$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144357.roa File: AS144357.roa (raw, json) Hash identifier: qJeelyGud6w2rh7Njj/udWal1ksIKL8bk6+XUK3fl0c= Subject key identifier: 76:03:BF:10:58:DD:53:65:63:D8:00:55:11:DC:52:9A:81:1B:6C:00 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6A66D7B93218EE0894DD27C25B347FB623F476F1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144357.roa Signing time: Wed 04 Mar 2026 06:12:28 +0000 ROA not before: Wed 04 Mar 2026 06:07:28 +0000 ROA not after: Wed 03 Mar 2027 06:12:28 +0000 asID: 144357 IP address blocks: 240a:a6ab::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:66:d7:b9:32:18:ee:08:94:dd:27:c2:5b:34:7f:b6:23:f4:76:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:28 2026 GMT Not After : Mar 3 06:12:28 2027 GMT Subject: CN=7603BF1058DD536563D8005511DC529A811B6C00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ec:a4:cf:2b:6c:61:20:84:d1:5d:99:4f:1b: 82:b2:8c:98:96:bd:4f:13:6f:5c:c4:a1:bc:c1:66: 3f:fb:54:9d:2a:76:31:ef:a8:b5:e7:32:3e:fd:fc: 22:3e:c2:3a:31:5b:c8:73:47:75:97:94:23:a1:b4: a9:27:41:07:70:5f:07:1b:18:95:af:ee:92:4f:18: e8:81:16:c4:9f:16:dd:28:a0:4a:20:99:d3:fe:29: e0:06:9a:05:07:91:44:f2:91:b5:9e:01:e8:4d:74: b1:30:96:35:2e:9b:5a:f7:1d:81:d7:c1:37:9b:6e: ef:55:89:51:70:c9:90:ac:ff:66:23:f2:9b:22:43: 75:94:9c:b7:4b:94:3d:4b:fd:f4:db:f8:77:22:a8: a3:50:90:18:8e:bb:44:6f:2a:57:3d:94:8d:22:44: 3a:f5:1e:db:81:53:f5:37:a2:27:f3:aa:d7:c9:55: af:78:d9:33:1b:65:64:cc:8b:17:7b:f1:16:4c:aa: 83:2d:26:eb:ff:f6:6d:ab:98:a8:55:04:f1:0e:77: f0:a0:b9:14:e4:4f:92:b0:c5:f0:e4:eb:cd:72:0c: 7d:99:62:33:1a:a2:52:ec:8d:40:74:2f:f0:86:d1: 6b:ce:08:84:1d:11:ac:c2:ed:87:7c:ea:40:cf:14: 9f:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:03:BF:10:58:DD:53:65:63:D8:00:55:11:DC:52:9A:81:1B:6C:00 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144357.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6ab::/32 Signature Algorithm: sha256WithRSAEncryption c1:e6:2b:0b:a9:32:d7:f6:18:c7:1e:02:e3:5c:1b:15:59:bf: 97:02:3b:0a:ae:ae:e2:95:fe:05:e7:7f:b5:cf:16:40:bf:be: 8a:1f:1a:15:5c:6b:bf:ec:3c:b1:b5:9e:a0:51:ce:f6:8a:b1: c5:b3:1e:f4:84:d0:df:dc:16:5c:88:df:17:7b:36:5d:4f:bc: 1a:7d:84:e4:9e:d1:31:13:4d:36:cc:13:25:b4:fc:be:dc:1a: 86:66:9d:e1:a5:a5:2f:41:db:41:b6:3e:56:83:f9:c6:08:49: 5f:e6:04:ca:cd:53:86:5c:d0:ee:4b:fb:61:1a:79:73:0e:ee: 03:c6:c9:95:e4:64:19:75:93:13:e1:dc:11:1f:43:12:33:6e: 77:4c:68:bc:a6:b3:2a:22:57:66:ab:25:5f:8f:61:e3:2a:5b: 0c:61:e3:da:6b:e6:ad:51:15:94:ad:fb:0d:db:a8:71:7e:38: 2d:72:6b:de:5f:fd:35:7c:8d:73:a1:87:41:4a:65:bb:c0:1e: 88:98:5e:55:a0:79:c7:07:01:dd:04:f3:0e:23:dd:43:77:18: f9:31:61:f5:15:a2:73:e1:11:84:20:c4:f8:2d:0e:d5:fb:cb: c1:63:08:c6:56:83:81:59:15:6a:82:05:95:8c:e3:e3:7a:f8: f7:26:9b:0f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUambXuTIY7giU3SfCWzR/tiP0dvEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDcyOFoX DTI3MDMwMzA2MTIyOFowMzExMC8GA1UEAxMoNzYwM0JGMTA1OERENTM2NTYzRDgw MDU1MTFEQzUyOUE4MTFCNkMwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnspM8rbGEghNFdmU8bgrKMmJa9TxNvXMShvMFmP/tUnSp2Me+otecyPv38 Ij7COjFbyHNHdZeUI6G0qSdBB3BfBxsYla/ukk8Y6IEWxJ8W3SigSiCZ0/4p4Aaa BQeRRPKRtZ4B6E10sTCWNS6bWvcdgdfBN5tu71WJUXDJkKz/ZiPymyJDdZSct0uU PUv99Nv4dyKoo1CQGI67RG8qVz2UjSJEOvUe24FT9TeiJ/Oq18lVr3jZMxtlZMyL F3vxFkyqgy0m6//2bauYqFUE8Q538KC5FORPkrDF8OTrzXIMfZliMxqiUuyNQHQv 8IbRa84IhB0RrMLth3zqQM8Un0ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR2A78Q WN1TZWPYAFUR3FKagRtsADAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pqswDQYJKoZIhvcNAQELBQADggEBAMHmKwupMtf2GMceAuNcGxVZv5cCOwquruKV /gXnf7XPFkC/voofGhVca7/sPLG1nqBRzvaKscWzHvSE0N/cFlyI3xd7Nl1PvBp9 hOSe0TETTTbMEyW0/L7cGoZmneGlpS9B20G2PlaD+cYISV/mBMrNU4Zc0O5L+2Ea eXMO7gPGyZXkZBl1kxPh3BEfQxIzbndMaLymsyoiV2arJV+PYeMqWwxh49pr5q1R FZSt+w3bqHF+OC1ya95f/TV8jXOhh0FKZbvAHoiYXlWgeccHAd0E8w4j3UN3GPkx YfUVonPhEYQgxPgtDtX7y8FjCMZWg4FZFWqCBZWM4+N6+Pcmmw8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:46 2026 by rpki-client