$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144314.roa File: AS144314.roa (raw, json) Hash identifier: 2eOC5pZSA0fmpNG6C5PiZtPcxm48AI5/8Y2UZ+0INcc= Subject key identifier: 37:63:51:E7:D8:8F:56:34:F5:57:C8:A0:DE:41:C1:0C:F2:71:C4:4F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0C3B13D42E3B94778480BA648144A69429C8FC68 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144314.roa Signing time: Wed 04 Mar 2026 06:14:41 +0000 ROA not before: Wed 04 Mar 2026 06:09:41 +0000 ROA not after: Wed 03 Mar 2027 06:14:41 +0000 asID: 144314 IP address blocks: 240a:a680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:3b:13:d4:2e:3b:94:77:84:80:ba:64:81:44:a6:94:29:c8:fc:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:41 2026 GMT Not After : Mar 3 06:14:41 2027 GMT Subject: CN=376351E7D88F5634F557C8A0DE41C10CF271C44F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:3c:b5:2e:02:09:72:a1:63:c5:1a:22:89:a1: de:81:2c:9e:ca:17:79:57:bc:7b:f6:19:3e:c4:49: 2d:c0:67:a5:3b:64:6c:ba:8d:d8:27:88:9f:29:d7: 43:06:5f:57:e1:d8:88:36:55:6d:a3:2b:fb:0b:bc: bb:3b:98:e9:ef:62:d9:9d:91:cb:24:b4:ab:0e:05: cd:86:cb:62:9e:04:7c:04:a4:d2:9f:57:79:4e:41: 00:51:f4:ca:09:d9:86:91:75:a3:b8:83:f9:77:80: 0b:40:5a:41:1a:eb:c8:be:d6:3a:a3:4d:f9:33:a8: 8e:e1:bc:ca:90:fe:20:5e:ed:70:bc:7c:18:1e:60: ad:a4:fd:b9:da:5e:3f:4f:59:fb:3c:06:a9:56:66: bd:8c:20:bf:73:d3:41:63:d2:f0:3f:f3:ba:0d:ca: c4:7c:3c:a3:35:8e:5a:41:1a:96:31:f4:1f:a6:1a: 14:84:3c:11:e4:1d:1c:fc:5e:b7:d2:56:70:36:16: 84:a3:88:f3:21:2d:be:ed:0c:7b:f4:eb:60:3d:38: 89:c1:17:ae:47:53:52:7d:30:3e:e2:0a:06:9d:84: 60:5f:68:6b:c1:4a:19:25:de:87:a5:55:de:00:d3: c0:f2:7a:84:7b:a2:04:29:77:a5:38:c2:0e:34:35: f1:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:63:51:E7:D8:8F:56:34:F5:57:C8:A0:DE:41:C1:0C:F2:71:C4:4F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144314.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a680::/32 Signature Algorithm: sha256WithRSAEncryption 1e:f5:0f:bf:e5:8f:62:6d:de:f3:08:4d:9e:f1:91:58:dc:0b: 84:a0:43:80:e2:91:24:0d:e8:5d:6d:16:62:ea:25:59:2f:5f: da:8e:f5:61:5e:d1:b4:18:b6:cb:c9:7f:1a:13:96:33:1e:58: a3:06:22:49:0d:20:e8:07:24:81:cf:93:94:41:f7:bc:db:55: 29:c2:38:d5:c2:73:0b:61:41:15:53:17:5a:31:61:5f:d8:f1: 30:a5:d3:b0:60:69:fd:19:d0:a7:5b:0e:7e:92:19:c5:90:5f: 1f:7e:9a:ac:2d:98:6f:20:29:41:bc:46:c3:66:e9:50:48:ab: c0:40:5c:9f:c0:eb:34:28:21:ee:b6:45:1a:ec:11:17:55:9f: fd:bd:61:97:2f:c4:8f:40:58:04:80:75:c4:02:56:d0:90:9d: b5:e9:8a:a9:95:16:65:22:9d:dc:d2:0b:ce:54:47:fc:12:43: fa:b6:31:2a:b3:ba:f7:8a:cf:d9:a9:02:14:09:ca:4c:2a:76: 78:5f:87:c0:a9:8e:ff:77:53:08:b7:4f:89:13:37:11:ad:15: 3b:b0:9c:3e:c3:83:a1:be:ce:9e:c1:e6:8e:e9:f9:0c:fc:a5: fe:d7:39:1a:e2:e7:66:cd:c9:72:3f:ec:95:b7:98:e8:2e:2e: b6:f9:b8:3a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDDsT1C47lHeEgLpkgUSmlCnI/GgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0MVoX DTI3MDMwMzA2MTQ0MVowMzExMC8GA1UEAxMoMzc2MzUxRTdEODhGNTYzNEY1NTdD OEEwREU0MUMxMENGMjcxQzQ0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOg8tS4CCXKhY8UaIomh3oEsnsoXeVe8e/YZPsRJLcBnpTtkbLqN2CeInynX QwZfV+HYiDZVbaMr+wu8uzuY6e9i2Z2RyyS0qw4FzYbLYp4EfASk0p9XeU5BAFH0 ygnZhpF1o7iD+XeAC0BaQRrryL7WOqNN+TOojuG8ypD+IF7tcLx8GB5graT9udpe P09Z+zwGqVZmvYwgv3PTQWPS8D/zug3KxHw8ozWOWkEaljH0H6YaFIQ8EeQdHPxe t9JWcDYWhKOI8yEtvu0Me/TrYD04icEXrkdTUn0wPuIKBp2EYF9oa8FKGSXeh6VV 3gDTwPJ6hHuiBCl3pTjCDjQ18QECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ3Y1Hn 2I9WNPVXyKDeQcEM8nHETzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK poAwDQYJKoZIhvcNAQELBQADggEBAB71D7/lj2Jt3vMITZ7xkVjcC4SgQ4DikSQN 6F1tFmLqJVkvX9qO9WFe0bQYtsvJfxoTljMeWKMGIkkNIOgHJIHPk5RB97zbVSnC ONXCcwthQRVTF1oxYV/Y8TCl07Bgaf0Z0KdbDn6SGcWQXx9+mqwtmG8gKUG8RsNm 6VBIq8BAXJ/A6zQoIe62RRrsERdVn/29YZcvxI9AWASAdcQCVtCQnbXpiqmVFmUi ndzSC85UR/wSQ/q2MSqzuveKz9mpAhQJykwqdnhfh8Cpjv93Uwi3T4kTNxGtFTuw nD7Dg6G+zp7B5o7p+Qz8pf7XORri52bNyXI/7JW3mOguLrb5uDo= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:13 2026 by rpki-client