$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144334.roa File: AS144334.roa (raw, json) Hash identifier: QPEV7KBQ2YttNoanE7P0bNzlNYBfbSpYRXhvB34vJFI= Subject key identifier: 07:AF:31:33:1E:F5:D2:66:95:CD:F7:39:C4:EB:1A:63:25:11:B1:77 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7FF795477D7C8CCC0F8F3F661EAC941B3CC2F9C8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144334.roa Signing time: Wed 04 Mar 2026 06:12:39 +0000 ROA not before: Wed 04 Mar 2026 06:07:39 +0000 ROA not after: Wed 03 Mar 2027 06:12:39 +0000 asID: 144334 IP address blocks: 240a:a694::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:f7:95:47:7d:7c:8c:cc:0f:8f:3f:66:1e:ac:94:1b:3c:c2:f9:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:39 2026 GMT Not After : Mar 3 06:12:39 2027 GMT Subject: CN=07AF31331EF5D26695CDF739C4EB1A632511B177 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:53:18:dd:e8:cb:9b:fb:8d:69:4d:06:f6:b9: fb:9c:b3:74:12:2d:66:76:26:d4:8c:15:57:13:fe: a8:5d:f1:35:78:23:d4:ec:08:3e:9c:66:d0:ae:59: 12:de:f8:02:d5:c5:f9:f5:d7:1e:74:7c:21:b1:c3: 9d:a8:4a:1d:20:4c:82:36:a6:a3:a7:ac:1d:a4:ed: c9:70:16:6e:8e:d9:dc:25:2c:a9:cb:c3:c0:91:99: 55:52:4c:af:80:49:54:71:bb:a8:01:40:40:ca:51: 0f:e4:d3:36:0a:c4:1e:51:a9:b9:1d:ea:0d:78:52: a7:ca:12:fa:24:41:a0:2f:de:04:b3:75:6a:59:84: 41:cf:c3:15:ad:ca:24:f0:ca:ae:6f:13:d3:89:9b: 4f:79:35:05:df:b5:0e:a9:88:2b:38:a7:fb:5b:37: 0a:24:6e:d5:03:0d:f0:4c:c8:31:f2:e7:3a:95:3e: 5c:c4:2f:05:dc:6b:f0:ff:14:b5:67:06:13:73:b6: bd:8b:63:da:ec:18:e3:72:70:c2:27:2f:8f:f6:91: 92:bf:b9:33:93:f5:39:98:95:fb:30:6a:9c:54:b3: fe:41:fb:9a:c5:99:7e:fb:03:93:33:7e:55:be:91: 5e:cc:c2:be:e0:36:08:9f:4f:ac:53:05:07:60:59: b8:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:AF:31:33:1E:F5:D2:66:95:CD:F7:39:C4:EB:1A:63:25:11:B1:77 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a694::/32 Signature Algorithm: sha256WithRSAEncryption af:ff:70:8c:b3:dc:d5:60:f6:a4:cf:44:88:a4:f9:39:be:0a: 62:5c:f9:9d:f7:21:42:9a:df:d4:1b:89:02:71:33:07:5a:df: 6b:34:c6:ff:cf:44:18:ae:3c:60:c5:6f:36:77:55:3d:70:be: 49:86:bb:ca:53:a1:c2:ad:fd:03:a0:91:c7:17:68:be:d6:d4: 4f:5b:d3:81:63:61:04:23:b0:e9:a5:0c:54:b4:4c:b6:c4:48: 58:ff:95:78:8c:2e:d7:ae:b8:bd:33:9f:07:62:05:6a:ed:08: 62:60:ba:f4:68:9a:7f:08:56:97:a8:3d:fa:fa:0a:5d:1f:bf: aa:d9:25:57:c2:5a:c6:5f:b1:17:4c:8e:41:17:f7:28:cc:22: dd:c7:f5:d3:84:52:c4:a1:45:5a:66:21:fa:ba:8f:24:74:fa: ef:f5:a8:52:24:69:11:91:57:39:27:24:99:95:96:28:05:14: 82:c8:be:9d:62:4d:13:5d:0a:65:e4:74:3a:a4:c7:70:f9:d9: 6e:14:34:1c:10:61:63:5e:46:51:cf:60:85:dd:5f:c5:0a:54: f3:f3:00:dd:9d:32:75:ea:98:ae:a1:1e:f7:96:7a:7a:96:54: 21:7a:ea:c4:91:35:cc:e2:4a:2c:e9:b4:96:05:32:6d:38:c1: cf:fd:81:ef -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUf/eVR318jMwPjz9mHqyUGzzC+cgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczOVoX DTI3MDMwMzA2MTIzOVowMzExMC8GA1UEAxMoMDdBRjMxMzMxRUY1RDI2Njk1Q0RG NzM5QzRFQjFBNjMyNTExQjE3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBTGN3oy5v7jWlNBva5+5yzdBItZnYm1IwVVxP+qF3xNXgj1OwIPpxm0K5Z Et74AtXF+fXXHnR8IbHDnahKHSBMgjamo6esHaTtyXAWbo7Z3CUsqcvDwJGZVVJM r4BJVHG7qAFAQMpRD+TTNgrEHlGpuR3qDXhSp8oS+iRBoC/eBLN1almEQc/DFa3K JPDKrm8T04mbT3k1Bd+1DqmIKzin+1s3CiRu1QMN8EzIMfLnOpU+XMQvBdxr8P8U tWcGE3O2vYtj2uwY43Jwwicvj/aRkr+5M5P1OZiV+zBqnFSz/kH7msWZfvsDkzN+ Vb6RXszCvuA2CJ9PrFMFB2BZuKkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQHrzEz HvXSZpXN9znE6xpjJRGxdzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDMzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ppQwDQYJKoZIhvcNAQELBQADggEBAK//cIyz3NVg9qTPRIik+Tm+CmJc+Z33IUKa 39QbiQJxMwda32s0xv/PRBiuPGDFbzZ3VT1wvkmGu8pTocKt/QOgkccXaL7W1E9b 04FjYQQjsOmlDFS0TLbESFj/lXiMLteuuL0znwdiBWrtCGJguvRomn8IVpeoPfr6 Cl0fv6rZJVfCWsZfsRdMjkEX9yjMIt3H9dOEUsShRVpmIfq6jyR0+u/1qFIkaRGR VzknJJmVligFFILIvp1iTRNdCmXkdDqkx3D52W4UNBwQYWNeRlHPYIXdX8UKVPPz AN2dMnXqmK6hHveWenqWVCF66sSRNcziSizptJYFMm04wc/9ge8= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:42 2026 by rpki-client