$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144280.roa File: AS144280.roa (raw, json) Hash identifier: grkaFwrnpfkNCpaNbGLP/oVOCPILN7udA3MKxuAbpYI= Subject key identifier: 98:70:14:F9:DC:AF:FB:B5:4D:77:12:3A:E9:6A:1E:00:6B:AB:3A:46 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0A9EE28F0E45B45FF3F116F226E841C8FCBE7610 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144280.roa Signing time: Wed 04 Mar 2026 06:13:32 +0000 ROA not before: Wed 04 Mar 2026 06:08:32 +0000 ROA not after: Wed 03 Mar 2027 06:13:32 +0000 asID: 144280 IP address blocks: 240a:a65e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:9e:e2:8f:0e:45:b4:5f:f3:f1:16:f2:26:e8:41:c8:fc:be:76:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:32 2026 GMT Not After : Mar 3 06:13:32 2027 GMT Subject: CN=987014F9DCAFFBB54D77123AE96A1E006BAB3A46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:3a:43:c3:70:ea:1d:99:c3:47:7f:78:69:a8: a7:b3:ed:70:e5:27:f3:89:11:89:6e:e1:17:32:41: 79:1c:39:30:18:5c:40:d3:df:04:55:67:47:b8:e3: e9:21:eb:e2:f6:dc:2b:25:3d:4a:16:d1:5c:5e:60: e8:73:dd:b2:8f:e2:d7:ce:85:12:c8:b0:4c:12:51: a9:59:44:37:1e:f4:d8:4f:5f:8e:b8:e8:da:fe:05: ed:91:1e:96:22:58:cd:f0:b7:26:52:b7:7f:15:30: 42:c7:f4:41:7f:a0:c7:0e:ca:45:e8:81:3d:0c:10: db:96:bf:ad:5b:a5:20:13:66:cc:86:0a:4b:e3:9c: 1a:62:f9:76:8c:7e:c8:54:52:01:c2:23:ca:e7:dc: 2f:ff:69:90:a5:c1:cb:c9:65:89:3a:68:03:9e:49: f7:a4:55:9b:6d:e1:b5:ec:d3:8d:74:0d:ab:02:d1: fc:b9:10:d0:3e:3a:fc:08:02:0f:ea:e5:2b:ca:83: 9b:4f:1b:3e:a0:c4:62:07:f5:e7:a9:4c:f1:33:b1: 1b:80:3f:b5:49:fd:20:7f:89:05:ca:02:3d:90:2b: a9:7f:a1:eb:4c:ec:83:2b:0f:df:20:17:e0:49:41: 56:7c:c9:8c:a5:9a:3b:58:e3:7f:80:72:f1:52:82: e0:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:70:14:F9:DC:AF:FB:B5:4D:77:12:3A:E9:6A:1E:00:6B:AB:3A:46 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144280.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a65e::/32 Signature Algorithm: sha256WithRSAEncryption 51:a8:6a:32:f5:c1:34:8c:54:85:4b:34:b5:32:0c:e1:5d:c3: 69:7f:3e:01:66:9d:ae:e4:5e:43:cf:8d:5b:c8:79:82:2c:be: 0e:ac:a1:70:cc:1e:f0:b7:df:1a:2f:b1:36:c5:98:21:ad:b6: f6:78:9f:90:91:8a:d5:5b:5b:81:30:9a:6d:f7:93:f8:1f:bf: 06:08:23:7e:00:b7:6f:a0:66:5c:b6:57:00:79:f8:a1:a2:70: dc:5a:a6:85:9e:d4:5d:68:0d:c4:95:e0:fb:21:db:ad:33:09: 9b:86:9c:94:11:41:b2:ea:77:5f:ca:67:c6:e7:7a:4c:d1:8e: ae:1e:8f:96:9c:0f:b1:45:99:7b:c2:30:70:3d:26:2d:6f:38: d2:22:bd:3a:8f:a4:67:12:5b:55:4f:de:93:37:79:51:42:81: ce:8e:3e:c8:d3:eb:65:1c:aa:43:3b:61:b2:01:87:74:80:f1: ad:e7:b8:06:3b:8a:68:ea:6a:22:8f:3f:38:12:aa:ea:5e:2b: af:6b:b3:d2:52:df:d1:3f:73:4b:e8:77:59:4c:cc:af:bc:a0: 2d:f9:29:ad:eb:6c:f8:b8:8e:a5:13:d9:0e:cc:9e:3c:45:5a: 38:ab:73:85:0d:8c:8e:af:c2:ed:76:e2:ba:11:2f:b0:ea:89: aa:41:af:c9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCp7ijw5FtF/z8RbyJuhByPy+dhAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzMloX DTI3MDMwMzA2MTMzMlowMzExMC8GA1UEAxMoOTg3MDE0RjlEQ0FGRkJCNTRENzcx MjNBRTk2QTFFMDA2QkFCM0E0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQ6Q8Nw6h2Zw0d/eGmop7PtcOUn84kRiW7hFzJBeRw5MBhcQNPfBFVnR7jj 6SHr4vbcKyU9ShbRXF5g6HPdso/i186FEsiwTBJRqVlENx702E9fjrjo2v4F7ZEe liJYzfC3JlK3fxUwQsf0QX+gxw7KReiBPQwQ25a/rVulIBNmzIYKS+OcGmL5dox+ yFRSAcIjyufcL/9pkKXBy8lliTpoA55J96RVm23htezTjXQNqwLR/LkQ0D46/AgC D+rlK8qDm08bPqDEYgf156lM8TOxG4A/tUn9IH+JBcoCPZArqX+h60zsgysP3yAX 4ElBVnzJjKWaO1jjf4By8VKC4MECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSYcBT5 3K/7tU13Ejrpah4Aa6s6RjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI4MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pl4wDQYJKoZIhvcNAQELBQADggEBAFGoajL1wTSMVIVLNLUyDOFdw2l/PgFmna7k XkPPjVvIeYIsvg6soXDMHvC33xovsTbFmCGttvZ4n5CRitVbW4Ewmm33k/gfvwYI I34At2+gZly2VwB5+KGicNxapoWe1F1oDcSV4Psh260zCZuGnJQRQbLqd1/KZ8bn ekzRjq4ej5acD7FFmXvCMHA9Ji1vONIivTqPpGcSW1VP3pM3eVFCgc6OPsjT62Uc qkM7YbIBh3SA8a3nuAY7imjqaiKPPzgSqupeK69rs9JS39E/c0vod1lMzK+8oC35 Ka3rbPi4jqUT2Q7MnjxFWjirc4UNjI6vwu124roRL7DqiapBr8k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client