$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144298.roa File: AS144298.roa (raw, json) Hash identifier: FTIZEKKT23EIo21Zxi0JfL5Q54w62/TX/Ljgxp/gxQ4= Subject key identifier: EE:30:A0:83:61:8D:BE:CB:E7:12:FC:62:89:5B:98:23:D9:15:98:1B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 43D70E9E093A20FE24C610B209037D1F49D9D9FF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144298.roa Signing time: Wed 04 Mar 2026 06:13:53 +0000 ROA not before: Wed 04 Mar 2026 06:08:53 +0000 ROA not after: Wed 03 Mar 2027 06:13:53 +0000 asID: 144298 IP address blocks: 240a:a670::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d7:0e:9e:09:3a:20:fe:24:c6:10:b2:09:03:7d:1f:49:d9:d9:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:53 2026 GMT Not After : Mar 3 06:13:53 2027 GMT Subject: CN=EE30A083618DBECBE712FC62895B9823D915981B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4f:6d:50:ca:02:e0:eb:8b:36:30:3f:ad:b7: e0:72:90:30:d4:0d:b9:4e:a3:40:4c:3c:29:64:14: 23:f3:95:a9:97:41:13:0f:c4:43:e9:f8:28:f0:ec: bf:02:ec:0d:a2:e9:69:e6:67:4c:47:c1:aa:63:37: bd:f5:0b:66:04:96:59:97:7c:4c:df:f9:3e:8a:14: 70:af:5a:18:d0:d9:9c:c6:06:bb:5a:78:f4:bb:fd: a3:a0:10:5f:ca:a1:00:f0:3d:74:82:cd:85:25:c3: 75:5a:ec:0f:29:a5:51:0c:4d:dc:71:9a:a9:24:c6: bd:70:fc:41:6c:f9:0c:62:58:ca:1c:2a:f0:91:15: a1:e5:83:45:d9:e4:cb:ea:fc:6c:11:eb:0b:fb:41: 6b:fd:cc:de:79:81:83:8c:f6:6e:8c:10:e1:e2:91: 19:ea:e6:42:74:39:97:a4:4e:9e:79:8e:b4:f0:f3: ed:27:92:a5:5b:b3:22:36:90:24:c9:89:6b:e4:79: c9:e6:18:13:df:25:cd:4a:e3:d7:01:20:90:04:a1: d1:46:51:3e:b3:67:9b:b6:f9:db:57:d1:7e:64:8e: 3a:03:55:34:04:a4:0e:9e:6d:05:50:17:1a:83:d1: 83:3c:54:e5:0b:e7:70:2c:43:08:cc:33:7f:e1:08: ff:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:30:A0:83:61:8D:BE:CB:E7:12:FC:62:89:5B:98:23:D9:15:98:1B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144298.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a670::/32 Signature Algorithm: sha256WithRSAEncryption 52:f9:50:c7:8e:00:1e:df:4e:ee:c1:1f:f4:db:01:c8:bb:26: 8d:70:b9:19:a6:0e:43:78:fc:0f:2b:55:5e:c1:1c:d5:85:54: 64:5e:52:1e:b4:fd:65:28:a7:d4:15:52:d4:e3:a1:a9:3e:09: 68:51:0b:b1:b7:4a:85:49:b0:88:91:bd:25:cf:fd:14:ea:4f: a7:16:9a:8c:e8:56:be:27:42:ab:90:b7:9e:83:7d:e2:41:40: 88:6b:f9:dd:2d:a2:bd:86:d4:27:ef:47:75:30:72:cf:e7:76: 22:21:cd:07:03:ec:b6:e9:f6:42:e6:64:18:b0:89:62:5d:98: a4:54:f4:00:cb:f2:dd:b0:2e:1c:8a:5f:80:57:7c:b7:a1:96: 18:76:a5:63:43:25:94:17:69:ab:1a:4c:e2:b4:dc:19:97:45: 41:38:04:fe:44:68:82:34:ba:66:67:d0:79:e0:fe:79:cc:f9: a8:80:ac:c6:ab:10:c6:08:ba:28:af:da:cc:ab:ec:d9:f6:6e: 04:29:91:04:10:0d:dd:9c:82:7a:aa:64:db:20:52:79:41:b4: 24:e4:f8:36:d1:81:e2:05:c2:c6:80:71:44:82:7e:11:42:fb: 5c:8b:2e:d3:86:41:b5:af:ed:8b:98:a3:87:78:3f:bd:d6:09: 0d:7c:07:dc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQ9cOngk6IP4kxhCyCQN9H0nZ2f8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1M1oX DTI3MDMwMzA2MTM1M1owMzExMC8GA1UEAxMoRUUzMEEwODM2MThEQkVDQkU3MTJG QzYyODk1Qjk4MjNEOTE1OTgxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMdPbVDKAuDrizYwP6234HKQMNQNuU6jQEw8KWQUI/OVqZdBEw/EQ+n4KPDs vwLsDaLpaeZnTEfBqmM3vfULZgSWWZd8TN/5PooUcK9aGNDZnMYGu1p49Lv9o6AQ X8qhAPA9dILNhSXDdVrsDymlUQxN3HGaqSTGvXD8QWz5DGJYyhwq8JEVoeWDRdnk y+r8bBHrC/tBa/3M3nmBg4z2bowQ4eKRGermQnQ5l6ROnnmOtPDz7SeSpVuzIjaQ JMmJa+R5yeYYE98lzUrj1wEgkASh0UZRPrNnm7b521fRfmSOOgNVNASkDp5tBVAX GoPRgzxU5QvncCxDCMwzf+EI/68CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTuMKCD YY2+y+cS/GKJW5gj2RWYGzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pnAwDQYJKoZIhvcNAQELBQADggEBAFL5UMeOAB7fTu7BH/TbAci7Jo1wuRmmDkN4 /A8rVV7BHNWFVGReUh60/WUop9QVUtTjoak+CWhRC7G3SoVJsIiRvSXP/RTqT6cW mozoVr4nQquQt56DfeJBQIhr+d0tor2G1CfvR3Uwcs/ndiIhzQcD7Lbp9kLmZBiw iWJdmKRU9ADL8t2wLhyKX4BXfLehlhh2pWNDJZQXaasaTOK03BmXRUE4BP5EaII0 umZn0Hng/nnM+aiArMarEMYIuiiv2syr7Nn2bgQpkQQQDd2cgnqqZNsgUnlBtCTk +DbRgeIFwsaAcUSCfhFC+1yLLtOGQbWv7YuYo4d4P73WCQ18B9w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:08 2026 by rpki-client