$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144328.roa File: AS144328.roa (raw, json) Hash identifier: tROak6ruy+5X1D2fUDFUjA4i1c+3vEcONNQmArz14aU= Subject key identifier: 2D:0D:5D:BB:E1:C0:F1:23:1F:6C:06:E6:1E:4F:FE:A2:A8:19:6C:A9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 73A52C39FCC3A81C4A3066B6975F515BA21BED28 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144328.roa Signing time: Wed 04 Mar 2026 06:15:21 +0000 ROA not before: Wed 04 Mar 2026 06:10:21 +0000 ROA not after: Wed 03 Mar 2027 06:15:21 +0000 asID: 144328 IP address blocks: 240a:a68e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:a5:2c:39:fc:c3:a8:1c:4a:30:66:b6:97:5f:51:5b:a2:1b:ed:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:21 2026 GMT Not After : Mar 3 06:15:21 2027 GMT Subject: CN=2D0D5DBBE1C0F1231F6C06E61E4FFEA2A8196CA9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:6b:c9:67:6f:5b:67:5f:7d:f6:49:7d:34:2f: ee:ea:43:2e:b6:00:ed:c8:37:8a:fe:74:fb:ba:7c: 32:1a:97:bf:57:ff:62:bc:09:ee:3b:b3:6d:b7:0b: f4:f6:31:88:46:7a:14:df:b0:3b:9e:5c:17:8a:e6: e0:28:17:c8:d9:95:a3:1d:10:7c:cd:23:f8:16:01: 27:09:a8:0a:3f:be:af:f0:2b:3e:3a:45:b6:e2:ae: 4b:1a:09:c5:d2:b9:84:82:e4:e5:28:2e:83:0f:5a: d5:80:ce:0f:b7:c4:3b:e9:bc:c0:5e:e2:b6:b5:dc: 00:4f:19:dd:60:b7:f8:53:37:fb:af:f6:b9:d6:e0: 89:e6:32:f3:9c:2d:8c:6d:22:0c:c3:d1:32:11:5b: 1b:6d:ab:20:b7:d4:d3:5b:4b:6a:cd:44:55:75:4e: e0:81:a1:50:ea:d4:10:2a:fe:f3:ab:79:0c:aa:79: 8f:d1:5f:49:7b:17:35:eb:39:be:c1:9c:7a:ce:fb: 6a:69:61:83:4e:56:49:0c:8e:ab:ce:9b:bb:6d:9a: 5a:b8:c2:eb:6e:fc:c0:29:34:43:4f:91:90:3f:11: aa:81:3b:b2:bf:b1:ee:f7:e1:67:42:af:c4:aa:b6: d0:78:95:b4:fb:04:93:10:d1:ab:a3:a4:f7:8d:61: c0:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:0D:5D:BB:E1:C0:F1:23:1F:6C:06:E6:1E:4F:FE:A2:A8:19:6C:A9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144328.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a68e::/32 Signature Algorithm: sha256WithRSAEncryption 0f:ee:56:7a:8b:65:7d:b4:9b:cc:20:a4:ea:45:09:fc:57:9a: b4:3f:ea:36:bf:46:3b:34:13:0b:18:d0:8b:c2:0f:f8:5c:62: b6:22:01:b4:66:8a:15:03:ac:42:cb:9d:2b:7f:05:fd:0a:57: db:2c:79:0a:47:9f:89:f6:a0:67:2c:cd:0a:07:88:b1:6e:36: c6:6c:a7:d6:cc:e7:9f:bd:32:2c:f2:eb:6a:e9:d7:2e:96:26: 32:00:53:87:22:46:bf:8b:08:bf:d5:0a:4a:5f:dd:0e:6f:9c: 82:04:34:3c:43:0f:04:81:35:14:cd:71:b7:0d:15:d1:ad:6d: 02:89:30:ee:38:6a:a2:2c:44:2f:2a:34:da:a9:da:17:e4:79: 03:b8:ac:b5:6f:3e:f6:f2:ac:9e:04:70:33:14:d8:7e:ea:42: 47:dc:12:b7:f5:2a:db:2c:11:77:e5:63:f9:4d:c2:da:8f:6a: 67:ff:4d:8b:1a:b8:d4:99:be:dd:4d:ea:af:f2:9a:db:6b:fe: cc:f1:b7:36:8f:1c:9f:48:f4:9b:18:52:17:7e:5f:c0:c3:61: 7b:e5:d7:fb:57:30:19:0a:2b:47:c7:d6:ee:54:2e:58:bd:87: d6:9b:31:6b:2d:26:27:4e:71:0c:25:37:df:12:83:5d:04:be: 83:56:da:6a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUc6UsOfzDqBxKMGa2l19RW6Ib7SgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyMVoX DTI3MDMwMzA2MTUyMVowMzExMC8GA1UEAxMoMkQwRDVEQkJFMUMwRjEyMzFGNkMw NkU2MUU0RkZFQTJBODE5NkNBOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJtryWdvW2dfffZJfTQv7upDLrYA7cg3iv50+7p8MhqXv1f/YrwJ7juzbbcL 9PYxiEZ6FN+wO55cF4rm4CgXyNmVox0QfM0j+BYBJwmoCj++r/ArPjpFtuKuSxoJ xdK5hILk5Sgugw9a1YDOD7fEO+m8wF7itrXcAE8Z3WC3+FM3+6/2udbgieYy85wt jG0iDMPRMhFbG22rILfU01tLas1EVXVO4IGhUOrUECr+86t5DKp5j9FfSXsXNes5 vsGces77amlhg05WSQyOq86bu22aWrjC6278wCk0Q0+RkD8RqoE7sr+x7vfhZ0Kv xKq20HiVtPsEkxDRq6Ok941hwFMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQtDV27 4cDxIx9sBuYeT/6iqBlsqTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK po4wDQYJKoZIhvcNAQELBQADggEBAA/uVnqLZX20m8wgpOpFCfxXmrQ/6ja/Rjs0 EwsY0IvCD/hcYrYiAbRmihUDrELLnSt/Bf0KV9sseQpHn4n2oGcszQoHiLFuNsZs p9bM55+9Mizy62rp1y6WJjIAU4ciRr+LCL/VCkpf3Q5vnIIENDxDDwSBNRTNcbcN FdGtbQKJMO44aqIsRC8qNNqp2hfkeQO4rLVvPvbyrJ4EcDMU2H7qQkfcErf1Ktss EXflY/lNwtqPamf/TYsauNSZvt1N6q/ymttr/szxtzaPHJ9I9JsYUhd+X8DDYXvl 1/tXMBkKK0fH1u5ULli9h9abMWstJidOcQwlN98Sg10EvoNW2mo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:42 2026 by rpki-client