$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144420.roa File: AS144420.roa (raw, json) Hash identifier: hl+GwhbXgr/TptKHMOydgq2mXFbb1DpwuP2f+urkfQ8= Subject key identifier: A9:88:48:61:36:01:EA:3A:F2:6E:A7:4C:7E:6A:DC:A3:24:6A:A9:F2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5F432940DDA95CF6A90AEC70A986EF58E0EA6DAE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144420.roa Signing time: Wed 04 Mar 2026 06:14:45 +0000 ROA not before: Wed 04 Mar 2026 06:09:45 +0000 ROA not after: Wed 03 Mar 2027 06:14:45 +0000 asID: 144420 IP address blocks: 240a:a6ea::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:43:29:40:dd:a9:5c:f6:a9:0a:ec:70:a9:86:ef:58:e0:ea:6d:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:45 2026 GMT Not After : Mar 3 06:14:45 2027 GMT Subject: CN=A98848613601EA3AF26EA74C7E6ADCA3246AA9F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2d:bf:93:61:6e:9e:de:e7:bb:79:7e:f4:ee: d5:03:9c:0c:1d:d4:1e:87:c9:c6:a8:b6:97:85:24: 9c:c8:df:98:95:67:a3:f5:7f:d7:19:65:72:e5:e9: 2e:2b:45:87:3f:0c:95:75:3b:5c:45:b5:6e:17:fa: 85:71:34:27:a4:3c:02:98:43:8c:ae:01:92:30:30: e2:57:91:b0:85:00:e5:cd:05:85:c2:c3:0b:48:23: a7:2a:ed:58:58:23:2a:5a:49:21:3d:06:c9:12:e4: dc:a2:c4:5e:8a:56:06:be:77:93:2f:62:70:e1:00: fc:dc:35:a2:0b:6d:02:29:a5:6d:3c:b1:95:c5:87: 5c:72:6c:26:f6:4f:e7:02:76:ce:d9:96:ed:60:93: d3:95:11:11:80:53:e5:b7:29:d0:ec:e5:0b:ad:12: 9b:a8:dd:d5:b1:2c:03:c2:6f:c0:3e:9c:9b:39:8f: ec:ab:85:07:13:fb:59:e8:fb:db:66:0c:0f:75:59: c3:1a:18:b2:9c:41:62:69:dd:28:02:15:a8:22:40: 9b:91:14:d9:c3:db:50:23:f0:8c:a9:a3:14:9e:62: fd:7c:d3:d3:59:f7:3c:61:a2:5c:32:1e:ba:4f:4b: 21:d2:33:ad:ba:f6:7b:e6:26:3c:9b:e7:42:c4:3e: 5f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:88:48:61:36:01:EA:3A:F2:6E:A7:4C:7E:6A:DC:A3:24:6A:A9:F2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144420.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6ea::/32 Signature Algorithm: sha256WithRSAEncryption b3:95:8a:26:99:ce:8a:98:09:aa:17:ce:2b:8a:a6:61:01:f5: 37:b2:8b:88:86:e1:ef:58:b9:e0:35:67:8b:79:57:62:72:51: f3:75:bc:1f:73:49:cf:30:47:41:be:0a:ef:a6:18:5d:72:f8: 36:0c:f1:1c:75:01:64:56:a5:3c:45:76:09:91:6d:f0:96:91: 61:6c:3a:88:78:eb:03:10:20:fd:56:f7:5e:5e:f0:e6:2b:25: 58:e4:14:59:37:7e:44:ac:d5:d0:fe:f7:f5:0c:cf:81:45:97: 42:2e:c9:a8:b5:37:86:16:d6:64:36:da:69:70:64:30:d2:44: 18:3f:90:0a:5f:c5:2b:03:74:52:45:bc:68:38:89:ab:68:fa: 69:93:77:05:dd:40:a7:33:14:3f:de:27:6f:67:7a:3d:90:c3: 62:f6:16:79:9e:19:a3:6e:5c:e5:c0:7e:b4:16:fc:ec:66:cb: 8e:54:f8:cd:52:26:15:4b:84:c7:33:63:50:62:0c:cf:57:ad: fb:66:c3:e0:f1:e9:bf:78:5b:aa:f1:fa:d6:01:a8:de:ab:85: 38:80:f0:99:c2:99:f7:ad:c4:cd:51:13:4a:ff:f5:25:af:fd: f0:fb:47:45:96:b6:9e:4a:76:ea:4d:c6:bd:09:df:05:14:60: 39:13:87:59 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUX0MpQN2pXPapCuxwqYbvWODqba4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0NVoX DTI3MDMwMzA2MTQ0NVowMzExMC8GA1UEAxMoQTk4ODQ4NjEzNjAxRUEzQUYyNkVB NzRDN0U2QURDQTMyNDZBQTlGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwtv5Nhbp7e57t5fvTu1QOcDB3UHofJxqi2l4UknMjfmJVno/V/1xllcuXp LitFhz8MlXU7XEW1bhf6hXE0J6Q8AphDjK4BkjAw4leRsIUA5c0FhcLDC0gjpyrt WFgjKlpJIT0GyRLk3KLEXopWBr53ky9icOEA/Nw1ogttAimlbTyxlcWHXHJsJvZP 5wJ2ztmW7WCT05UREYBT5bcp0OzlC60Sm6jd1bEsA8JvwD6cmzmP7KuFBxP7Wej7 22YMD3VZwxoYspxBYmndKAIVqCJAm5EU2cPbUCPwjKmjFJ5i/XzT01n3PGGiXDIe uk9LIdIzrbr2e+YmPJvnQsQ+X6kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSpiEhh NgHqOvJup0x+atyjJGqp8jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK puowDQYJKoZIhvcNAQELBQADggEBALOViiaZzoqYCaoXziuKpmEB9Teyi4iG4e9Y ueA1Z4t5V2JyUfN1vB9zSc8wR0G+Cu+mGF1y+DYM8Rx1AWRWpTxFdgmRbfCWkWFs Ooh46wMQIP1W915e8OYrJVjkFFk3fkSs1dD+9/UMz4FFl0Iuyai1N4YW1mQ22mlw ZDDSRBg/kApfxSsDdFJFvGg4iato+mmTdwXdQKczFD/eJ29nej2Qw2L2FnmeGaNu XOXAfrQW/Oxmy45U+M1SJhVLhMczY1BiDM9Xrftmw+Dx6b94W6rx+tYBqN6rhTiA 8JnCmfetxM1RE0r/9SWv/fD7R0WWtp5KdupNxr0J3wUUYDkTh1k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:08 2026 by rpki-client