$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144327.roa File: AS144327.roa (raw, json) Hash identifier: HirwXe4riK572EFvWFmf4ZVi+CptuSsEX7q41cyxKUQ= Subject key identifier: 2A:6B:01:9F:C3:EE:43:99:58:2F:7E:F8:36:9E:B0:94:46:7B:5D:F4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5113F663ED54E480E48889D38F9C80165670A972 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144327.roa Signing time: Wed 04 Mar 2026 06:13:33 +0000 ROA not before: Wed 04 Mar 2026 06:08:33 +0000 ROA not after: Wed 03 Mar 2027 06:13:33 +0000 asID: 144327 IP address blocks: 240a:a68d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:13:f6:63:ed:54:e4:80:e4:88:89:d3:8f:9c:80:16:56:70:a9:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:33 2026 GMT Not After : Mar 3 06:13:33 2027 GMT Subject: CN=2A6B019FC3EE4399582F7EF8369EB094467B5DF4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:d6:54:5e:71:24:a7:30:ba:a4:ef:6c:fc:84: 61:b7:af:bf:ca:fd:b3:54:bd:57:2c:57:a8:38:e8: c5:95:b2:de:81:5f:be:17:4a:97:47:07:16:5e:17: ff:12:eb:f4:7a:da:25:56:e5:4e:2a:44:15:12:df: b0:f6:64:bc:57:eb:c8:ee:c1:b7:6d:f7:ec:9f:5c: 2d:45:ab:62:0e:73:a9:78:5a:d7:fa:27:dd:c1:10: 3c:df:a7:6c:c3:5f:df:f8:d7:f3:c3:0e:3b:4f:fd: a7:41:91:f9:96:61:9d:52:33:4e:b7:8c:58:17:eb: 3e:71:6b:38:e6:76:38:a8:4d:e9:c3:a6:1c:17:92: 52:a2:e2:93:99:02:da:8b:67:95:b8:1a:ed:b5:08: 6b:03:d6:7c:ec:b3:3b:34:01:56:01:0b:4a:01:73: 01:c0:fb:30:fa:ce:20:25:8b:1e:5d:43:bc:45:f8: 99:2c:ee:80:7a:f2:8e:42:38:7e:bf:0e:11:35:cf: 43:93:93:5b:90:c8:c1:3d:f7:ea:ad:65:86:7e:3c: b4:da:15:61:9f:62:15:06:a0:68:a2:b5:76:e1:7b: 24:90:93:61:f3:e7:d9:6b:83:d7:83:be:a0:28:2d: 2f:f2:70:9d:fb:d5:9e:da:38:b8:01:c1:5f:19:f5: 8f:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:6B:01:9F:C3:EE:43:99:58:2F:7E:F8:36:9E:B0:94:46:7B:5D:F4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144327.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a68d::/32 Signature Algorithm: sha256WithRSAEncryption 1a:53:cc:b2:9a:6c:e6:5f:2f:3f:95:61:d6:4f:92:5d:8f:90: e7:9e:e0:a3:7d:a8:f5:ae:0b:23:6a:2d:73:21:8f:e1:5a:a0: e7:ca:8f:be:6d:7c:3c:d2:a0:0f:31:54:a7:b4:d5:eb:15:37: ab:80:65:87:b3:88:25:24:48:5b:b0:b5:ec:67:68:12:d8:b8: 38:0a:45:d9:cf:d8:7f:d3:df:74:3a:55:3d:66:47:4a:c2:3c: 60:38:41:ea:f6:01:cc:fd:b0:77:3c:55:a8:a6:b8:eb:75:7a: b4:cc:37:9a:14:de:ce:49:ee:ce:c9:42:fc:36:4a:04:ba:51: 2b:b4:3d:4e:30:96:a3:49:c3:de:7a:05:04:0a:2d:01:1b:32: 2b:d9:4e:a0:e6:38:07:34:85:5d:5e:22:5a:0e:22:88:12:eb: e0:54:e3:14:4e:f1:df:00:80:d1:bd:5f:48:23:40:f8:38:e2: 51:df:30:db:3f:f3:ba:be:2f:ea:6d:b3:e9:32:03:d9:72:04: 5c:27:65:f0:fc:54:24:2e:08:65:6a:9a:79:24:de:91:bf:82: f4:2c:5b:43:8b:6c:17:f5:a3:a8:5f:9c:b6:d0:54:a3:a4:cc: d3:8f:4b:12:2d:bf:eb:26:8a:b7:77:a2:cd:10:be:a4:ab:9a: 7a:75:2c:40 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUURP2Y+1U5IDkiInTj5yAFlZwqXIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzM1oX DTI3MDMwMzA2MTMzM1owMzExMC8GA1UEAxMoMkE2QjAxOUZDM0VFNDM5OTU4MkY3 RUY4MzY5RUIwOTQ0NjdCNURGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAODWVF5xJKcwuqTvbPyEYbevv8r9s1S9VyxXqDjoxZWy3oFfvhdKl0cHFl4X /xLr9HraJVblTipEFRLfsPZkvFfryO7Bt2337J9cLUWrYg5zqXha1/on3cEQPN+n bMNf3/jX88MOO0/9p0GR+ZZhnVIzTreMWBfrPnFrOOZ2OKhN6cOmHBeSUqLik5kC 2otnlbga7bUIawPWfOyzOzQBVgELSgFzAcD7MPrOICWLHl1DvEX4mSzugHryjkI4 fr8OETXPQ5OTW5DIwT336q1lhn48tNoVYZ9iFQagaKK1duF7JJCTYfPn2WuD14O+ oCgtL/JwnfvVnto4uAHBXxn1j7kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQqawGf w+5DmVgvfvg2nrCURntd9DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK po0wDQYJKoZIhvcNAQELBQADggEBABpTzLKabOZfLz+VYdZPkl2PkOee4KN9qPWu CyNqLXMhj+FaoOfKj75tfDzSoA8xVKe01esVN6uAZYeziCUkSFuwtexnaBLYuDgK RdnP2H/T33Q6VT1mR0rCPGA4Qer2Acz9sHc8VaimuOt1erTMN5oU3s5J7s7JQvw2 SgS6USu0PU4wlqNJw956BQQKLQEbMivZTqDmOAc0hV1eIloOIogS6+BU4xRO8d8A gNG9X0gjQPg44lHfMNs/87q+L+pts+kyA9lyBFwnZfD8VCQuCGVqmnkk3pG/gvQs W0OLbBf1o6hfnLbQVKOkzNOPSxItv+smird3os0QvqSrmnp1LEA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:53 2026 by rpki-client