:75:dc:0e:60:f8:a7:50:92:89:5e:b0:e4:90: 14:3c:d5:9f:62:ef:a1:ea:7e:04:68:c8:4d:23:00: 2e:41:df:06:ec:22:a2:fd:7f:24:e6:53:d9:9f:8b: a9:d3:56:c5:c6:f8:2e:6c:32:40:b0:2c:c2:73:e9: 94:d8:72:af:5a:9f:7d:68:17:70:e7:9d:d9:1a:6d: 00:2d:dc:e9:53:98:cf:e0:56:dc:ae:04:ef:31:ba: b2:27:6e:ca:4e:06:8b:ac:2e:98:e6:c3:90:d1:70: 1f:4c:4e:44:0c:f5:1f:9e:7a:17:e2:75:60:3c:9c: b4:53:63:71:dc:37:b5:04:84:5b:86:7c:95:3e:72: 04:7e:38:7a:84:85:9b:e0:f5:9b:a6:87:bb:d2:dc: da:b6:3f:3a:c3:51:73:15:a7:ef:0d:29:71:97:9d: 70:8c:65:d4:9f:f1:65:23:4a:53:52:d3:79:f3:79: 22:77:ff:35:bd:b9:2b:4e:31:c5:31:82:1e:61:fc: 16:55:dd:67:e4:bd:a4:dd:ae:51:c9:50:78:33:ed: 2f:c3:e5:e5:5d:6b:92:71:e7:2e:3a:86:c8:08:ae: bb:2d:3c:1e:3d:65:0f:15:47:4c:7a:46:a5:f8:e6: 5e:62:17:3c:93:80:05:6b:c3:68:26:a8:4a:d0:1e: 02:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:2A:42:F1:00:33:20:9B:C2:D9:3E:31:BB:DB:D6:83:68:43:39:54 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144251.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a641::/32 Signature Algorithm: sha256WithRSAEncryption d8:b8:b6:57:8a:8b:79:4f:1c:6f:67:57:c7:23:8f:7f:0a:66: f8:3b:b7:0b:e5:d2:25:3d:66:7c:f6:94:87:aa:ae:23:53:f6: 17:52:dd:42:6b:b0:cc:6e:54:47:48:33:1c:2a:70:28:44:e6: c6:2b:ca:4a:52:45:e3:82:35:00:24:d4:69:e7:a3:c0:95:15: 3a:fe:2a:84:9d:e4:9f:ac:f8:98:32:76:e7:7c:ba:96:9b:f9: 9b:25:86:8b:09:8b:08:47:1e:22:0d:b0:12:7f:db:2c:78:89: e1:07:85:fd:fa:16:4d:93:4b:dc:f9:b4:8f:87:b2:e5:71:d0: cf:30:66:98:d9:f4:42:39:85:e6:5b:46:ac:9b:be:54:dd:d8: c4:8d:9b:05:3e:0e:6b:c7:64:9f:4e:25:e9:d3:55:e2:ed:2d: ca:f7:4a:c0:33:ed:ac:47:69:2a:21:b8:7c:a2:52:88:76:f0: 40:b7:40:9f:37:7b:01:f3:a6:19:4c:36:c0:5f:28:bd:85:f7: 10:51:f3:19:e0:f4:7d:e5:7a:8e:f3:83:79:b0:d8:77:7c:13: 57:e7:40:f2:7d:17:cc:47:74:82:f7:4a:97:ab:26:48:cd:89: 6e:d8:82:c8:06:1e:0a:39:8a:f5:c5:61:e9:60:11:0f:ac:63: 76:ab:2d:c3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI6T6b6E4QMeisAgaQ9JOOkmUDDQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzMVoX DTI3MDMwMzA2MTUzMVowMzExMC8GA1UEAxMoNTUyQTQyRjEwMDMzMjA5QkMyRDkz RTMxQkJEQkQ2ODM2ODQzMzk1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIl13A5g+KdQkolesOSQFDzVn2Lvoep+BGjITSMALkHfBuwiov1/JOZT2Z+L qdNWxcb4LmwyQLAswnPplNhyr1qffWgXcOed2RptAC3c6VOYz+BW3K4E7zG6sidu yk4Gi6wumObDkNFwH0xORAz1H556F+J1YDyctFNjcdw3tQSEW4Z8lT5yBH44eoSF m+D1m6aHu9Lc2rY/OsNRcxWn7w0pcZedcIxl1J/xZSNKU1LTefN5Inf/Nb25K04x xTGCHmH8FlXdZ+S9pN2uUclQeDPtL8Pl5V1rknHnLjqGyAiuuy08Hj1lDxVHTHpG pfjmXmIXPJOABWvDaCaoStAeAuMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRVKkLx ADMgm8LZPjG729aDaEM5VDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pkEwDQYJKoZIhvcNAQELBQADggEBANi4tleKi3lPHG9nV8cjj38KZvg7twvl0iU9 Znz2lIeqriNT9hdS3UJrsMxuVEdIMxwqcChE5sYrykpSReOCNQAk1Gnno8CVFTr+ KoSd5J+s+Jgydud8upab+ZslhosJiwhHHiINsBJ/2yx4ieEHhf36Fk2TS9z5tI+H suVx0M8wZpjZ9EI5heZbRqybvlTd2MSNmwU+DmvHZJ9OJenTVeLtLcr3SsAz7axH aSohuHyiUoh28EC3QJ83ewHzphlMNsBfKL2F9xBR8xng9H3leo7zg3mw2Hd8E1fn QPJ9F8xHdIL3SperJkjNiW7YgsgGHgo5ivXFYelgEQ+sY3arLcM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:33 2026 by rpki-client