$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144273.roa File: AS144273.roa (raw, json) Hash identifier: 5y0B9vKX/4lBKEdDJlJgmAldqQh7dQ/Dopyapcj+WRo= Subject key identifier: 3C:0A:B9:7E:71:84:65:A3:1B:BF:FD:EE:74:59:BC:B9:07:81:C4:0A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 31451B1A57CE33883B6E1E2CADCC2D1C9F39C8B8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144273.roa Signing time: Wed 04 Mar 2026 06:15:28 +0000 ROA not before: Wed 04 Mar 2026 06:10:28 +0000 ROA not after: Wed 03 Mar 2027 06:15:28 +0000 asID: 144273 IP address blocks: 240a:a657::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:45:1b:1a:57:ce:33:88:3b:6e:1e:2c:ad:cc:2d:1c:9f:39:c8:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:28 2026 GMT Not After : Mar 3 06:15:28 2027 GMT Subject: CN=3C0AB97E718465A31BBFFDEE7459BCB90781C40A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9c:b0:df:c4:83:bc:8b:0b:d5:51:5d:7d:90: 06:57:93:db:d4:89:9c:02:4f:66:1f:8f:3d:12:b1: 72:5d:55:b0:d9:85:5e:83:64:c5:fc:27:e2:a5:55: a0:9e:80:45:0d:a2:73:8d:ed:81:96:c5:39:d4:f0: 26:a2:54:48:12:a3:90:9c:3a:5e:43:fa:25:7f:b6: 5f:c6:ce:19:36:7f:a3:b2:ee:be:48:6a:73:3a:42: 0a:39:44:fe:8f:f9:bb:64:89:23:fe:d7:dc:15:b0: f1:90:6d:56:50:76:00:4c:74:52:91:1f:ad:ad:85: a2:f9:3c:ef:69:97:7c:64:52:1e:38:be:61:55:8a: af:96:ed:1e:29:33:98:25:22:c7:da:4f:ae:e0:6a: cc:8d:68:9e:af:e1:16:fd:b3:c4:45:b7:33:c6:07: 5c:2d:a6:e2:5e:1d:ab:77:6b:b9:61:75:77:a0:bf: 91:76:bd:26:0f:97:1b:ec:28:22:8e:b9:9a:59:e5: 3a:6e:fd:f0:6f:c1:0f:4b:ee:67:9a:ef:2d:8a:73: 55:ff:46:55:be:db:d0:82:6a:f3:f0:69:60:4a:2f: 2f:47:1b:21:d5:f3:47:c3:47:03:ed:31:12:7b:c6: 83:a9:1e:c1:42:eb:03:c6:a2:02:c2:23:47:b2:07: fa:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:0A:B9:7E:71:84:65:A3:1B:BF:FD:EE:74:59:BC:B9:07:81:C4:0A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144273.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a657::/32 Signature Algorithm: sha256WithRSAEncryption 73:fc:0b:72:be:e7:ca:d3:b2:b3:ad:5f:5d:3a:2a:be:08:25: 4a:12:fb:86:98:c0:9d:8c:8a:b9:3e:e5:40:93:04:44:49:a7: e0:16:0f:13:96:0c:ee:9c:5f:72:08:12:af:0b:68:64:ab:aa: 65:42:49:30:b0:53:74:6a:37:87:01:7f:6c:ac:cf:3b:5e:5a: f9:84:59:c9:4b:83:c0:3c:71:d4:36:90:26:c9:f1:2a:64:69: b2:aa:b8:d9:0f:db:b4:92:7f:7c:49:a3:1a:bd:5c:d3:a8:51: 23:ee:b6:05:bd:5c:d2:5e:f4:b1:26:c9:ed:dd:8e:4d:8d:89: 81:a4:18:45:98:56:cf:49:b6:da:b4:c5:1e:d2:b7:7e:b0:ef: 0b:5c:cf:69:84:19:3d:9e:aa:fe:da:df:7f:43:dd:b2:15:ad: 13:7f:bd:ac:4d:66:42:f8:d3:7c:96:a4:0a:5f:b8:6a:08:52: f5:b5:51:71:65:8f:49:45:61:19:f6:ee:ba:aa:ff:98:a0:d1: b7:eb:bc:3b:ee:3d:6a:91:0b:b0:1e:9a:f2:64:58:b5:88:1b: 9d:58:8a:b7:b4:26:d8:94:74:9d:af:bc:bb:f2:b4:63:5b:92: 44:1b:72:4e:83:c0:60:2a:88:66:4e:ef:ec:6c:07:95:1c:64: 71:f7:01:1f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMUUbGlfOM4g7bh4srcwtHJ85yLgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyOFoX DTI3MDMwMzA2MTUyOFowMzExMC8GA1UEAxMoM0MwQUI5N0U3MTg0NjVBMzFCQkZG REVFNzQ1OUJDQjkwNzgxQzQwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKcsN/Eg7yLC9VRXX2QBleT29SJnAJPZh+PPRKxcl1VsNmFXoNkxfwn4qVV oJ6ARQ2ic43tgZbFOdTwJqJUSBKjkJw6XkP6JX+2X8bOGTZ/o7LuvkhqczpCCjlE /o/5u2SJI/7X3BWw8ZBtVlB2AEx0UpEfra2Fovk872mXfGRSHji+YVWKr5btHikz mCUix9pPruBqzI1onq/hFv2zxEW3M8YHXC2m4l4dq3druWF1d6C/kXa9Jg+XG+wo Io65mlnlOm798G/BD0vuZ5rvLYpzVf9GVb7b0IJq8/BpYEovL0cbIdXzR8NHA+0x EnvGg6kewULrA8aiAsIjR7IH+sMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ8Crl+ cYRloxu//e50Wby5B4HECjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK plcwDQYJKoZIhvcNAQELBQADggEBAHP8C3K+58rTsrOtX106Kr4IJUoS+4aYwJ2M irk+5UCTBERJp+AWDxOWDO6cX3IIEq8LaGSrqmVCSTCwU3RqN4cBf2yszzteWvmE WclLg8A8cdQ2kCbJ8SpkabKquNkP27SSf3xJoxq9XNOoUSPutgW9XNJe9LEmye3d jk2NiYGkGEWYVs9Jttq0xR7St36w7wtcz2mEGT2eqv7a339D3bIVrRN/vaxNZkL4 03yWpApfuGoIUvW1UXFlj0lFYRn27rqq/5ig0bfrvDvuPWqRC7AemvJkWLWIG51Y ire0JtiUdJ2vvLvytGNbkkQbck6DwGAqiGZO7+xsB5UcZHH3AR8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:33 2026 by rpki-client