$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144287.roa File: AS144287.roa (raw, json) Hash identifier: tcw9c/aSC3l1l90wlzP1Kk+qWFOT37Vr3Xy8jBiXPSc= Subject key identifier: 33:28:6F:B8:72:B7:26:ED:93:8C:47:BB:30:A5:A9:B3:64:72:64:30 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1BA911AD1AEFBD00467F9CB97BEE088A88A9148F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144287.roa Signing time: Wed 04 Mar 2026 06:13:26 +0000 ROA not before: Wed 04 Mar 2026 06:08:26 +0000 ROA not after: Wed 03 Mar 2027 06:13:26 +0000 asID: 144287 IP address blocks: 240a:a665::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:a9:11:ad:1a:ef:bd:00:46:7f:9c:b9:7b:ee:08:8a:88:a9:14:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:26 2026 GMT Not After : Mar 3 06:13:26 2027 GMT Subject: CN=33286FB872B726ED938C47BB30A5A9B364726430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:3f:dc:1b:34:f1:2c:f9:d7:32:87:05:28:c5: a3:88:78:d8:2b:48:5a:24:05:4d:23:b5:bc:86:15: 85:83:2c:05:c5:25:01:89:7d:f0:66:02:9f:44:cd: fb:19:05:cc:b3:9a:8d:d2:82:f8:af:2f:78:95:fe: 8f:9c:a1:2d:55:fb:b3:16:87:e5:a8:69:93:1f:0e: a7:1b:b3:3c:c2:98:b9:eb:64:a4:97:71:73:6c:37: 8b:11:ee:c0:fa:45:fe:ea:16:27:76:f4:0b:66:03: cd:a2:46:66:e1:e4:f0:e6:b4:76:03:e4:24:c5:86: 73:0e:b6:b8:74:c3:5a:24:4e:67:94:fe:57:5a:d6: fa:06:81:3d:13:89:bb:e4:ea:89:e2:f4:83:34:16: ff:01:67:7c:4e:0b:9b:04:3f:85:6f:64:3d:c6:44: bc:a8:dc:b8:80:c2:cf:5a:f5:0f:1c:dc:63:aa:24: c2:64:14:e5:8c:2a:3f:b8:14:20:41:81:2c:16:51: 5e:a8:b4:a3:8f:15:c4:5d:06:ed:f7:06:4a:b5:be: 56:2d:89:89:71:b8:f3:b4:4b:9a:06:0c:c1:fd:5b: 78:d6:c5:44:5e:e8:40:38:17:cd:4a:55:45:d1:6d: c4:a2:8c:7e:e5:5b:dc:09:fd:24:86:55:54:8a:dc: 87:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:28:6F:B8:72:B7:26:ED:93:8C:47:BB:30:A5:A9:B3:64:72:64:30 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144287.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a665::/32 Signature Algorithm: sha256WithRSAEncryption ac:10:f1:c0:90:bf:a8:69:a9:d2:9f:5c:27:ed:d7:b3:89:dd: 2c:c8:3e:c6:28:76:d6:73:8a:46:b9:98:c0:27:19:a2:8a:a7: ce:f5:bb:94:7c:8d:95:ca:8b:2a:21:c8:40:cc:4d:76:22:65: b9:c4:40:06:1f:cb:c6:94:59:2a:57:12:94:ac:53:ac:9c:b5: 7f:6a:0a:b4:d7:49:b3:de:0b:c0:58:7a:7e:28:58:7d:1b:cb: 7f:61:aa:65:71:02:e7:93:05:95:0c:ea:65:77:71:06:5a:31: 87:5b:52:55:ae:7d:6a:75:7e:71:6f:6e:bc:91:5c:a1:15:72: 18:d6:e9:11:8b:92:44:47:c7:ef:e3:0f:7f:10:34:a0:ea:f9: 77:c7:27:28:97:06:85:68:93:d9:85:a8:1b:c8:95:53:5a:ac: bf:49:1d:b5:63:1f:70:a3:cd:d5:2b:9d:1c:fc:4c:ce:43:ca: 15:67:cb:df:d4:2b:f5:22:70:6d:89:7a:c4:16:74:ee:16:d8: 9b:cb:52:dc:76:46:a3:e3:a2:68:30:09:93:88:8d:2b:c1:7d: 8a:f4:58:67:4f:3a:69:0d:d6:f5:d9:95:65:da:1e:8b:d0:5a: 4e:95:34:74:84:5e:dd:56:a3:e3:ac:a1:f2:65:e3:ea:09:23: 2b:f9:9a:5e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG6kRrRrvvQBGf5y5e+4IioipFI8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyNloX DTI3MDMwMzA2MTMyNlowMzExMC8GA1UEAxMoMzMyODZGQjg3MkI3MjZFRDkzOEM0 N0JCMzBBNUE5QjM2NDcyNjQzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIk/3Bs08Sz51zKHBSjFo4h42CtIWiQFTSO1vIYVhYMsBcUlAYl98GYCn0TN +xkFzLOajdKC+K8veJX+j5yhLVX7sxaH5ahpkx8OpxuzPMKYuetkpJdxc2w3ixHu wPpF/uoWJ3b0C2YDzaJGZuHk8Oa0dgPkJMWGcw62uHTDWiROZ5T+V1rW+gaBPROJ u+TqieL0gzQW/wFnfE4LmwQ/hW9kPcZEvKjcuIDCz1r1DxzcY6okwmQU5YwqP7gU IEGBLBZRXqi0o48VxF0G7fcGSrW+Vi2JiXG487RLmgYMwf1beNbFRF7oQDgXzUpV RdFtxKKMfuVb3An9JIZVVIrch38CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQzKG+4 crcm7ZOMR7swpamzZHJkMDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pmUwDQYJKoZIhvcNAQELBQADggEBAKwQ8cCQv6hpqdKfXCft17OJ3SzIPsYodtZz ika5mMAnGaKKp871u5R8jZXKiyohyEDMTXYiZbnEQAYfy8aUWSpXEpSsU6yctX9q CrTXSbPeC8BYen4oWH0by39hqmVxAueTBZUM6mV3cQZaMYdbUlWufWp1fnFvbryR XKEVchjW6RGLkkRHx+/jD38QNKDq+XfHJyiXBoVok9mFqBvIlVNarL9JHbVjH3Cj zdUrnRz8TM5DyhVny9/UK/UicG2JesQWdO4W2JvLUtx2RqPjomgwCZOIjSvBfYr0 WGdPOmkN1vXZlWXaHovQWk6VNHSEXt1Wo+OsofJl4+oJIyv5ml4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:47 2026 by rpki-client