$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144254.roa File: AS144254.roa (raw, json) Hash identifier: YsCFtPb0RwitYdZLgUESklRayTyBafJaBOUdF54vr0I= Subject key identifier: 25:37:4A:69:7C:EC:DF:6D:F4:66:EF:8E:E7:1D:B8:DA:91:B3:1D:89 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5B58A885F2B2AA212C92995A5BE33BE627CA1A30 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144254.roa Signing time: Wed 04 Mar 2026 06:14:49 +0000 ROA not before: Wed 04 Mar 2026 06:09:49 +0000 ROA not after: Wed 03 Mar 2027 06:14:49 +0000 asID: 144254 IP address blocks: 240a:a644::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:58:a8:85:f2:b2:aa:21:2c:92:99:5a:5b:e3:3b:e6:27:ca:1a:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:49 2026 GMT Not After : Mar 3 06:14:49 2027 GMT Subject: CN=25374A697CECDF6DF466EF8EE71DB8DA91B31D89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:14:73:91:4c:61:46:93:96:9f:9e:10:50:22: ab:d4:d0:23:02:3f:7b:81:7f:ac:6b:32:2a:c3:96: e7:1d:8c:0c:86:0a:e0:55:a2:b8:d1:9d:8b:ff:c0: c1:34:33:f7:68:48:41:a8:dc:b8:03:14:48:82:e9: 8b:ec:08:e9:c0:2d:82:55:3f:71:a4:cb:d2:af:a5: a3:ef:0d:97:40:e9:b2:40:ac:18:fa:9b:16:e5:2b: 42:2a:ba:d1:5d:31:5d:0f:42:a5:33:2c:26:d1:25: a7:3d:34:de:08:cc:11:58:df:5b:79:ac:be:aa:d9: 07:24:c0:ba:be:7c:c0:62:74:71:38:ba:73:b4:cf: 16:63:1d:c6:9c:32:11:62:71:19:bd:28:16:ef:13: 4b:31:e8:14:7e:08:a3:87:91:3d:4a:fe:77:e0:f7: 04:e7:71:53:e6:3c:7f:17:4a:4c:04:14:85:32:d8: 74:71:f6:83:7e:0d:3e:31:dc:93:83:5d:84:7f:44: 1a:b1:4c:dc:99:82:e0:09:41:e2:1c:38:f1:84:7d: b2:05:6b:31:6a:e0:04:38:ff:0b:40:48:28:07:65: e9:a7:15:cd:fd:77:01:2b:9b:80:6e:c2:08:5d:e1: f5:ea:fb:cd:03:97:f9:79:5e:4a:5a:84:28:85:88: ea:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:37:4A:69:7C:EC:DF:6D:F4:66:EF:8E:E7:1D:B8:DA:91:B3:1D:89 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144254.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a644::/32 Signature Algorithm: sha256WithRSAEncryption 2e:d1:bc:c4:9b:97:d7:72:bc:a3:e9:cd:cc:04:95:d1:e6:54: 6c:61:a6:f3:bc:db:22:5c:c3:35:d6:ec:12:67:02:ca:c2:43: e0:a7:09:c2:cc:87:16:1d:a3:b1:7d:25:1e:28:10:09:35:09: 9b:35:20:c6:cd:ac:96:66:a8:70:58:60:4e:99:8d:f5:50:f8: ef:52:c8:36:5a:0b:c7:8b:9f:f5:50:cc:5e:9c:4a:ff:c5:2f: 4d:1c:82:92:62:58:18:a8:ea:b4:18:db:1c:ed:24:13:2d:86: fd:5d:a3:14:06:12:f1:86:2d:d7:e0:03:4d:26:7a:6b:95:70: a6:a8:ae:1c:ec:29:b6:c5:26:74:7f:8c:7a:21:b1:fc:f5:95: b9:e8:4b:56:7d:79:fc:de:2b:0d:59:62:b2:cf:bb:ad:ad:3f: b6:4c:04:35:ac:27:ee:3b:5f:90:c6:d8:48:99:ec:0d:a8:86: 75:8d:a9:b3:76:de:09:ea:66:96:0f:9a:85:69:ff:7b:fa:58: ee:03:87:80:62:5b:04:20:88:fb:9c:24:c6:e3:9b:4e:b9:db: 2e:b5:27:bb:be:c0:40:b0:a5:50:59:63:e2:cb:ca:bd:89:f2: 46:97:50:07:02:79:30:79:c4:23:0b:ee:15:0f:6f:bb:47:d7: 56:8f:a4:56 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUW1iohfKyqiEskplaW+M75ifKGjAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0OVoX DTI3MDMwMzA2MTQ0OVowMzExMC8GA1UEAxMoMjUzNzRBNjk3Q0VDREY2REY0NjZF RjhFRTcxREI4REE5MUIzMUQ4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4Uc5FMYUaTlp+eEFAiq9TQIwI/e4F/rGsyKsOW5x2MDIYK4FWiuNGdi//A wTQz92hIQajcuAMUSILpi+wI6cAtglU/caTL0q+lo+8Nl0DpskCsGPqbFuUrQiq6 0V0xXQ9CpTMsJtElpz003gjMEVjfW3msvqrZByTAur58wGJ0cTi6c7TPFmMdxpwy EWJxGb0oFu8TSzHoFH4Io4eRPUr+d+D3BOdxU+Y8fxdKTAQUhTLYdHH2g34NPjHc k4NdhH9EGrFM3JmC4AlB4hw48YR9sgVrMWrgBDj/C0BIKAdl6acVzf13ASubgG7C CF3h9er7zQOX+XleSlqEKIWI6gMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQlN0pp fOzfbfRm747nHbjakbMdiTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pkQwDQYJKoZIhvcNAQELBQADggEBAC7RvMSbl9dyvKPpzcwEldHmVGxhpvO82yJc wzXW7BJnAsrCQ+CnCcLMhxYdo7F9JR4oEAk1CZs1IMbNrJZmqHBYYE6ZjfVQ+O9S yDZaC8eLn/VQzF6cSv/FL00cgpJiWBio6rQY2xztJBMthv1doxQGEvGGLdfgA00m emuVcKaorhzsKbbFJnR/jHohsfz1lbnoS1Z9efzeKw1ZYrLPu62tP7ZMBDWsJ+47 X5DG2EiZ7A2ohnWNqbN23gnqZpYPmoVp/3v6WO4Dh4BiWwQgiPucJMbjm0652y61 J7u+wECwpVBZY+LLyr2J8kaXUAcCeTB5xCML7hUPb7tH11aPpFY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:21 2026 by rpki-client