$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144346.roa File: AS144346.roa (raw, json) Hash identifier: 4Q3YJ5QkaxrpmVdgPt8jTar3aH3ku12GgEh1tZHwtpg= Subject key identifier: C2:EE:FB:A1:81:AA:F0:67:1D:59:43:D4:52:D0:C0:59:31:44:D5:8F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4F8011EA28B545776092AEA8EC2028CF806A01E8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144346.roa Signing time: Wed 04 Mar 2026 06:13:20 +0000 ROA not before: Wed 04 Mar 2026 06:08:20 +0000 ROA not after: Wed 03 Mar 2027 06:13:20 +0000 asID: 144346 IP address blocks: 240a:a6a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:80:11:ea:28:b5:45:77:60:92:ae:a8:ec:20:28:cf:80:6a:01:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:20 2026 GMT Not After : Mar 3 06:13:20 2027 GMT Subject: CN=C2EEFBA181AAF0671D5943D452D0C0593144D58F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0d:5c:f2:4d:c0:07:35:01:17:ff:1e:87:ee: e2:01:f8:c8:b5:c8:23:a5:fd:6f:62:2d:fa:16:ca: 40:6d:2c:2e:2b:59:27:9c:b5:9f:cc:ca:46:69:bd: db:7e:a8:ee:03:cf:b1:a5:d6:68:8c:e4:41:fd:fa: 51:3a:9e:eb:01:65:20:79:99:59:6d:9e:70:5c:09: 1a:9c:8c:9e:d5:d8:6d:a6:b3:de:9b:8a:a8:e5:76: 0b:94:a8:a5:4e:7d:f7:b3:bb:d1:f4:ba:f8:04:11: 90:79:20:a4:f0:7e:fc:87:14:c7:d3:91:09:6f:51: 2a:bf:2c:cd:98:b1:4a:f2:d9:c1:72:32:3b:4e:90: 49:25:69:a7:58:fe:10:75:50:89:28:d8:f1:fe:9e: 2d:22:73:2f:b2:e5:3d:ef:67:6c:25:fb:89:d6:7e: fb:d3:ac:6f:c2:64:09:67:50:80:7c:90:6b:ac:2a: db:30:d3:28:33:fc:35:3a:be:83:cf:39:9b:b0:4a: b2:19:af:72:41:76:65:ce:02:4d:fe:64:80:a8:a1: f6:81:a4:08:9c:c8:28:fa:96:5d:1f:16:89:d4:97: 8b:9e:03:0e:f6:38:50:ea:94:e2:75:2c:ca:fa:2f: b3:dc:35:46:32:3d:54:7e:08:75:e0:46:48:da:ae: a0:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:EE:FB:A1:81:AA:F0:67:1D:59:43:D4:52:D0:C0:59:31:44:D5:8F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144346.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6a0::/32 Signature Algorithm: sha256WithRSAEncryption 39:49:42:47:7a:5d:f1:c6:26:f3:6e:ba:fa:b7:3f:42:3a:da: 33:2c:7c:93:77:50:22:4f:21:8e:31:8e:5c:a3:61:0d:48:a1: 8c:59:a0:5b:10:8d:ba:9f:e4:ce:60:32:9f:22:c2:e4:aa:b4: 99:84:ee:98:41:a1:ca:5d:31:73:a9:1e:1f:de:e0:7d:dd:e8: da:f8:28:d2:fd:02:c1:d3:9f:72:21:6e:a2:0b:fe:19:d8:81: c9:68:7e:b2:b7:d2:fc:68:42:08:65:01:60:8b:32:e7:8e:b6: c8:91:fb:a1:5f:f1:fb:0a:89:ed:c4:e6:56:58:e2:c7:c5:53: 54:85:42:f9:36:d2:f7:83:36:d6:2b:f3:18:6f:63:17:b9:dc: 2b:bc:ea:2e:e3:c7:1f:79:f7:69:fe:4f:0f:33:7c:8f:75:6e: a1:84:6e:69:06:74:c3:d0:68:1f:6e:5b:70:46:2d:af:af:d8: 32:b1:87:aa:92:6f:9f:41:e5:70:b2:54:c1:97:a6:c8:6a:e1: b1:7a:40:45:58:16:3e:3b:88:0f:13:0c:07:c3:12:db:77:ec: 7e:e9:32:5c:24:06:7f:3f:89:65:23:5e:79:bb:00:97:6b:d2: e1:a1:07:be:d1:a4:73:11:a8:e3:80:e1:73:ce:88:91:1a:b8: 5e:62:a7:a0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUT4AR6ii1RXdgkq6o7CAoz4BqAegwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyMFoX DTI3MDMwMzA2MTMyMFowMzExMC8GA1UEAxMoQzJFRUZCQTE4MUFBRjA2NzFENTk0 M0Q0NTJEMEMwNTkzMTQ0RDU4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALgNXPJNwAc1ARf/Hofu4gH4yLXII6X9b2It+hbKQG0sLitZJ5y1n8zKRmm9 236o7gPPsaXWaIzkQf36UTqe6wFlIHmZWW2ecFwJGpyMntXYbaaz3puKqOV2C5So pU5997O70fS6+AQRkHkgpPB+/IcUx9ORCW9RKr8szZixSvLZwXIyO06QSSVpp1j+ EHVQiSjY8f6eLSJzL7LlPe9nbCX7idZ++9Osb8JkCWdQgHyQa6wq2zDTKDP8NTq+ g885m7BKshmvckF2Zc4CTf5kgKih9oGkCJzIKPqWXR8WidSXi54DDvY4UOqU4nUs yvovs9w1RjI9VH4IdeBGSNquoC0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTC7vuh garwZx1ZQ9RS0MBZMUTVjzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pqAwDQYJKoZIhvcNAQELBQADggEBADlJQkd6XfHGJvNuuvq3P0I62jMsfJN3UCJP IY4xjlyjYQ1IoYxZoFsQjbqf5M5gMp8iwuSqtJmE7phBocpdMXOpHh/e4H3d6Nr4 KNL9AsHTn3IhbqIL/hnYgclofrK30vxoQghlAWCLMueOtsiR+6Ff8fsKie3E5lZY 4sfFU1SFQvk20veDNtYr8xhvYxe53Cu86i7jxx9592n+Tw8zfI91bqGEbmkGdMPQ aB9uW3BGLa+v2DKxh6qSb59B5XCyVMGXpshq4bF6QEVYFj47iA8TDAfDEtt37H7p MlwkBn8/iWUjXnm7AJdr0uGhB77RpHMRqOOA4XPOiJEauF5ip6A= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:16 2026 by rpki-client