$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144270.roa File: AS144270.roa (raw, json) Hash identifier: L+ixyk89KTQ+FgTq1HRIybDfOTLqyIf5UEg4bn2oJfs= Subject key identifier: CD:8B:5B:70:05:B8:99:97:4E:91:49:9E:7E:8D:0C:B1:96:99:0B:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 335C5BC9A838D47B214B7A0D3D6F20B97F61A006 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144270.roa Signing time: Wed 04 Mar 2026 06:14:34 +0000 ROA not before: Wed 04 Mar 2026 06:09:34 +0000 ROA not after: Wed 03 Mar 2027 06:14:34 +0000 asID: 144270 IP address blocks: 240a:a654::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:5c:5b:c9:a8:38:d4:7b:21:4b:7a:0d:3d:6f:20:b9:7f:61:a0:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:34 2026 GMT Not After : Mar 3 06:14:34 2027 GMT Subject: CN=CD8B5B7005B899974E91499E7E8D0CB196990BF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:17:c5:14:69:eb:21:86:52:5a:af:50:68:91: 4e:40:5c:4d:cb:5f:5b:4e:36:1d:cd:16:1d:0a:a8: 87:97:12:27:ba:4b:4e:7f:5a:91:57:1d:0d:7e:bc: de:06:04:e2:b5:f2:8e:fd:17:2c:8c:87:63:ae:b6: 14:b9:f7:a8:7a:c6:9f:07:6a:bb:0b:4e:a8:28:39: f8:c6:ff:96:1c:ee:2b:12:a6:31:80:b6:de:6a:4b: 6d:33:e5:3a:1d:76:33:70:24:25:77:b9:cd:0c:c2: fa:86:ee:19:90:ac:90:3e:ec:53:29:45:14:c3:b2: 2e:da:8f:90:9e:19:9a:dd:dd:e2:36:80:88:68:23: 62:36:5d:8e:96:e5:bc:00:85:0e:38:9e:5a:23:31: d6:33:f6:63:81:a3:b2:84:d4:61:2b:bf:d7:13:5c: 7a:3f:fb:ba:bd:33:7b:17:60:39:a5:ee:e7:5b:bc: 7b:6d:44:40:f8:3b:44:74:8f:a9:65:f9:1a:b0:6e: 7d:31:8b:ad:df:58:13:65:d5:19:70:80:70:c0:d2: 69:55:54:4c:b0:56:8b:ec:06:24:25:04:1c:b1:b0: 54:66:53:97:64:22:a8:6d:b6:83:8d:ec:03:30:64: 2b:91:b6:fc:1e:26:2e:ba:12:0b:33:a9:bf:81:9a: 62:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:8B:5B:70:05:B8:99:97:4E:91:49:9E:7E:8D:0C:B1:96:99:0B:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144270.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a654::/32 Signature Algorithm: sha256WithRSAEncryption d9:a6:9a:0a:0b:e7:88:28:c2:8e:74:a9:4b:63:63:a7:4b:e9: b2:a0:b3:08:4e:90:04:d3:54:4f:d1:6f:8f:78:c6:6b:80:d3: 60:65:0e:52:28:72:63:9c:6c:ab:b6:b9:65:22:cc:51:ab:6c: 65:23:2a:58:d7:a7:bb:04:75:4d:0b:51:27:4e:f2:44:ff:4b: 50:41:04:a6:c7:84:02:17:97:51:b7:8c:96:19:03:48:be:cb: 50:5a:b6:4d:ff:e8:50:77:e8:6b:45:c5:4b:2f:97:a7:2c:e3: ee:f9:24:22:ac:14:86:10:dc:8c:bf:75:3c:ff:ff:19:9d:2b: 26:67:ca:04:a3:47:48:1b:51:ab:43:e8:ee:ce:e8:61:50:88: 1c:af:b7:e8:06:72:af:ed:01:1f:59:43:2f:41:1d:a9:55:e2: a8:e9:dc:8f:b0:4d:9d:2c:8a:97:2b:8c:9f:19:da:89:5d:1c: 16:ab:22:35:72:e1:58:43:4e:e8:d6:6d:8b:56:4c:44:72:ab: 2b:d6:e4:f6:ae:e6:2b:7b:84:b1:5a:24:a0:24:10:2c:5e:c4: 79:11:a4:54:58:34:5a:49:07:36:9f:08:19:06:b1:6e:5b:2d: cb:ce:9d:93:47:04:70:85:7c:58:4d:b6:73:ca:ad:a2:87:70: 07:75:33:46 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUM1xbyag41HshS3oNPW8guX9hoAYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzNFoX DTI3MDMwMzA2MTQzNFowMzExMC8GA1UEAxMoQ0Q4QjVCNzAwNUI4OTk5NzRFOTE0 OTlFN0U4RDBDQjE5Njk5MEJGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwXxRRp6yGGUlqvUGiRTkBcTctfW042Hc0WHQqoh5cSJ7pLTn9akVcdDX68 3gYE4rXyjv0XLIyHY662FLn3qHrGnwdquwtOqCg5+Mb/lhzuKxKmMYC23mpLbTPl Oh12M3AkJXe5zQzC+obuGZCskD7sUylFFMOyLtqPkJ4Zmt3d4jaAiGgjYjZdjpbl vACFDjieWiMx1jP2Y4GjsoTUYSu/1xNcej/7ur0zexdgOaXu51u8e21EQPg7RHSP qWX5GrBufTGLrd9YE2XVGXCAcMDSaVVUTLBWi+wGJCUEHLGwVGZTl2QiqG22g43s AzBkK5G2/B4mLroSCzOpv4GaYoECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNi1tw BbiZl06RSZ5+jQyxlpkL9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK plQwDQYJKoZIhvcNAQELBQADggEBANmmmgoL54gowo50qUtjY6dL6bKgswhOkATT VE/Rb494xmuA02BlDlIocmOcbKu2uWUizFGrbGUjKljXp7sEdU0LUSdO8kT/S1BB BKbHhAIXl1G3jJYZA0i+y1Batk3/6FB36GtFxUsvl6cs4+75JCKsFIYQ3Iy/dTz/ /xmdKyZnygSjR0gbUatD6O7O6GFQiByvt+gGcq/tAR9ZQy9BHalV4qjp3I+wTZ0s ipcrjJ8Z2oldHBarIjVy4VhDTujWbYtWTERyqyvW5Pau5it7hLFaJKAkECxexHkR pFRYNFpJBzafCBkGsW5bLcvOnZNHBHCFfFhNtnPKraKHcAd1M0Y= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:44 2026 by rpki-client