$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144355.roa File: AS144355.roa (raw, json) Hash identifier: 7cWGhNUT/Xo8MX5Ovgaa0Mb10CnkyY7PESZDrWZ22Fo= Subject key identifier: AD:6A:12:BD:2C:41:CA:E5:14:72:A4:EA:51:C0:5A:2B:4A:5F:50:E0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0A868CB24B50BA48EF28127CD416CEB273D72573 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144355.roa Signing time: Wed 04 Mar 2026 06:14:25 +0000 ROA not before: Wed 04 Mar 2026 06:09:25 +0000 ROA not after: Wed 03 Mar 2027 06:14:25 +0000 asID: 144355 IP address blocks: 240a:a6a9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:86:8c:b2:4b:50:ba:48:ef:28:12:7c:d4:16:ce:b2:73:d7:25:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:25 2026 GMT Not After : Mar 3 06:14:25 2027 GMT Subject: CN=AD6A12BD2C41CAE51472A4EA51C05A2B4A5F50E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6c:15:7d:1c:6c:9e:52:2a:4f:4c:ef:44:e4: c7:18:1e:c1:ad:94:ba:64:bb:4d:3e:d1:74:2b:75: a1:cd:6f:de:c3:84:f0:7d:9b:47:5b:6a:3d:19:b4: d5:9c:51:d2:8b:ee:70:a5:28:79:0d:08:bb:5f:05: 94:46:f4:45:0e:11:49:db:98:ef:0a:4a:99:62:0e: 32:1d:c4:0b:8b:9b:65:c0:e7:2a:17:3c:c5:69:45: ac:9e:fe:e1:9e:dd:0c:d1:b3:94:f7:19:b9:3d:1f: 59:89:ed:bd:bc:0b:0d:c5:7e:bc:07:51:18:07:a8: f2:ea:88:e6:f1:79:1d:32:41:ff:af:0d:fe:ee:20: a6:67:31:f8:13:7e:99:48:4b:b7:66:4b:9d:12:68: 76:5c:43:e1:cf:5c:a3:04:6a:d1:af:13:7a:16:0e: 4d:f4:52:ac:c8:98:85:d4:8f:c7:eb:8d:0d:ce:4f: 83:aa:c6:12:a3:1f:ca:a9:99:67:7e:a6:82:0b:2f: f4:60:a6:67:05:86:00:01:c9:25:0c:53:d1:de:8a: 80:35:2d:23:55:1a:76:7c:38:e4:ef:7f:00:2e:ac: 5d:1e:93:b9:f1:ce:19:fa:f3:04:42:cd:06:7a:21: c8:dd:78:f7:c5:e4:69:ef:21:8f:c2:16:57:f4:16: 9f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6A:12:BD:2C:41:CA:E5:14:72:A4:EA:51:C0:5A:2B:4A:5F:50:E0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144355.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6a9::/32 Signature Algorithm: sha256WithRSAEncryption 8d:fb:9d:b4:0b:8a:dc:64:18:0e:ed:23:6e:de:24:5f:6d:ec: 3b:7a:93:87:f5:f4:ba:29:40:7e:f4:39:a9:62:f1:8b:48:05: 21:0a:9d:2b:2a:21:35:bf:0e:c9:1c:09:5b:42:6e:d9:41:34: df:21:df:4b:0c:e1:5e:dd:3c:32:9a:5c:2b:0e:f8:24:f2:af: 95:1b:52:c5:b6:2e:cd:55:30:ac:a8:9b:af:b8:54:5f:57:80: da:d0:1c:cb:ad:fc:0f:66:cc:f2:23:e4:1e:f0:a2:cc:aa:7b: 31:b1:de:1e:6a:75:0a:aa:42:64:e6:30:b0:7d:d4:eb:d5:aa: 34:27:95:10:1c:46:b7:7b:b3:4a:92:5b:47:13:c5:38:e0:13: d3:8b:8c:57:0f:59:35:2e:be:b6:e5:b2:99:79:a5:da:3c:5d: 88:3c:21:cc:a0:9e:09:bf:71:8f:37:69:27:38:1d:b3:b8:b9: 7d:52:be:6a:0c:bb:c5:b8:a8:28:58:81:ef:98:3c:d1:e4:36: 54:7a:60:4e:0f:d6:79:bf:27:6c:55:c2:22:bf:17:9a:b1:28: 2d:29:e2:f7:e9:43:06:f3:c0:1b:53:70:00:20:32:29:8e:a9: 78:87:2d:7e:e9:25:d0:c0:85:a2:e9:f4:54:e7:d8:8c:12:94: f4:5a:ef:a9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCoaMsktQukjvKBJ81BbOsnPXJXMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyNVoX DTI3MDMwMzA2MTQyNVowMzExMC8GA1UEAxMoQUQ2QTEyQkQyQzQxQ0FFNTE0NzJB NEVBNTFDMDVBMkI0QTVGNTBFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlsFX0cbJ5SKk9M70Tkxxgewa2UumS7TT7RdCt1oc1v3sOE8H2bR1tqPRm0 1ZxR0ovucKUoeQ0Iu18FlEb0RQ4RSduY7wpKmWIOMh3EC4ubZcDnKhc8xWlFrJ7+ 4Z7dDNGzlPcZuT0fWYntvbwLDcV+vAdRGAeo8uqI5vF5HTJB/68N/u4gpmcx+BN+ mUhLt2ZLnRJodlxD4c9cowRq0a8TehYOTfRSrMiYhdSPx+uNDc5Pg6rGEqMfyqmZ Z36mggsv9GCmZwWGAAHJJQxT0d6KgDUtI1Uadnw45O9/AC6sXR6TufHOGfrzBELN BnohyN1498Xkae8hj8IWV/QWn8sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBStahK9 LEHK5RRypOpRwForSl9Q4DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pqkwDQYJKoZIhvcNAQELBQADggEBAI37nbQLitxkGA7tI27eJF9t7Dt6k4f19Lop QH70Oali8YtIBSEKnSsqITW/DskcCVtCbtlBNN8h30sM4V7dPDKaXCsO+CTyr5Ub UsW2Ls1VMKyom6+4VF9XgNrQHMut/A9mzPIj5B7wosyqezGx3h5qdQqqQmTmMLB9 1OvVqjQnlRAcRrd7s0qSW0cTxTjgE9OLjFcPWTUuvrblspl5pdo8XYg8Icygngm/ cY83aSc4HbO4uX1SvmoMu8W4qChYge+YPNHkNlR6YE4P1nm/J2xVwiK/F5qxKC0p 4vfpQwbzwBtTcAAgMimOqXiHLX7pJdDAhaLp9FTn2IwSlPRa76k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:26 2026 by rpki-client