$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144361.roa File: AS144361.roa (raw, json) Hash identifier: ffrwNzP5kM30O70Ny181xmA3B5Q7PraOMSMUkz9ynHs= Subject key identifier: C7:56:BD:73:8A:A8:36:CA:59:E6:3F:DC:0A:79:DE:AC:AB:9C:A9:3F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3585788C96F14E2004B6C4DF381A01EF59F5508B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144361.roa Signing time: Wed 04 Mar 2026 06:14:01 +0000 ROA not before: Wed 04 Mar 2026 06:09:01 +0000 ROA not after: Wed 03 Mar 2027 06:14:01 +0000 asID: 144361 IP address blocks: 240a:a6af::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:85:78:8c:96:f1:4e:20:04:b6:c4:df:38:1a:01:ef:59:f5:50:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:01 2026 GMT Not After : Mar 3 06:14:01 2027 GMT Subject: CN=C756BD738AA836CA59E63FDC0A79DEACAB9CA93F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:73:ab:2d:cd:f5:7a:b8:97:42:8b:d9:d7:a8: b0:29:70:6d:30:5d:f2:eb:85:8b:98:c7:1c:8a:e5: 83:27:bb:b8:33:f4:12:12:2c:41:eb:cc:a2:7f:b2: 0b:f1:de:a3:8c:d2:2d:9c:e2:48:db:e8:87:24:9b: aa:85:54:28:d8:96:73:43:05:68:e8:a6:5a:83:4b: e0:5c:29:a6:11:a2:be:0b:34:6e:45:da:cb:79:c1: 33:76:fe:a1:3c:cf:09:b7:e9:22:1d:65:08:68:fc: 87:0a:4f:65:7e:5b:59:4f:c7:6a:c5:eb:70:c4:4a: c3:e9:28:76:a6:7f:6c:46:00:46:50:07:9d:86:97: e3:b1:2b:1a:c8:6b:e4:a7:fa:68:43:d9:bc:c8:b7: 71:b2:85:02:0d:c5:26:92:92:ad:2b:06:df:b7:3b: d5:d1:3c:8b:65:8f:eb:2e:cd:8c:14:ee:02:87:a7: 5e:32:49:6c:6e:5b:8c:9b:78:43:54:fb:ba:19:c3: b6:de:30:63:6d:22:2b:49:05:a3:e2:91:a5:f2:d8: 42:35:cf:98:b5:08:6f:43:5d:5a:9a:5f:90:4e:fa: 79:2e:6c:35:16:62:9b:74:e6:e0:07:17:98:5c:46: af:aa:53:e8:af:b6:ea:2f:12:2d:10:d9:61:4c:8f: 2e:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:56:BD:73:8A:A8:36:CA:59:E6:3F:DC:0A:79:DE:AC:AB:9C:A9:3F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144361.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6af::/32 Signature Algorithm: sha256WithRSAEncryption 09:18:90:e3:9f:0e:55:3d:2f:44:55:6b:97:24:70:76:62:ed: 27:75:23:b8:b5:94:a3:f4:46:f7:80:b2:46:f2:0c:72:87:59: c2:38:e1:de:3f:60:0a:fb:42:0b:9f:f6:3a:cf:61:bc:16:21: 9b:88:3a:e5:b6:64:91:07:0b:c7:a8:91:25:a0:df:34:63:fa: 4a:44:2b:de:9a:13:67:36:59:88:34:b5:7f:db:54:10:69:19: e0:7a:7a:b0:f0:46:8b:01:cb:9e:9e:84:02:ce:b6:a4:0f:b2: 58:79:5d:57:d5:42:a1:3d:bb:2e:2d:9d:e6:c5:1a:25:77:09: e3:3a:8e:ca:be:de:dc:94:19:ed:8e:ec:85:70:2b:16:bc:32: 71:59:e9:a2:f0:d3:fa:ac:e3:e5:a7:c4:bd:01:d2:c1:13:1c: 1a:2f:8f:a5:b7:84:c9:0c:8a:19:e0:0b:29:5f:73:3f:ff:97: 88:ea:bf:72:6b:f2:a3:95:5a:ae:cc:a6:d2:5d:b7:92:16:b4: 73:9e:cc:b8:45:3a:23:60:9b:11:c7:3d:d0:13:6a:a4:69:61: dc:7e:9c:59:25:02:c3:70:02:fa:bc:a2:cf:e1:4c:f4:e7:cc: ec:4d:9c:be:46:59:1e:6b:6e:f9:d8:49:9f:28:6f:48:4c:1e: 1b:36:20:74 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNYV4jJbxTiAEtsTfOBoB71n1UIswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwMVoX DTI3MDMwMzA2MTQwMVowMzExMC8GA1UEAxMoQzc1NkJENzM4QUE4MzZDQTU5RTYz RkRDMEE3OURFQUNBQjlDQTkzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIZzqy3N9Xq4l0KL2deosClwbTBd8uuFi5jHHIrlgye7uDP0EhIsQevMon+y C/Heo4zSLZziSNvohySbqoVUKNiWc0MFaOimWoNL4FwpphGivgs0bkXay3nBM3b+ oTzPCbfpIh1lCGj8hwpPZX5bWU/HasXrcMRKw+kodqZ/bEYARlAHnYaX47ErGshr 5Kf6aEPZvMi3cbKFAg3FJpKSrSsG37c71dE8i2WP6y7NjBTuAoenXjJJbG5bjJt4 Q1T7uhnDtt4wY20iK0kFo+KRpfLYQjXPmLUIb0NdWppfkE76eS5sNRZim3Tm4AcX mFxGr6pT6K+26i8SLRDZYUyPLlkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHVr1z iqg2ylnmP9wKed6sq5ypPzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pq8wDQYJKoZIhvcNAQELBQADggEBAAkYkOOfDlU9L0RVa5ckcHZi7Sd1I7i1lKP0 RveAskbyDHKHWcI44d4/YAr7Qguf9jrPYbwWIZuIOuW2ZJEHC8eokSWg3zRj+kpE K96aE2c2WYg0tX/bVBBpGeB6erDwRosBy56ehALOtqQPslh5XVfVQqE9uy4tnebF GiV3CeM6jsq+3tyUGe2O7IVwKxa8MnFZ6aLw0/qs4+WnxL0B0sETHBovj6W3hMkM ihngCylfcz//l4jqv3Jr8qOVWq7MptJdt5IWtHOezLhFOiNgmxHHPdATaqRpYdx+ nFklAsNwAvq8os/hTPTnzOxNnL5GWR5rbvnYSZ8ob0hMHhs2IHQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:57 2026 by rpki-client