$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144299.roa File: AS144299.roa (raw, json) Hash identifier: kGlXSSqXyQ/4HiFYuXTVuNp3XI1zAoPEOeNltQ7N6Kk= Subject key identifier: D3:40:CD:E5:9B:50:92:56:77:18:8C:4A:AE:DC:B7:4C:65:EB:97:AF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6484F6F52347CCF8184CF86671B6D8655AB12038 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144299.roa Signing time: Wed 04 Mar 2026 06:14:08 +0000 ROA not before: Wed 04 Mar 2026 06:09:08 +0000 ROA not after: Wed 03 Mar 2027 06:14:08 +0000 asID: 144299 IP address blocks: 240a:a671::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:84:f6:f5:23:47:cc:f8:18:4c:f8:66:71:b6:d8:65:5a:b1:20:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:08 2026 GMT Not After : Mar 3 06:14:08 2027 GMT Subject: CN=D340CDE59B50925677188C4AAEDCB74C65EB97AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6e:b5:d9:97:68:0b:5e:35:b6:2e:9c:a5:f8: a7:95:b9:00:82:e6:e4:50:bb:66:56:11:4e:f4:f7: b8:3d:bc:5d:e9:72:db:4c:d0:cb:68:d9:17:90:f5: 15:37:72:c5:17:85:ee:a0:6a:a8:06:45:af:a3:03: 8c:35:9f:f7:9f:a6:f1:7a:fb:cd:f3:75:cc:e4:a0: d5:c4:23:99:11:cd:30:e1:dd:5f:2a:db:c1:7f:42: 90:82:18:bf:c5:45:90:fc:cc:97:94:16:e4:67:34: 60:ca:59:a7:23:8a:67:ae:0d:c1:1e:40:a4:eb:ff: a2:11:69:b0:cb:a0:15:7f:9e:5e:27:09:0e:4c:95: 3d:ac:2f:f2:18:da:6a:29:ba:47:1c:cb:fc:b6:57: 1e:a4:f8:90:fc:95:0e:64:de:a0:5c:77:19:f9:e2: 94:4e:57:67:30:5a:b4:2e:b3:a6:58:82:bb:70:7c: ff:74:85:65:2a:05:6d:6c:13:35:1a:3e:5e:6e:03: 8a:96:31:1d:98:2d:95:78:cb:16:85:1e:d0:33:4b: 55:1c:9f:19:84:64:77:cc:43:93:5b:19:df:a6:11: e1:be:eb:67:43:e1:c2:bc:81:6d:46:0a:7e:5c:30: 14:d6:d2:25:7b:43:f5:49:0f:5e:db:71:4e:e7:27: f4:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:40:CD:E5:9B:50:92:56:77:18:8C:4A:AE:DC:B7:4C:65:EB:97:AF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144299.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a671::/32 Signature Algorithm: sha256WithRSAEncryption 5f:0a:4f:51:12:df:42:a1:a2:05:6b:05:35:19:a9:96:21:9e: 7c:91:ee:b7:3d:c7:fe:09:5d:2f:d2:0a:1e:5a:83:80:1e:23: 0d:fd:ab:a1:d0:56:68:8a:b0:d5:c4:ad:bb:23:8d:d4:18:cb: ff:3b:8a:c1:7a:09:b5:73:14:98:10:85:63:11:96:9c:65:be: 3b:d3:7b:ad:22:14:db:27:16:b1:c5:e9:ef:ac:16:95:c1:6e: 3a:c1:9d:89:01:e9:e9:2f:14:02:95:a5:c2:63:ad:20:94:c8: 2e:2c:18:69:ea:5a:7f:4e:13:cc:e9:8d:40:3d:79:f5:2a:3e: 38:fb:cd:57:ad:27:d9:87:5d:1c:d2:c0:31:05:11:f1:97:32: 05:a8:2a:12:21:22:0d:6a:ba:77:e8:8d:d5:15:38:35:c9:0d: 90:bf:44:72:f1:c5:7a:c6:4c:2c:2c:db:f2:5f:a8:e4:3a:df: 6c:4a:06:a0:be:0d:b8:fe:fa:80:ba:72:f6:a2:c9:81:4c:59: de:df:72:49:ea:b7:d7:45:c7:9e:6f:7b:9e:e6:d4:3b:68:e0: 6c:5a:af:ee:54:2d:8b:c0:ee:66:07:6b:86:99:50:ab:5e:aa: 2b:49:79:23:ce:2c:28:8f:a1:71:f7:95:9b:15:a3:50:7a:b8: a7:9f:a9:e5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZIT29SNHzPgYTPhmcbbYZVqxIDgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwOFoX DTI3MDMwMzA2MTQwOFowMzExMC8GA1UEAxMoRDM0MENERTU5QjUwOTI1Njc3MTg4 QzRBQUVEQ0I3NEM2NUVCOTdBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFutdmXaAteNbYunKX4p5W5AILm5FC7ZlYRTvT3uD28Xely20zQy2jZF5D1 FTdyxReF7qBqqAZFr6MDjDWf95+m8Xr7zfN1zOSg1cQjmRHNMOHdXyrbwX9CkIIY v8VFkPzMl5QW5Gc0YMpZpyOKZ64NwR5ApOv/ohFpsMugFX+eXicJDkyVPawv8hja aim6RxzL/LZXHqT4kPyVDmTeoFx3GfnilE5XZzBatC6zpliCu3B8/3SFZSoFbWwT NRo+Xm4DipYxHZgtlXjLFoUe0DNLVRyfGYRkd8xDk1sZ36YR4b7rZ0PhwryBbUYK flwwFNbSJXtD9UkPXttxTucn9GMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTTQM3l m1CSVncYjEqu3LdMZeuXrzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDI5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pnEwDQYJKoZIhvcNAQELBQADggEBAF8KT1ES30KhogVrBTUZqZYhnnyR7rc9x/4J XS/SCh5ag4AeIw39q6HQVmiKsNXErbsjjdQYy/87isF6CbVzFJgQhWMRlpxlvjvT e60iFNsnFrHF6e+sFpXBbjrBnYkB6ekvFAKVpcJjrSCUyC4sGGnqWn9OE8zpjUA9 efUqPjj7zVetJ9mHXRzSwDEFEfGXMgWoKhIhIg1qunfojdUVODXJDZC/RHLxxXrG TCws2/JfqOQ632xKBqC+Dbj++oC6cvaiyYFMWd7fcknqt9dFx55ve57m1Dto4Gxa r+5ULYvA7mYHa4aZUKteqitJeSPOLCiPoXH3lZsVo1B6uKefqeU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:24 2026 by rpki-client