$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144304.roa File: AS144304.roa (raw, json) Hash identifier: IoBH09ZrM650gUXiDI85A6+Z37DA9D2Kjid7wRoY7FI= Subject key identifier: 07:C4:32:9E:EF:AB:3F:5C:BC:0E:3D:2D:9C:DF:4A:84:0F:82:15:72 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 29289D7E47E7839A1ECA4546271F05642586B1E0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144304.roa Signing time: Wed 04 Mar 2026 06:13:13 +0000 ROA not before: Wed 04 Mar 2026 06:08:13 +0000 ROA not after: Wed 03 Mar 2027 06:13:13 +0000 asID: 144304 IP address blocks: 240a:a676::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:28:9d:7e:47:e7:83:9a:1e:ca:45:46:27:1f:05:64:25:86:b1:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:13 2026 GMT Not After : Mar 3 06:13:13 2027 GMT Subject: CN=07C4329EEFAB3F5CBC0E3D2D9CDF4A840F821572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:9a:ef:53:76:02:72:ec:27:c3:82:ee:27:4d: 4a:41:c3:85:f4:68:74:32:39:55:0a:8d:b3:a2:2b: 54:ea:7b:6b:1e:5c:8c:1a:53:ae:4d:ed:ec:d2:a9: 23:c8:ea:2b:ca:89:16:1b:b2:1b:9e:fd:16:18:14: 3b:a2:1b:ee:6f:95:ad:6e:a8:53:52:44:e1:85:e4: ee:24:24:60:7d:b5:d8:7e:6d:5a:2d:dc:f7:f0:77: 50:4c:52:56:ec:fc:25:ba:06:b9:66:b6:12:7e:aa: fb:54:55:1d:1a:25:11:a2:99:08:1e:d2:f3:26:50: 7c:32:8f:a5:c6:52:44:34:3e:18:44:4e:2d:9e:d1: a1:dc:65:89:64:86:bc:69:43:2e:cc:cc:0e:0a:85: b2:82:bc:d4:f8:f0:af:e7:f8:52:35:c4:42:c6:02: a4:4b:29:c1:f6:24:13:ef:ab:5c:9c:70:4a:a8:b2: 03:0c:7a:50:5a:80:94:7e:52:1c:d2:9c:e9:5d:f3: 09:a7:32:6e:94:e2:1d:cd:84:77:3a:c3:e5:3f:fe: 8c:36:3d:72:12:eb:bb:f5:08:49:d9:00:ab:d1:bb: 49:64:1b:e4:9c:20:ca:f7:a2:a0:bb:96:bb:34:dc: 22:17:ef:ba:e9:6e:c8:3d:a9:4b:8d:71:bf:85:bc: ee:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:C4:32:9E:EF:AB:3F:5C:BC:0E:3D:2D:9C:DF:4A:84:0F:82:15:72 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a676::/32 Signature Algorithm: sha256WithRSAEncryption 19:63:94:24:f0:e3:8c:a6:f2:19:15:10:a5:9a:00:ff:90:7c: 43:d0:6a:89:98:78:2a:e5:8f:97:cf:57:b3:05:c0:04:f8:01: d4:da:8e:2d:83:e8:4a:93:ed:78:49:fb:5b:61:21:cd:1a:fb: ce:a8:04:01:c4:fd:ec:6d:a2:4d:05:56:3e:da:95:ae:9b:67: ed:31:29:db:f6:00:74:67:dc:5c:25:86:f9:b9:99:f8:19:f8: 00:bf:7a:3b:85:9e:77:08:c4:a5:1e:66:d9:c8:72:c8:9e:72: 9c:d0:63:ee:67:2a:6b:f7:b0:9f:57:96:8f:3c:e7:b4:58:18: 5c:47:9f:f1:a4:8a:09:c7:1a:40:ac:6a:47:64:63:5f:dd:e4: 68:78:1c:25:46:61:12:24:d9:ef:c2:af:0a:4e:8e:77:29:1c: da:84:a2:eb:2e:ee:e0:8a:87:5f:95:e5:df:07:7b:bd:cc:82: 55:83:7d:68:be:5f:bd:cd:86:08:51:a8:42:91:a4:3d:23:d7: b0:3c:2a:0e:d0:e6:f6:27:e1:72:92:dd:1e:04:e2:c0:6a:7f: e1:a3:25:1a:c1:3c:9f:62:11:dd:aa:10:1e:c2:7d:8d:a2:56: 58:fa:68:da:4b:01:c2:a8:4e:ff:03:cd:27:2e:bb:f5:fd:06: e7:96:71:88 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKSidfkfng5oeykVGJx8FZCWGseAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxM1oX DTI3MDMwMzA2MTMxM1owMzExMC8GA1UEAxMoMDdDNDMyOUVFRkFCM0Y1Q0JDMEUz RDJEOUNERjRBODQwRjgyMTU3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANea71N2AnLsJ8OC7idNSkHDhfRodDI5VQqNs6IrVOp7ax5cjBpTrk3t7NKp I8jqK8qJFhuyG579FhgUO6Ib7m+VrW6oU1JE4YXk7iQkYH212H5tWi3c9/B3UExS Vuz8JboGuWa2En6q+1RVHRolEaKZCB7S8yZQfDKPpcZSRDQ+GEROLZ7RodxliWSG vGlDLszMDgqFsoK81Pjwr+f4UjXEQsYCpEspwfYkE++rXJxwSqiyAwx6UFqAlH5S HNKc6V3zCacybpTiHc2EdzrD5T/+jDY9chLru/UISdkAq9G7SWQb5JwgyveioLuW uzTcIhfvuuluyD2pS41xv4W87hMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQHxDKe 76s/XLwOPS2c30qED4IVcjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pnYwDQYJKoZIhvcNAQELBQADggEBABljlCTw44ym8hkVEKWaAP+QfEPQaomYeCrl j5fPV7MFwAT4AdTaji2D6EqT7XhJ+1thIc0a+86oBAHE/extok0FVj7ala6bZ+0x Kdv2AHRn3Fwlhvm5mfgZ+AC/ejuFnncIxKUeZtnIcsiecpzQY+5nKmv3sJ9Xlo88 57RYGFxHn/GkignHGkCsakdkY1/d5Gh4HCVGYRIk2e/CrwpOjncpHNqEousu7uCK h1+V5d8He73MglWDfWi+X73NhghRqEKRpD0j17A8Kg7Q5vYn4XKS3R4E4sBqf+Gj JRrBPJ9iEd2qEB7CfY2iVlj6aNpLAcKoTv8DzScuu/X9BueWcYg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:07 2026 by rpki-client