$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144269.roa File: AS144269.roa (raw, json) Hash identifier: G1IhHDvF4vgTw+tHimxYLAH+iI/YMt93375ibbeEIW0= Subject key identifier: B7:A3:E1:4E:81:58:CE:4E:B8:1C:40:37:C8:42:55:9E:50:33:1C:82 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 25B7BD644B4F29BAB1F40B01B097054F78B72384 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144269.roa Signing time: Wed 04 Mar 2026 06:13:43 +0000 ROA not before: Wed 04 Mar 2026 06:08:43 +0000 ROA not after: Wed 03 Mar 2027 06:13:43 +0000 asID: 144269 IP address blocks: 240a:a653::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:b7:bd:64:4b:4f:29:ba:b1:f4:0b:01:b0:97:05:4f:78:b7:23:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:43 2026 GMT Not After : Mar 3 06:13:43 2027 GMT Subject: CN=B7A3E14E8158CE4EB81C4037C842559E50331C82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4d:69:14:9a:8d:a2:58:e1:1c:0c:76:64:3e: d9:87:ef:c4:cc:b8:0a:5d:d6:19:ad:98:23:e0:72: a2:e6:07:a9:5b:73:fe:dd:51:03:9f:23:59:01:22: e9:7a:28:a7:99:e5:cd:cf:75:82:fb:0a:ad:db:82: e4:80:4e:50:89:8a:3f:dc:dd:f3:b8:aa:88:71:53: 26:8c:de:22:49:73:ee:3a:1c:e8:74:30:06:c6:dd: f3:b2:84:4c:42:3d:f4:4b:ef:cc:e1:a8:55:08:c4: c2:5d:4a:f6:ff:9e:63:aa:97:1f:58:fd:ef:49:28: fa:87:8e:c1:b4:88:44:eb:b8:cc:ad:45:6e:53:2c: 92:5c:a7:e9:88:8b:c6:a7:0a:07:b1:e5:3d:41:db: bb:06:3a:6c:0d:b9:ca:63:fd:9c:75:fd:f0:d3:28: e1:27:1f:76:39:c7:e5:04:d0:96:2e:b1:fd:f3:9d: ac:3c:14:c5:d6:ba:43:21:98:a8:4e:36:69:41:ae: 74:7e:74:32:56:cf:1a:6c:69:aa:16:41:64:a0:32: d6:35:aa:e2:c6:0c:1e:7c:9d:5a:b2:50:4e:8c:d8: 9f:fd:57:d3:2f:3e:85:e5:c0:3c:97:d4:56:84:6a: fb:dd:23:b8:d2:02:1a:ec:72:c3:50:71:4d:4a:1b: 27:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:A3:E1:4E:81:58:CE:4E:B8:1C:40:37:C8:42:55:9E:50:33:1C:82 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144269.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a653::/32 Signature Algorithm: sha256WithRSAEncryption d8:31:11:29:b4:1f:e3:c1:f6:51:c1:e2:98:0c:b3:ea:c7:d9: f5:dd:32:f3:93:d5:e2:25:2c:e1:18:b1:f4:ac:6d:fa:6f:ab: ee:cb:ad:27:fb:ac:98:2e:d3:23:1f:c5:b1:5a:93:25:fd:b2: 11:90:f6:cf:90:da:22:d7:ae:6d:ed:0b:9e:d6:a5:c9:74:0c: 54:9f:aa:95:aa:8a:30:8c:34:ed:16:53:6d:41:ed:49:47:20: 9c:5b:9f:85:4c:85:17:d4:3d:14:6a:2f:4a:7d:3f:1e:0d:72: 3d:ab:65:78:43:d0:09:70:06:b7:07:95:22:2d:a6:6b:2f:cc: 3a:c7:51:5b:a7:dc:0b:4a:1a:45:52:92:2b:88:b6:22:4c:55: bd:60:dd:9f:cb:93:b0:31:6a:5f:a9:28:8c:1c:ec:35:28:eb: 6c:1d:1f:bb:10:aa:24:3a:de:41:50:16:45:f5:65:d4:df:0f: c8:ab:b0:d1:c0:e3:43:0c:ab:63:4d:c7:43:af:40:5a:14:3e: 6d:5f:fc:84:5f:04:83:f4:3a:9d:3b:36:ed:0e:e8:d4:b5:5f: e7:9b:fc:9c:b1:42:3c:b2:bf:01:51:f7:a5:e0:4d:7d:bb:7c: b3:45:53:25:ba:d0:b8:cd:2a:7e:28:19:78:20:7a:f4:72:8f: fd:d7:e8:be -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJbe9ZEtPKbqx9AsBsJcFT3i3I4QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0M1oX DTI3MDMwMzA2MTM0M1owMzExMC8GA1UEAxMoQjdBM0UxNEU4MTU4Q0U0RUI4MUM0 MDM3Qzg0MjU1OUU1MDMzMUM4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMdNaRSajaJY4RwMdmQ+2YfvxMy4Cl3WGa2YI+ByouYHqVtz/t1RA58jWQEi 6Xoop5nlzc91gvsKrduC5IBOUImKP9zd87iqiHFTJozeIklz7joc6HQwBsbd87KE TEI99EvvzOGoVQjEwl1K9v+eY6qXH1j970ko+oeOwbSIROu4zK1FblMsklyn6YiL xqcKB7HlPUHbuwY6bA25ymP9nHX98NMo4ScfdjnH5QTQli6x/fOdrDwUxda6QyGY qE42aUGudH50MlbPGmxpqhZBZKAy1jWq4sYMHnydWrJQTozYn/1X0y8+heXAPJfU VoRq+90juNICGuxyw1BxTUobJxECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS3o+FO gVjOTrgcQDfIQlWeUDMcgjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK plMwDQYJKoZIhvcNAQELBQADggEBANgxESm0H+PB9lHB4pgMs+rH2fXdMvOT1eIl LOEYsfSsbfpvq+7LrSf7rJgu0yMfxbFakyX9shGQ9s+Q2iLXrm3tC57Wpcl0DFSf qpWqijCMNO0WU21B7UlHIJxbn4VMhRfUPRRqL0p9Px4Ncj2rZXhD0AlwBrcHlSIt pmsvzDrHUVun3AtKGkVSkiuItiJMVb1g3Z/Lk7Axal+pKIwc7DUo62wdH7sQqiQ6 3kFQFkX1ZdTfD8irsNHA40MMq2NNx0OvQFoUPm1f/IRfBIP0Op07Nu0O6NS1X+eb /JyxQjyyvwFR96XgTX27fLNFUyW60LjNKn4oGXggevRyj/3X6L4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:04 2026 by rpki-client