$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144397.roa File: AS144397.roa (raw, json) Hash identifier: jyQC1yzsI0SpX1xoyHmBgUC/9pxwh8xil1UrBPxCjrY= Subject key identifier: 44:01:9C:06:2C:B1:48:BF:F3:CF:0E:C7:D2:0F:0B:EE:82:B2:9C:76 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C4213C0CE26395FAA3000795FDFE8AFD001C249 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144397.roa Signing time: Wed 04 Mar 2026 06:15:30 +0000 ROA not before: Wed 04 Mar 2026 06:10:30 +0000 ROA not after: Wed 03 Mar 2027 06:15:30 +0000 asID: 144397 IP address blocks: 240a:a6d3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:42:13:c0:ce:26:39:5f:aa:30:00:79:5f:df:e8:af:d0:01:c2:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:30 2026 GMT Not After : Mar 3 06:15:30 2027 GMT Subject: CN=44019C062CB148BFF3CF0EC7D20F0BEE82B29C76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:32:72:5d:ed:00:ff:61:36:a6:d4:39:63:e0: 8f:03:7d:38:df:0c:80:a6:63:44:e8:d4:64:05:2e: 44:04:95:00:1f:b2:ec:2b:29:d9:a8:f2:ed:20:2a: 28:ee:cd:d0:62:5e:4d:9e:88:6f:1b:c2:1c:89:59: d4:3a:42:12:54:b8:e8:c5:98:a5:7b:f0:bd:b7:32: f9:f0:e6:b2:c5:2d:d8:1e:e1:e5:a3:71:d6:49:d5: 55:fc:12:38:90:cb:2e:fe:ba:96:b4:04:2b:b3:3e: e8:ab:d9:50:3d:f7:e0:bf:7a:f3:03:08:44:cb:93: 9b:08:49:11:78:7b:f6:1e:a1:ca:48:d8:01:c4:9d: 41:1c:d5:8d:e2:d4:d4:c5:8c:69:17:f7:6b:41:6c: 89:50:c2:5a:c0:ae:bb:1a:4d:63:8a:ee:af:ca:64: ef:ec:33:2e:d2:4c:76:a9:06:1c:94:68:70:67:4e: 29:6b:05:9a:7d:7c:31:62:48:3a:7e:d0:6e:84:23: 32:7c:a8:30:55:ee:e7:50:1f:96:74:73:9f:3f:8d: ec:18:a0:2a:15:4e:a8:2a:5b:ba:e7:21:0a:e8:ba: 86:a2:ff:dd:d5:a2:63:84:26:dd:73:bb:ee:f1:1c: 1a:3f:43:f6:3d:44:7f:ba:b2:b4:c4:16:32:ee:81: 8c:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:01:9C:06:2C:B1:48:BF:F3:CF:0E:C7:D2:0F:0B:EE:82:B2:9C:76 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144397.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6d3::/32 Signature Algorithm: sha256WithRSAEncryption 6e:fa:65:70:b0:74:9f:d1:1e:be:5b:1f:ac:d3:f0:fb:9c:ae: 01:43:43:a9:ee:cd:34:52:21:4a:4b:95:ac:c1:0c:82:64:4b: c9:82:e3:8e:f4:c9:3e:60:9c:65:0c:2f:42:7e:df:2d:2f:9c: 6c:4d:9b:5f:e6:79:50:05:f5:5a:0f:68:2e:83:53:c4:d1:eb: 03:c9:d7:e1:a1:2b:c5:1c:af:2c:9a:52:f0:fe:6c:6d:0d:50: a4:2c:2b:04:26:1f:67:e2:89:c3:a0:75:42:b1:31:af:78:c5: fc:93:d2:13:18:82:76:ea:69:d1:0e:a7:93:7d:98:d6:c9:30: 09:df:b7:1b:a4:a0:8d:21:30:b3:1e:17:fd:2b:c1:f8:98:a0: 42:44:bb:b8:68:04:36:ae:f7:a8:cb:07:3d:e4:6f:80:1d:8b: 32:3a:3f:ca:bd:ca:b5:ae:8c:d2:b3:81:f6:31:f9:98:ce:a1: 1d:0a:6f:34:bd:3e:10:96:05:b2:48:bb:4c:c3:58:64:dd:8c: db:62:56:38:2b:66:47:2e:7b:d4:75:8b:36:60:a1:2c:fe:49: b4:d9:44:fc:9e:9d:5c:61:3a:dd:89:39:18:50:11:91:d9:67: e0:53:d5:96:62:76:a2:7a:50:41:fe:7c:0d:c7:9d:0a:98:10: 00:de:44:a8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfEITwM4mOV+qMAB5X9/or9ABwkkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzMFoX DTI3MDMwMzA2MTUzMFowMzExMC8GA1UEAxMoNDQwMTlDMDYyQ0IxNDhCRkYzQ0Yw RUM3RDIwRjBCRUU4MkIyOUM3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKAycl3tAP9hNqbUOWPgjwN9ON8MgKZjROjUZAUuRASVAB+y7Csp2ajy7SAq KO7N0GJeTZ6IbxvCHIlZ1DpCElS46MWYpXvwvbcy+fDmssUt2B7h5aNx1knVVfwS OJDLLv66lrQEK7M+6KvZUD334L968wMIRMuTmwhJEXh79h6hykjYAcSdQRzVjeLU 1MWMaRf3a0FsiVDCWsCuuxpNY4rur8pk7+wzLtJMdqkGHJRocGdOKWsFmn18MWJI On7QboQjMnyoMFXu51AflnRznz+N7BigKhVOqCpbuuchCui6hqL/3dWiY4Qm3XO7 7vEcGj9D9j1Ef7qytMQWMu6BjJcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBREAZwG LLFIv/PPDsfSDwvugrKcdjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ptMwDQYJKoZIhvcNAQELBQADggEBAG76ZXCwdJ/RHr5bH6zT8PucrgFDQ6nuzTRS IUpLlazBDIJkS8mC4470yT5gnGUML0J+3y0vnGxNm1/meVAF9VoPaC6DU8TR6wPJ 1+GhK8UcryyaUvD+bG0NUKQsKwQmH2fiicOgdUKxMa94xfyT0hMYgnbqadEOp5N9 mNbJMAnftxukoI0hMLMeF/0rwfiYoEJEu7hoBDau96jLBz3kb4AdizI6P8q9yrWu jNKzgfYx+ZjOoR0KbzS9PhCWBbJIu0zDWGTdjNtiVjgrZkcue9R1izZgoSz+SbTZ RPyenVxhOt2JORhQEZHZZ+BT1ZZidqJ6UEH+fA3HnQqYEADeRKg= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:30 2026 by rpki-client