$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144288.roa File: AS144288.roa (raw, json) Hash identifier: 4QvIMTU8/EQYxeN4VIpBFf5BwrRYQX3F6gx9juZ/rQs= Subject key identifier: BD:9A:13:84:66:42:5F:2E:D0:42:63:4A:A1:1F:C2:9F:17:66:B9:65 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1C43DF0C8DBC533AFD59629406DA433A314C0DFD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144288.roa Signing time: Wed 04 Mar 2026 06:14:52 +0000 ROA not before: Wed 04 Mar 2026 06:09:52 +0000 ROA not after: Wed 03 Mar 2027 06:14:52 +0000 asID: 144288 IP address blocks: 240a:a666::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:43:df:0c:8d:bc:53:3a:fd:59:62:94:06:da:43:3a:31:4c:0d:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:52 2026 GMT Not After : Mar 3 06:14:52 2027 GMT Subject: CN=BD9A138466425F2ED042634AA11FC29F1766B965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:a5:59:be:e2:1d:a4:a0:7d:3a:94:78:f8:95: ef:36:a3:1c:9a:52:3a:71:db:ee:51:41:d8:d7:aa: c9:5d:18:29:df:1f:6f:69:7b:78:fc:e3:00:f4:53: b6:b9:af:25:97:38:e6:df:5e:6e:16:d4:dd:66:6c: 12:bd:1c:f3:e8:bc:ef:70:f0:ee:81:89:7f:79:ba: 42:46:91:d0:f7:3b:75:b0:6b:cb:fc:d0:85:46:9d: a9:d0:55:45:3a:a7:a0:23:83:4e:4e:b2:e3:75:00: 15:48:50:63:a8:1d:e8:14:c5:a3:ca:c5:5d:17:b5: 6d:e0:ed:3f:c7:76:65:2e:66:f0:fc:07:37:4f:3a: 59:32:ef:a3:bd:fa:bf:c7:4a:af:aa:8b:e8:f0:0c: 57:c3:14:fb:86:bd:86:ba:f1:04:ba:1e:4d:fd:7d: c3:5d:6b:53:2f:65:ef:b6:b6:81:66:64:3e:e8:df: 0d:df:a5:f1:e2:0c:b4:5d:a0:c9:61:86:33:9c:96: b1:66:a8:f0:98:1b:5c:09:3a:0f:d6:8b:33:97:02: ad:78:db:34:a8:63:c4:9b:ea:5b:6d:cd:e1:3a:97: 58:fa:89:bc:3c:8f:54:8b:70:fa:04:e5:ac:6e:5f: dc:62:10:f9:1c:49:19:c7:03:e8:3a:2a:80:eb:e4: f8:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:9A:13:84:66:42:5F:2E:D0:42:63:4A:A1:1F:C2:9F:17:66:B9:65 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144288.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a666::/32 Signature Algorithm: sha256WithRSAEncryption 72:21:be:6f:e2:63:5b:b0:8f:2e:84:33:9f:b2:20:7a:4c:2d: 25:08:c5:75:d2:2b:de:bd:ce:26:ea:3c:3a:d0:cc:9e:47:fa: c9:84:84:37:75:cb:43:3d:13:3f:a8:52:3a:e4:ad:07:7e:ac: 9e:58:83:d7:a1:db:86:dd:03:7a:ea:f0:eb:f5:43:74:d9:e3: 18:97:59:86:d4:24:fd:f8:22:77:c0:dd:3f:cb:6c:14:2b:ba: a3:ed:db:52:33:75:d6:c5:67:2e:9b:be:f4:2b:9a:d3:7c:78: f6:eb:11:4b:d1:a5:fc:25:81:b1:61:ac:9b:cc:0e:f9:5d:5c: c1:6e:6b:37:f5:4d:6f:b1:15:70:25:8e:87:f6:89:fe:6f:c5: 10:a3:f1:9e:d0:5e:0e:28:14:b6:f0:fe:b7:eb:44:d5:d9:90: e2:eb:62:36:c7:82:d4:19:81:09:23:83:cc:e4:19:06:b8:54: d4:43:ba:aa:99:57:5a:10:b4:c8:a4:a5:17:6f:a4:15:8f:46: 0e:83:50:ef:a4:71:c6:9d:62:65:d1:94:66:a3:96:8c:11:f0: 27:ef:2d:68:ce:20:20:1a:42:1e:db:21:57:6b:65:30:3c:79: fa:e5:b8:9d:c4:18:a8:81:70:28:2e:03:c8:fb:9a:94:1a:5a: 39:e2:c0:1b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHEPfDI28Uzr9WWKUBtpDOjFMDf0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk1MloX DTI3MDMwMzA2MTQ1MlowMzExMC8GA1UEAxMoQkQ5QTEzODQ2NjQyNUYyRUQwNDI2 MzRBQTExRkMyOUYxNzY2Qjk2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAImlWb7iHaSgfTqUePiV7zajHJpSOnHb7lFB2NeqyV0YKd8fb2l7ePzjAPRT trmvJZc45t9ebhbU3WZsEr0c8+i873Dw7oGJf3m6QkaR0Pc7dbBry/zQhUadqdBV RTqnoCODTk6y43UAFUhQY6gd6BTFo8rFXRe1beDtP8d2ZS5m8PwHN086WTLvo736 v8dKr6qL6PAMV8MU+4a9hrrxBLoeTf19w11rUy9l77a2gWZkPujfDd+l8eIMtF2g yWGGM5yWsWao8JgbXAk6D9aLM5cCrXjbNKhjxJvqW23N4TqXWPqJvDyPVItw+gTl rG5f3GIQ+RxJGccD6DoqgOvk+GMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS9mhOE ZkJfLtBCY0qhH8KfF2a5ZTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pmYwDQYJKoZIhvcNAQELBQADggEBAHIhvm/iY1uwjy6EM5+yIHpMLSUIxXXSK969 zibqPDrQzJ5H+smEhDd1y0M9Ez+oUjrkrQd+rJ5Yg9eh24bdA3rq8Ov1Q3TZ4xiX WYbUJP34InfA3T/LbBQruqPt21IzddbFZy6bvvQrmtN8ePbrEUvRpfwlgbFhrJvM DvldXMFuazf1TW+xFXAljof2if5vxRCj8Z7QXg4oFLbw/rfrRNXZkOLrYjbHgtQZ gQkjg8zkGQa4VNRDuqqZV1oQtMikpRdvpBWPRg6DUO+kccadYmXRlGajlowR8Cfv LWjOICAaQh7bIVdrZTA8efrluJ3EGKiBcCguA8j7mpQaWjniwBs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:52 2026 by rpki-client