$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144321.roa File: AS144321.roa (raw, json) Hash identifier: BhXeK+ogySTpmTRi1aZksGz8RCn/ivqO7/VksiAj3zA= Subject key identifier: 23:2F:38:BD:DF:3C:DF:7B:56:AB:A8:2F:75:96:D4:98:5E:5D:04:B5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 70856F51AFAA9A6180397C52DBDA61E2CCF8CB3E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144321.roa Signing time: Wed 04 Mar 2026 06:15:30 +0000 ROA not before: Wed 04 Mar 2026 06:10:30 +0000 ROA not after: Wed 03 Mar 2027 06:15:30 +0000 asID: 144321 IP address blocks: 240a:a687::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:85:6f:51:af:aa:9a:61:80:39:7c:52:db:da:61:e2:cc:f8:cb:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:30 2026 GMT Not After : Mar 3 06:15:30 2027 GMT Subject: CN=232F38BDDF3CDF7B56ABA82F7596D4985E5D04B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:04:79:d9:7c:da:67:98:8c:7a:80:24:23:54: 1c:24:ff:85:01:f2:df:d2:42:fa:c1:98:90:e4:86: 1d:3f:c4:d8:7b:3d:75:30:25:e1:01:6d:c6:68:81: c9:60:13:9c:12:30:ce:44:f0:b6:6a:68:24:9f:bb: 01:06:79:96:b2:af:ce:92:cf:5c:9f:c0:93:36:68: cd:0b:0a:bc:ea:18:a7:65:b7:c0:1e:cb:59:63:6b: e9:80:86:5f:25:50:e4:85:d6:26:d4:c2:25:2c:00: b0:17:4e:81:89:1a:34:47:3f:ba:f3:9d:fa:ca:0e: bb:30:88:d3:a6:c2:2f:74:d7:a4:05:b5:ac:f4:d5: e4:0e:b1:61:8a:59:62:e4:a6:0e:b0:bc:87:ca:65: 03:71:4d:47:23:42:4c:1b:53:c1:91:ca:74:dc:81: e5:b8:99:84:5d:40:8b:08:42:af:e6:d9:6f:92:ab: 2a:1c:e0:e4:d6:29:71:e9:aa:2b:b2:b4:13:aa:50: 71:4f:a2:1a:83:c5:fb:fb:5b:7c:f4:8a:43:59:39: 00:01:04:93:7a:f0:16:81:53:f1:5d:82:94:aa:15: fb:ad:7c:6c:07:bd:89:b0:ec:47:ba:a6:36:b3:7a: a5:53:e7:02:27:ef:07:df:31:6a:24:02:89:70:d2: 6f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:2F:38:BD:DF:3C:DF:7B:56:AB:A8:2F:75:96:D4:98:5E:5D:04:B5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144321.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a687::/32 Signature Algorithm: sha256WithRSAEncryption 04:2c:4a:f2:5e:8c:0e:88:e2:e1:45:42:5a:5b:bb:d0:10:a4: a2:b2:bb:a3:9f:e1:68:13:83:b7:c2:92:e2:13:9c:aa:b5:6c: 75:b4:b4:be:f8:7c:a8:a0:16:af:63:d6:d4:0d:54:c3:2f:d4: 93:36:b4:26:73:7e:bb:c6:63:7b:83:11:62:fc:6a:b4:d4:b3: 35:52:50:85:ce:8e:7d:6b:45:e6:c7:cf:91:f1:7c:4f:39:a7: fc:7f:9b:65:4f:d6:11:17:35:01:2c:4a:83:92:cc:2f:f6:d0: 6c:85:8b:55:f9:9e:53:d2:35:9d:c6:52:ab:91:a2:8b:29:0a: 10:1d:87:a6:d3:32:cc:de:98:2e:ac:a0:56:48:da:8a:20:57: be:1b:7c:73:97:c5:4e:8e:d5:9f:ce:ca:c1:4f:68:ff:1b:cb: 73:f8:9b:6e:40:79:b6:10:90:bb:04:17:ef:18:2d:09:fe:2a: 0c:35:46:53:a9:e2:2b:cc:31:60:38:6a:db:41:8d:cd:0c:3e: 26:9a:c5:f0:52:07:2d:31:82:9e:90:e4:85:23:0b:a6:22:7c: 69:bf:a7:fc:03:45:47:9d:37:60:7e:7a:22:c8:34:bf:b0:9e: 2c:71:82:1f:fd:bb:bf:56:ed:51:2d:a5:6a:47:2f:78:5d:48: bf:a7:3d:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcIVvUa+qmmGAOXxS29ph4sz4yz4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzMFoX DTI3MDMwMzA2MTUzMFowMzExMC8GA1UEAxMoMjMyRjM4QkRERjNDREY3QjU2QUJB ODJGNzU5NkQ0OTg1RTVEMDRCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOEEedl82meYjHqAJCNUHCT/hQHy39JC+sGYkOSGHT/E2Hs9dTAl4QFtxmiB yWATnBIwzkTwtmpoJJ+7AQZ5lrKvzpLPXJ/AkzZozQsKvOoYp2W3wB7LWWNr6YCG XyVQ5IXWJtTCJSwAsBdOgYkaNEc/uvOd+soOuzCI06bCL3TXpAW1rPTV5A6xYYpZ YuSmDrC8h8plA3FNRyNCTBtTwZHKdNyB5biZhF1AiwhCr+bZb5KrKhzg5NYpcemq K7K0E6pQcU+iGoPF+/tbfPSKQ1k5AAEEk3rwFoFT8V2ClKoV+618bAe9ibDsR7qm NrN6pVPnAifvB98xaiQCiXDSb5UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQjLzi9 3zzfe1arqC91ltSYXl0EtTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pocwDQYJKoZIhvcNAQELBQADggEBAAQsSvJejA6I4uFFQlpbu9AQpKKyu6Of4WgT g7fCkuITnKq1bHW0tL74fKigFq9j1tQNVMMv1JM2tCZzfrvGY3uDEWL8arTUszVS UIXOjn1rRebHz5HxfE85p/x/m2VP1hEXNQEsSoOSzC/20GyFi1X5nlPSNZ3GUquR oospChAdh6bTMszemC6soFZI2oogV74bfHOXxU6O1Z/OysFPaP8by3P4m25AebYQ kLsEF+8YLQn+Kgw1RlOp4ivMMWA4attBjc0MPiaaxfBSBy0xgp6Q5IUjC6YifGm/ p/wDRUedN2B+eiLINL+wnixxgh/9u79W7VEtpWpHL3hdSL+nPdY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:41 2026 by rpki-client