$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144271.roa File: AS144271.roa (raw, json) Hash identifier: cnUR5Xaf3s9m0zg7BJtEgNrKgvbfQ44EtDdZShqwUAw= Subject key identifier: D0:5A:CC:26:D9:A9:D2:F3:EC:56:65:36:8B:BF:7B:2F:A5:05:6A:AB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0AE92946CF3BCAADE3BA4CDFB2D2F5BE40C5322F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144271.roa Signing time: Wed 04 Mar 2026 06:13:53 +0000 ROA not before: Wed 04 Mar 2026 06:08:53 +0000 ROA not after: Wed 03 Mar 2027 06:13:53 +0000 asID: 144271 IP address blocks: 240a:a655::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:e9:29:46:cf:3b:ca:ad:e3:ba:4c:df:b2:d2:f5:be:40:c5:32:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:53 2026 GMT Not After : Mar 3 06:13:53 2027 GMT Subject: CN=D05ACC26D9A9D2F3EC5665368BBF7B2FA5056AAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:1d:d0:cf:f1:d8:1e:30:3d:6f:d7:32:9f:15: e5:84:47:47:9a:42:6e:0a:65:85:31:34:cc:43:6a: bc:f4:9a:56:bd:fa:3e:6a:6b:73:88:e0:cd:46:e1: ce:1b:23:2b:b9:6a:e8:4b:b3:4f:bc:0d:bd:40:ef: e0:83:bb:94:2e:bb:bc:66:6d:50:d9:44:1a:34:62: dc:50:d9:85:a5:47:92:97:88:51:8a:f8:1c:a2:97: 1e:9b:ac:65:c0:ae:32:16:fe:bc:f9:00:be:27:91: bd:57:78:0c:83:aa:df:4a:cb:17:22:2d:da:58:98: a7:c3:d4:0b:c1:76:ec:fc:9a:82:50:a2:13:0b:eb: de:e3:d3:51:f4:4d:17:da:d5:91:de:95:bf:ac:97: c9:49:d1:32:08:f9:b6:87:ce:69:78:5f:b8:ff:ee: 4a:ea:d3:97:c6:48:7b:a4:73:55:4d:5a:8a:92:97: 99:1d:f7:93:68:4f:17:2c:dc:22:b9:9d:67:49:80: e3:d3:cc:90:fe:99:43:a5:63:cb:34:18:eb:a5:b9: b3:99:f4:6b:52:6b:81:c8:e6:99:41:e2:06:e5:fa: ec:4b:7a:20:e9:5a:8f:23:69:4b:40:60:80:b6:3f: 64:fd:5a:10:2a:fa:5a:54:be:3d:3d:fa:8c:6e:48: ec:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:5A:CC:26:D9:A9:D2:F3:EC:56:65:36:8B:BF:7B:2F:A5:05:6A:AB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144271.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a655::/32 Signature Algorithm: sha256WithRSAEncryption 80:ce:f7:15:46:5d:c3:50:b3:a2:7d:b2:39:a0:35:18:7b:dd: c6:7d:c3:bb:b9:b0:64:dd:25:e1:61:d6:42:26:6d:c1:da:03: 1f:75:be:b9:b0:bb:ed:6f:04:4c:1e:15:5d:f6:55:08:10:0d: 97:77:4b:f4:68:3a:7b:ee:70:c1:23:38:df:e7:e4:53:48:f2: ed:1a:49:98:85:77:35:c8:5d:00:36:f9:fb:d4:b5:50:04:40: a0:7e:b0:0b:67:b8:ab:94:70:7a:55:a4:a0:ef:4f:79:72:13: ce:84:58:7c:3b:e0:0e:6f:e9:cc:fa:79:d3:c8:06:e2:97:fd: 04:18:14:5e:95:5b:0c:95:ef:f8:41:3e:36:64:f0:cf:1b:22: 2f:0b:d2:c9:8b:11:34:cc:b2:6a:16:2e:f4:b6:dc:57:55:49: e5:06:81:a1:58:95:5c:57:e3:1a:cc:9b:3e:4c:f3:80:b9:ef: 4a:cf:b7:4f:56:2f:1d:dc:43:2b:76:d3:ab:fe:58:92:dd:f5: c0:99:1e:c5:be:e4:56:52:d3:bf:97:86:ee:9f:1c:fe:fd:78: 2d:10:c3:36:9d:f8:b4:6e:75:76:d0:67:39:47:22:00:f8:ad: cf:6d:1d:79:88:06:22:4a:0a:a6:34:fe:44:5f:50:f6:6a:5f: 9e:13:12:b8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCukpRs87yq3jukzfstL1vkDFMi8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1M1oX DTI3MDMwMzA2MTM1M1owMzExMC8GA1UEAxMoRDA1QUNDMjZEOUE5RDJGM0VDNTY2 NTM2OEJCRjdCMkZBNTA1NkFBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJcd0M/x2B4wPW/XMp8V5YRHR5pCbgplhTE0zENqvPSaVr36Pmprc4jgzUbh zhsjK7lq6EuzT7wNvUDv4IO7lC67vGZtUNlEGjRi3FDZhaVHkpeIUYr4HKKXHpus ZcCuMhb+vPkAvieRvVd4DIOq30rLFyIt2liYp8PUC8F27PyaglCiEwvr3uPTUfRN F9rVkd6Vv6yXyUnRMgj5tofOaXhfuP/uSurTl8ZIe6RzVU1aipKXmR33k2hPFyzc IrmdZ0mA49PMkP6ZQ6VjyzQY66W5s5n0a1JrgcjmmUHiBuX67Et6IOlajyNpS0Bg gLY/ZP1aECr6WlS+PT36jG5I7K8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQWswm 2anS8+xWZTaLv3svpQVqqzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK plUwDQYJKoZIhvcNAQELBQADggEBAIDO9xVGXcNQs6J9sjmgNRh73cZ9w7u5sGTd JeFh1kImbcHaAx91vrmwu+1vBEweFV32VQgQDZd3S/RoOnvucMEjON/n5FNI8u0a SZiFdzXIXQA2+fvUtVAEQKB+sAtnuKuUcHpVpKDvT3lyE86EWHw74A5v6cz6edPI BuKX/QQYFF6VWwyV7/hBPjZk8M8bIi8L0smLETTMsmoWLvS23FdVSeUGgaFYlVxX 4xrMmz5M84C570rPt09WLx3cQyt206v+WJLd9cCZHsW+5FZS07+Xhu6fHP79eC0Q wzad+LRudXbQZzlHIgD4rc9tHXmIBiJKCqY0/kRfUPZqX54TErg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:43 2026 by rpki-client