$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144362.roa File: AS144362.roa (raw, json) Hash identifier: VJYymaVO1ptgBnlc3UWSU4NmVY24MvGPkCzQCB0TaUY= Subject key identifier: 6A:A9:FF:A0:D5:98:20:04:A4:5A:8E:44:70:C2:F8:3E:80:FA:57:E0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2DF1342FFF9EE87137E918E4A8F99E4A5F95D710 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144362.roa Signing time: Wed 04 Mar 2026 06:14:39 +0000 ROA not before: Wed 04 Mar 2026 06:09:39 +0000 ROA not after: Wed 03 Mar 2027 06:14:39 +0000 asID: 144362 IP address blocks: 240a:a6b0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:f1:34:2f:ff:9e:e8:71:37:e9:18:e4:a8:f9:9e:4a:5f:95:d7:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:39 2026 GMT Not After : Mar 3 06:14:39 2027 GMT Subject: CN=6AA9FFA0D5982004A45A8E4470C2F83E80FA57E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9f:7b:6d:a1:84:b1:3a:34:26:e3:44:a9:12: 31:30:24:ee:0f:63:74:45:76:2c:6d:77:1f:13:e3: 30:f6:08:0d:81:4c:db:6c:c0:1b:0e:e3:72:16:bc: 4a:97:62:0f:19:31:68:32:18:f2:0d:ef:b4:3e:a9: 01:81:de:5a:af:e5:7a:d6:09:b3:08:7b:dc:b7:83: b9:bf:db:25:f9:91:05:12:0f:97:cd:d2:dd:e0:9a: d6:4c:d2:51:28:ca:eb:fd:aa:2a:b1:16:01:8a:c9: e5:36:d2:8f:b3:16:0d:9b:4d:55:68:a6:66:04:21: 6c:83:a1:45:40:c5:b6:15:e5:7c:15:d1:55:78:4f: 6e:fe:fc:3f:26:98:75:b0:74:52:5b:92:ba:7b:5d: 94:94:44:bb:51:69:e8:53:4a:48:f7:97:82:6f:7b: 2c:6f:d5:02:2e:1f:0e:ee:a4:19:76:06:70:ae:28: 84:26:83:19:07:d0:37:c9:6c:7d:dc:5a:eb:7f:c2: 84:4e:42:8c:d7:53:56:a6:20:77:6a:72:dd:1a:cf: 6d:1e:3f:14:b8:74:54:13:9b:6b:60:8a:c9:98:3c: ee:18:de:52:1e:af:a2:1f:e8:44:04:1c:30:61:86: fc:d3:ee:2b:b1:f5:e8:66:ba:64:91:2f:3d:3e:f2: 93:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:A9:FF:A0:D5:98:20:04:A4:5A:8E:44:70:C2:F8:3E:80:FA:57:E0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144362.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6b0::/32 Signature Algorithm: sha256WithRSAEncryption 6d:0b:3d:fa:60:cb:cb:24:f4:bc:51:bf:5f:dd:1f:6a:24:82: 59:4f:7a:79:b3:d4:e1:1c:f5:82:ef:5f:a8:c0:92:54:c4:45: 75:1a:7c:fd:8e:84:fb:b9:44:01:66:bc:9b:41:23:24:7b:f0: 84:ed:4c:10:93:31:87:32:e5:dc:cc:dc:76:da:6c:78:b3:7f: b3:60:14:60:b4:3c:56:1f:8e:1f:a7:c5:0f:50:52:57:1b:fe: cf:fa:7f:64:f6:b3:1f:1b:78:44:b1:27:77:48:c2:e8:67:93: f4:c5:aa:95:8a:29:9f:70:63:d3:eb:7a:89:c6:ba:7f:a8:6d: e3:a2:08:c9:97:90:4a:b1:f1:37:f1:31:b2:0e:91:6b:9d:ec: e1:b4:f7:74:2b:53:5c:e3:27:83:ef:00:58:03:b4:a4:cf:c4: f1:6d:50:55:f4:33:e0:7a:77:29:03:8b:2a:3d:85:00:d2:27: aa:e3:30:9d:55:1b:44:53:35:44:4b:8b:86:46:e8:15:41:33: 83:00:a9:77:29:e9:bb:2b:33:9f:4b:d6:bd:1e:b9:dd:12:d1: 60:c9:be:fa:5b:38:ca:c6:54:82:32:32:d8:07:81:e7:34:63: e0:29:d2:ac:b1:24:ab:c7:9a:1d:52:22:37:b0:d3:1f:1b:ff: 02:68:f6:7d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULfE0L/+e6HE36RjkqPmeSl+V1xAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzOVoX DTI3MDMwMzA2MTQzOVowMzExMC8GA1UEAxMoNkFBOUZGQTBENTk4MjAwNEE0NUE4 RTQ0NzBDMkY4M0U4MEZBNTdFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGfe22hhLE6NCbjRKkSMTAk7g9jdEV2LG13HxPjMPYIDYFM22zAGw7jcha8 SpdiDxkxaDIY8g3vtD6pAYHeWq/letYJswh73LeDub/bJfmRBRIPl83S3eCa1kzS USjK6/2qKrEWAYrJ5TbSj7MWDZtNVWimZgQhbIOhRUDFthXlfBXRVXhPbv78PyaY dbB0UluSuntdlJREu1Fp6FNKSPeXgm97LG/VAi4fDu6kGXYGcK4ohCaDGQfQN8ls fdxa63/ChE5CjNdTVqYgd2py3RrPbR4/FLh0VBOba2CKyZg87hjeUh6voh/oRAQc MGGG/NPuK7H16Ga6ZJEvPT7yk9cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRqqf+g 1ZggBKRajkRwwvg+gPpX4DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM2Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK prAwDQYJKoZIhvcNAQELBQADggEBAG0LPfpgy8sk9LxRv1/dH2okgllPenmz1OEc 9YLvX6jAklTERXUafP2OhPu5RAFmvJtBIyR78ITtTBCTMYcy5dzM3HbabHizf7Ng FGC0PFYfjh+nxQ9QUlcb/s/6f2T2sx8beESxJ3dIwuhnk/TFqpWKKZ9wY9PreonG un+obeOiCMmXkEqx8TfxMbIOkWud7OG093QrU1zjJ4PvAFgDtKTPxPFtUFX0M+B6 dykDiyo9hQDSJ6rjMJ1VG0RTNURLi4ZG6BVBM4MAqXcp6bsrM59L1r0eud0S0WDJ vvpbOMrGVIIyMtgHgec0Y+Ap0qyxJKvHmh1SIjew0x8b/wJo9n0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:49 2026 by rpki-client