$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144408.roa File: AS144408.roa (raw, json) Hash identifier: vV2bUyPlq0v07ehWy6l1WusAEKq9SgzslOztPNVPnbw= Subject key identifier: 1A:B5:6A:34:62:D4:A0:02:3A:BE:BA:14:04:36:FB:C4:EA:E9:09:E4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 24C0229EB248F78B53DD078B0C535367ADBB4824 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144408.roa Signing time: Wed 04 Mar 2026 06:14:27 +0000 ROA not before: Wed 04 Mar 2026 06:09:27 +0000 ROA not after: Wed 03 Mar 2027 06:14:27 +0000 asID: 144408 IP address blocks: 240a:a6de::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:c0:22:9e:b2:48:f7:8b:53:dd:07:8b:0c:53:53:67:ad:bb:48:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:27 2026 GMT Not After : Mar 3 06:14:27 2027 GMT Subject: CN=1AB56A3462D4A0023ABEBA140436FBC4EAE909E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7f:ad:b8:85:2f:89:b4:37:3f:5e:6d:20:48: eb:d1:80:5f:8a:2a:16:23:9b:53:be:26:e2:06:17: 26:61:11:8f:89:15:10:08:dc:85:cf:7a:94:48:77: 03:2b:a8:11:3d:f7:5f:5a:08:b5:8d:0f:a4:9c:65: 3e:8e:93:6f:b0:a8:77:c0:9d:99:8c:d5:5f:6d:d6: f9:2a:31:1a:0a:75:2c:f4:fc:59:ee:f8:ac:3c:a2: f8:4f:c4:a9:6e:24:54:c3:4f:ab:ca:99:cd:30:bf: 37:f9:0a:67:52:ec:e7:ab:75:49:15:62:04:a5:96: 46:9a:4e:22:0a:90:2d:f3:14:c1:32:2b:42:30:15: 71:cd:19:b8:ea:50:d2:5b:68:6a:07:6e:16:39:36: fb:a3:9d:71:ac:fd:78:fb:49:cb:cd:d7:91:72:5d: c9:5e:97:a7:93:f9:aa:cb:0d:94:d8:a3:37:d6:1a: b1:65:dd:41:fa:c8:1a:67:12:1a:bf:6e:4c:4e:c7: 38:c3:62:86:01:95:8f:99:a1:af:c7:5d:f1:a8:a5: 3d:17:3a:e0:c1:dc:df:89:fc:c6:81:5c:20:cc:1c: 7b:6f:63:e6:01:0b:f8:62:8b:95:73:6b:6e:79:cf: a7:15:02:ac:b1:26:1a:a8:e7:72:1c:19:fc:12:2e: 37:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:B5:6A:34:62:D4:A0:02:3A:BE:BA:14:04:36:FB:C4:EA:E9:09:E4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144408.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6de::/32 Signature Algorithm: sha256WithRSAEncryption 38:48:f1:64:f1:69:bf:53:1a:1c:91:15:17:87:b6:2d:33:1d: 42:5b:59:31:34:d8:0a:b9:ec:21:b8:ca:7e:f3:10:cc:53:50: 29:f8:94:df:ed:56:af:2e:02:e0:7f:00:aa:4c:06:f9:4f:1c: 17:94:6b:d9:14:eb:a2:14:55:aa:91:f1:a4:9f:33:ef:8e:ee: 2d:79:e6:f7:e4:f6:94:02:34:1f:a9:e6:8d:1c:f8:3c:3c:21: f2:c9:78:67:5a:42:33:25:a2:7d:13:23:da:b8:65:6b:37:fe: 16:89:a2:29:6c:fb:76:a0:90:1f:f6:38:05:54:9d:72:b4:90: bc:03:31:fb:41:b3:6c:bd:20:3a:c4:3b:4a:bd:d0:9a:4f:07: 40:24:a2:f0:66:91:29:bd:07:26:db:5f:18:ff:62:32:7d:e8: b6:5c:6f:a8:98:c6:05:1a:0f:68:f4:c3:b4:42:f3:2f:11:84: f3:40:2d:0a:7c:2a:44:e3:bd:41:38:e0:26:35:c9:3e:ec:bd: b7:f0:fc:c4:f3:36:c5:21:e7:e8:f9:67:1e:72:e4:3b:45:4a: ed:0b:19:3f:22:c7:35:f8:38:be:49:7f:73:bb:01:d0:4e:24: ea:6f:d2:75:a6:1b:43:d4:b6:41:33:72:1d:84:16:e4:8b:e0: e9:63:f9:58 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJMAinrJI94tT3QeLDFNTZ627SCQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyN1oX DTI3MDMwMzA2MTQyN1owMzExMC8GA1UEAxMoMUFCNTZBMzQ2MkQ0QTAwMjNBQkVC QTE0MDQzNkZCQzRFQUU5MDlFNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1/rbiFL4m0Nz9ebSBI69GAX4oqFiObU74m4gYXJmERj4kVEAjchc96lEh3 AyuoET33X1oItY0PpJxlPo6Tb7Cod8CdmYzVX23W+SoxGgp1LPT8We74rDyi+E/E qW4kVMNPq8qZzTC/N/kKZ1Ls56t1SRViBKWWRppOIgqQLfMUwTIrQjAVcc0ZuOpQ 0ltoagduFjk2+6Odcaz9ePtJy83XkXJdyV6Xp5P5qssNlNijN9YasWXdQfrIGmcS Gr9uTE7HOMNihgGVj5mhr8dd8ailPRc64MHc34n8xoFcIMwce29j5gEL+GKLlXNr bnnPpxUCrLEmGqjnchwZ/BIuN/UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQatWo0 YtSgAjq+uhQENvvE6ukJ5DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pt4wDQYJKoZIhvcNAQELBQADggEBADhI8WTxab9TGhyRFReHti0zHUJbWTE02Aq5 7CG4yn7zEMxTUCn4lN/tVq8uAuB/AKpMBvlPHBeUa9kU66IUVaqR8aSfM++O7i15 5vfk9pQCNB+p5o0c+Dw8IfLJeGdaQjMlon0TI9q4ZWs3/haJoils+3agkB/2OAVU nXK0kLwDMftBs2y9IDrEO0q90JpPB0AkovBmkSm9BybbXxj/YjJ96LZcb6iYxgUa D2j0w7RC8y8RhPNALQp8KkTjvUE44CY1yT7svbfw/MTzNsUh5+j5Zx5y5DtFSu0L GT8ixzX4OL5Jf3O7AdBOJOpv0nWmG0PUtkEzch2EFuSL4Olj+Vg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:43 2026 by rpki-client