$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144342.roa File: AS144342.roa (raw, json) Hash identifier: WDrqRbLvbto9lc/uWBkQwtYD8vP2u17OqOq86iEzIXQ= Subject key identifier: CE:1B:81:D0:DA:61:A6:D3:0D:64:35:AE:99:72:F5:2E:DD:6D:08:A8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 57CF5A05A2F5CBC453285F9AC069FE039DD0ABB9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144342.roa Signing time: Wed 04 Mar 2026 06:14:43 +0000 ROA not before: Wed 04 Mar 2026 06:09:43 +0000 ROA not after: Wed 03 Mar 2027 06:14:43 +0000 asID: 144342 IP address blocks: 240a:a69c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:cf:5a:05:a2:f5:cb:c4:53:28:5f:9a:c0:69:fe:03:9d:d0:ab:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:43 2026 GMT Not After : Mar 3 06:14:43 2027 GMT Subject: CN=CE1B81D0DA61A6D30D6435AE9972F52EDD6D08A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ba:91:aa:96:df:dd:cb:b3:71:b9:b1:53:be: f5:76:00:8e:f9:2c:35:62:ca:b9:1c:6b:28:23:64: 4c:fd:25:e3:45:90:c3:5b:ee:f1:3b:c4:4b:50:24: ad:37:91:ea:7c:7a:35:44:41:84:1e:78:54:44:fa: 78:fe:64:a5:27:2c:6c:c5:c9:53:22:7f:ca:3a:b3: e1:78:52:81:31:3d:f8:33:2b:85:a5:de:97:cf:0d: 18:d6:b0:ab:0e:fe:ce:c1:e7:0f:d9:62:78:06:41: a8:86:f7:ed:82:57:0b:be:ab:5a:60:aa:80:e5:07: 81:d4:a3:74:e3:da:24:2e:70:f7:fa:16:7a:d3:ea: 73:1c:e5:21:16:88:bf:6a:e7:ee:4f:19:07:48:fd: 78:d9:cb:5b:ea:87:a4:e2:cf:2b:92:4f:58:3b:30: a0:a9:2d:ac:e8:13:3e:a5:ff:a2:40:99:99:fc:5f: 1b:9f:a3:aa:78:61:64:c1:c5:82:bd:2d:23:b1:8d: 8c:dc:de:e2:e1:37:c7:96:b4:4e:e8:61:3e:88:d1: a7:5b:fa:06:34:43:b4:38:1d:d6:55:cc:cb:af:74: b7:36:01:44:f3:1d:f9:a6:b4:9b:b9:0a:43:c5:fd: 09:11:2f:56:df:22:e4:a2:d8:71:0c:a1:c3:14:98: 57:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:1B:81:D0:DA:61:A6:D3:0D:64:35:AE:99:72:F5:2E:DD:6D:08:A8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144342.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a69c::/32 Signature Algorithm: sha256WithRSAEncryption 9b:6c:91:8b:f9:ac:a3:f7:83:bb:6f:06:a5:ea:b4:af:b4:85: 88:3d:ec:24:d1:2b:e9:a0:3c:1b:d4:83:e3:d5:4f:83:08:55: ac:88:88:da:85:f0:68:ab:d6:72:20:75:d5:9c:2e:c3:4c:d6: 8e:22:9c:91:7a:d2:b2:74:84:f7:72:99:8e:28:b9:dc:61:67: 48:9f:2d:7f:0b:97:84:c0:5a:22:80:13:86:ba:4f:67:89:b6: da:00:ad:fd:cf:42:5d:3f:90:ce:fd:d6:28:c2:e1:86:32:e5: 94:be:8b:15:72:93:b6:13:20:12:31:e7:53:c4:e3:d1:a0:02: 7f:79:f2:c9:a3:ed:8a:d8:16:f1:7e:9c:7d:69:f4:a6:ed:58: 33:ff:41:c4:35:77:58:c3:c2:8b:d6:f5:fd:d6:0a:65:25:7e: eb:c5:52:41:ea:64:ce:0d:ef:48:02:f0:d1:fe:f6:e2:84:b9: 9a:e4:b7:06:00:4e:2a:3b:73:46:a1:9b:6b:b8:52:26:51:f1: 76:00:e4:b6:54:05:4c:c1:a8:3c:06:9a:15:3f:fb:55:9f:c4: 58:56:4f:e6:73:9c:17:fe:a9:9e:68:77:78:65:48:17:ed:a9: 01:6a:14:31:be:3d:a9:ba:46:4f:97:ba:3a:f5:48:4a:19:e7: 44:c2:7f:5b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUV89aBaL1y8RTKF+awGn+A53Qq7kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0M1oX DTI3MDMwMzA2MTQ0M1owMzExMC8GA1UEAxMoQ0UxQjgxRDBEQTYxQTZEMzBENjQz NUFFOTk3MkY1MkVERDZEMDhBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALe6kaqW393Ls3G5sVO+9XYAjvksNWLKuRxrKCNkTP0l40WQw1vu8TvES1Ak rTeR6nx6NURBhB54VET6eP5kpScsbMXJUyJ/yjqz4XhSgTE9+DMrhaXel88NGNaw qw7+zsHnD9lieAZBqIb37YJXC76rWmCqgOUHgdSjdOPaJC5w9/oWetPqcxzlIRaI v2rn7k8ZB0j9eNnLW+qHpOLPK5JPWDswoKktrOgTPqX/okCZmfxfG5+jqnhhZMHF gr0tI7GNjNze4uE3x5a0TuhhPojRp1v6BjRDtDgd1lXMy690tzYBRPMd+aa0m7kK Q8X9CREvVt8i5KLYcQyhwxSYV4cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTOG4HQ 2mGm0w1kNa6ZcvUu3W0IqDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ppwwDQYJKoZIhvcNAQELBQADggEBAJtskYv5rKP3g7tvBqXqtK+0hYg97CTRK+mg PBvUg+PVT4MIVayIiNqF8Gir1nIgddWcLsNM1o4inJF60rJ0hPdymY4oudxhZ0if LX8Ll4TAWiKAE4a6T2eJttoArf3PQl0/kM791ijC4YYy5ZS+ixVyk7YTIBIx51PE 49GgAn958smj7YrYFvF+nH1p9KbtWDP/QcQ1d1jDwovW9f3WCmUlfuvFUkHqZM4N 70gC8NH+9uKEuZrktwYATio7c0ahm2u4UiZR8XYA5LZUBUzBqDwGmhU/+1WfxFhW T+ZznBf+qZ5od3hlSBftqQFqFDG+Pam6Rk+Xujr1SEoZ50TCf1s= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:34 2026 by rpki-client