$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144310.roa File: AS144310.roa (raw, json) Hash identifier: xELAng2rxWZaKg0gc+yMhJs0mFivnP9Da9UTDIDvTBw= Subject key identifier: A7:82:F5:C6:48:C6:95:E3:B2:06:40:EC:74:29:49:73:C0:83:AB:3A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3A648099D9A556DC552A7B8D6B9BC3AE76FAE476 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144310.roa Signing time: Wed 04 Mar 2026 06:14:13 +0000 ROA not before: Wed 04 Mar 2026 06:09:13 +0000 ROA not after: Wed 03 Mar 2027 06:14:13 +0000 asID: 144310 IP address blocks: 240a:a67c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:64:80:99:d9:a5:56:dc:55:2a:7b:8d:6b:9b:c3:ae:76:fa:e4:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:13 2026 GMT Not After : Mar 3 06:14:13 2027 GMT Subject: CN=A782F5C648C695E3B20640EC74294973C083AB3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:fc:67:91:2d:cc:6a:a0:ae:1a:69:cd:e8:1a: 9d:be:64:3f:64:57:7e:fd:6c:77:d8:b0:1e:95:14: 64:92:8a:6c:7f:ff:0b:22:1d:91:2c:5c:17:81:8d: 20:21:fe:9d:92:bb:77:b6:02:05:5a:78:fd:1a:8f: 03:6c:fc:80:34:0e:cf:03:18:2e:70:c6:97:cf:1b: d4:6a:42:29:92:26:9c:ab:47:59:80:82:ee:fd:68: 6f:9e:da:01:8e:b8:03:08:30:ec:c9:83:0a:c2:dc: c3:c3:00:d8:5c:c1:cd:ee:3a:9a:f0:bc:e3:21:c1: b5:c0:32:58:f0:42:00:4d:9d:79:d7:70:c8:f9:ff: 25:d4:e8:0b:99:6e:6a:01:77:2a:0f:a3:b4:c8:e6: 33:8c:7d:f8:42:9f:05:bb:f2:61:f1:9f:e3:02:36: 8f:1a:f6:1c:8a:aa:f2:3d:c2:7d:55:85:53:99:93: b4:28:79:90:98:ea:4a:cd:a6:cc:2b:f6:df:a4:58: a2:5d:22:b1:0f:92:c0:9b:9a:1f:b2:f3:8b:0a:2f: 9d:c2:d7:ec:9c:2b:1e:f3:65:e5:22:c5:7d:09:3f: af:11:90:1b:df:65:8f:6b:c1:4e:39:00:52:6a:a3: 0f:a0:19:0a:4d:49:84:35:6d:4d:ad:69:2a:18:98: bb:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:82:F5:C6:48:C6:95:E3:B2:06:40:EC:74:29:49:73:C0:83:AB:3A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144310.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a67c::/32 Signature Algorithm: sha256WithRSAEncryption 87:1a:38:4e:25:4c:5c:1f:5a:45:81:66:27:13:3a:97:ee:32: 88:8c:28:ce:88:ab:c9:ae:c4:f3:09:e0:57:f3:dd:c4:4c:cc: 18:28:df:d3:bc:fc:6c:a2:1f:2e:83:d9:42:ef:9f:c1:96:b8: b8:a2:cc:a7:a9:45:93:ce:e2:90:5d:4f:ff:25:1f:96:14:1f: e3:71:5c:b5:7e:7a:12:73:64:4a:1f:ab:bb:72:ed:52:4c:10: 05:ff:b0:c1:8f:8f:71:82:d9:87:7b:bf:86:51:7e:78:f1:7f: 0f:b1:1e:7a:a1:50:27:7d:9d:b8:73:c9:96:59:21:be:64:3e: a1:fe:c6:9a:9b:f8:ad:08:b9:ff:41:4f:fd:60:40:d7:69:47: 19:98:67:8c:3f:21:70:d4:65:8d:8c:e9:6e:72:23:5a:66:42: ac:aa:19:70:82:64:f6:f9:22:2f:65:45:fd:0b:0d:6e:8f:d3: aa:e4:d9:88:df:c7:87:44:79:e4:a3:32:c2:f9:52:ef:88:23: fe:ce:c5:3b:36:d9:50:ca:2a:1c:84:8f:1c:65:8a:21:be:1d: 4c:87:bf:c5:3d:28:a2:a5:d4:a3:4b:2e:f8:0b:4d:0e:17:41: d1:e8:2b:03:94:3a:3f:fc:3a:64:16:68:67:aa:a5:a8:6c:fa: 39:75:c5:b5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOmSAmdmlVtxVKnuNa5vDrnb65HYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxM1oX DTI3MDMwMzA2MTQxM1owMzExMC8GA1UEAxMoQTc4MkY1QzY0OEM2OTVFM0IyMDY0 MEVDNzQyOTQ5NzNDMDgzQUIzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI78Z5EtzGqgrhppzeganb5kP2RXfv1sd9iwHpUUZJKKbH//CyIdkSxcF4GN ICH+nZK7d7YCBVp4/RqPA2z8gDQOzwMYLnDGl88b1GpCKZImnKtHWYCC7v1ob57a AY64Awgw7MmDCsLcw8MA2FzBze46mvC84yHBtcAyWPBCAE2deddwyPn/JdToC5lu agF3Kg+jtMjmM4x9+EKfBbvyYfGf4wI2jxr2HIqq8j3CfVWFU5mTtCh5kJjqSs2m zCv236RYol0isQ+SwJuaH7LziwovncLX7JwrHvNl5SLFfQk/rxGQG99lj2vBTjkA UmqjD6AZCk1JhDVtTa1pKhiYu28CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSngvXG SMaV47IGQOx0KUlzwIOrOjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMxMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pnwwDQYJKoZIhvcNAQELBQADggEBAIcaOE4lTFwfWkWBZicTOpfuMoiMKM6Iq8mu xPMJ4Ffz3cRMzBgo39O8/GyiHy6D2ULvn8GWuLiizKepRZPO4pBdT/8lH5YUH+Nx XLV+ehJzZEofq7ty7VJMEAX/sMGPj3GC2Yd7v4ZRfnjxfw+xHnqhUCd9nbhzyZZZ Ib5kPqH+xpqb+K0Iuf9BT/1gQNdpRxmYZ4w/IXDUZY2M6W5yI1pmQqyqGXCCZPb5 Ii9lRf0LDW6P06rk2Yjfx4dEeeSjMsL5Uu+II/7OxTs22VDKKhyEjxxliiG+HUyH v8U9KKKl1KNLLvgLTQ4XQdHoKwOUOj/8OmQWaGeqpahs+jl1xbU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:59 2026 by rpki-client