$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144319.roa File: AS144319.roa (raw, json) Hash identifier: /l7Xjo+WlW4XWs0sOAuf2sQPO0SStlBbyXOllqh/OrI= Subject key identifier: 40:7E:91:14:18:32:7D:3F:04:8E:69:F1:22:6B:EE:58:74:E5:F0:5E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4E6A2FEE488096E4068D854C06D965A2F5055DF8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144319.roa Signing time: Wed 04 Mar 2026 06:13:08 +0000 ROA not before: Wed 04 Mar 2026 06:08:08 +0000 ROA not after: Wed 03 Mar 2027 06:13:08 +0000 asID: 144319 IP address blocks: 240a:a685::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:6a:2f:ee:48:80:96:e4:06:8d:85:4c:06:d9:65:a2:f5:05:5d:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:08 2026 GMT Not After : Mar 3 06:13:08 2027 GMT Subject: CN=407E911418327D3F048E69F1226BEE5874E5F05E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:48:0d:86:f4:23:fb:c9:db:8a:a9:3f:39:71: 61:bd:10:46:c6:1c:db:b9:fd:17:a6:1b:2b:b6:f0: 40:e5:67:d5:37:3c:38:6b:19:ba:2a:8f:d4:08:ab: 29:9e:53:87:75:4a:49:92:d1:6d:ae:c1:bd:1d:6e: 6a:52:19:42:4d:73:c4:5b:88:fd:ea:28:a5:ba:f4: 85:c8:62:66:4a:20:92:13:ab:7e:06:4b:04:5c:1b: 01:0b:98:95:16:a4:b0:6e:f9:df:32:7a:a0:41:16: 76:fc:e8:f6:9c:7e:e3:95:c8:2f:9d:01:7a:78:5d: fe:15:75:50:3a:0f:80:57:be:3c:88:0a:ae:1f:b7: 98:99:e6:88:1f:8c:3f:7d:ef:7c:d5:51:7a:ab:84: f2:16:70:d3:1a:f7:97:d2:75:a4:8e:09:82:ea:28: 2c:d1:25:d6:1d:b2:fd:6b:49:f2:32:69:e8:4d:70: ec:29:ab:1f:da:df:bb:26:ae:5b:c6:e4:e7:c1:22: 46:56:32:11:44:b1:2b:59:08:f1:9a:7e:83:37:fa: 6d:2d:f8:54:06:7c:de:ec:66:de:69:11:73:92:de: 9b:71:7e:8f:1a:27:03:3e:b8:5b:b8:93:b5:1a:7d: 44:a9:45:19:03:7d:b1:13:47:d9:ef:9e:de:69:d5: 5a:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:7E:91:14:18:32:7D:3F:04:8E:69:F1:22:6B:EE:58:74:E5:F0:5E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144319.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a685::/32 Signature Algorithm: sha256WithRSAEncryption c7:b1:ce:1a:48:cf:5a:dd:be:6c:3f:99:35:f4:43:96:ec:59: 0c:4a:69:c6:fc:4b:6e:de:e1:2c:4e:d0:a2:09:7b:1c:a6:43: a8:e2:8e:d8:f9:bd:bb:e8:15:f7:b0:d0:89:4f:2e:b6:e0:1a: 26:50:46:7a:28:a9:f9:c3:ae:ac:d8:c4:21:89:59:c8:69:de: 1f:ca:03:3e:94:16:1f:24:f4:31:26:67:50:ea:3a:10:b4:13: fe:a6:fb:98:78:80:4f:6b:41:08:d5:98:90:25:dc:84:ef:3f: 63:c9:46:64:45:0c:84:3b:55:09:0e:e3:5d:62:fa:ad:10:18: 9d:38:14:a1:33:2b:d2:c1:79:ed:9e:72:92:79:e8:93:2d:49: 0a:e1:88:7c:cf:e2:2f:1d:8c:c5:14:96:73:c9:c3:a6:d2:be: 0c:0c:f1:8a:21:70:3a:3b:3c:7c:24:0c:b4:fc:f0:94:da:56: 97:55:44:e2:99:55:9a:dd:e0:a5:24:fd:fe:48:d0:80:67:f2: 38:da:b6:78:ac:cf:f8:2e:f0:c9:82:b2:97:78:ba:92:6a:6d: f0:4d:94:f0:4f:55:11:7a:30:52:cc:3a:e7:ce:27:20:33:fe: 98:f5:ab:13:41:65:fb:94:ba:ed:80:b0:69:2e:ce:6d:18:e7: 4e:59:17:3e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTmov7kiAluQGjYVMBtllovUFXfgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwOFoX DTI3MDMwMzA2MTMwOFowMzExMC8GA1UEAxMoNDA3RTkxMTQxODMyN0QzRjA0OEU2 OUYxMjI2QkVFNTg3NEU1RjA1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMRIDYb0I/vJ24qpPzlxYb0QRsYc27n9F6YbK7bwQOVn1Tc8OGsZuiqP1Air KZ5Th3VKSZLRba7BvR1ualIZQk1zxFuI/eoopbr0hchiZkogkhOrfgZLBFwbAQuY lRaksG753zJ6oEEWdvzo9px+45XIL50Benhd/hV1UDoPgFe+PIgKrh+3mJnmiB+M P33vfNVRequE8hZw0xr3l9J1pI4JguooLNEl1h2y/WtJ8jJp6E1w7CmrH9rfuyau W8bk58EiRlYyEUSxK1kI8Zp+gzf6bS34VAZ83uxm3mkRc5Lem3F+jxonAz64W7iT tRp9RKlFGQN9sRNH2e+e3mnVWtECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRAfpEU GDJ9PwSOafEia+5YdOXwXjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMxOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK poUwDQYJKoZIhvcNAQELBQADggEBAMexzhpIz1rdvmw/mTX0Q5bsWQxKacb8S27e 4SxO0KIJexymQ6jijtj5vbvoFfew0IlPLrbgGiZQRnooqfnDrqzYxCGJWchp3h/K Az6UFh8k9DEmZ1DqOhC0E/6m+5h4gE9rQQjVmJAl3ITvP2PJRmRFDIQ7VQkO411i +q0QGJ04FKEzK9LBee2ecpJ56JMtSQrhiHzP4i8djMUUlnPJw6bSvgwM8YohcDo7 PHwkDLT88JTaVpdVROKZVZrd4KUk/f5I0IBn8jjatnisz/gu8MmCspd4upJqbfBN lPBPVRF6MFLMOufOJyAz/pj1qxNBZfuUuu2AsGkuzm0Y505ZFz4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:52 2026 by rpki-client