$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144421.roa File: AS144421.roa (raw, json) Hash identifier: vRxIwW9AHYpG6l5FUXW6cBP2RGCBLoiBlEPrVTEd0N4= Subject key identifier: DB:E7:F5:BA:22:5B:49:2D:89:6A:85:33:6B:E5:0E:2F:8B:90:89:B6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1F66DF757CD9EE557570F71F1C47242CB27EAAE6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144421.roa Signing time: Wed 04 Mar 2026 06:14:25 +0000 ROA not before: Wed 04 Mar 2026 06:09:25 +0000 ROA not after: Wed 03 Mar 2027 06:14:25 +0000 asID: 144421 IP address blocks: 240a:a6eb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:66:df:75:7c:d9:ee:55:75:70:f7:1f:1c:47:24:2c:b2:7e:aa:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:25 2026 GMT Not After : Mar 3 06:14:25 2027 GMT Subject: CN=DBE7F5BA225B492D896A85336BE50E2F8B9089B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:0f:0a:3e:fc:71:f6:ec:f6:41:f6:9e:42:81: f7:58:4d:86:6b:66:2b:f9:db:bb:fe:32:b6:8d:75: 39:96:bb:17:cb:47:71:af:0f:e7:dc:45:86:88:9a: c3:6a:0f:25:e2:65:07:cd:cd:5b:33:2c:70:f0:df: 41:1b:d6:0f:66:38:ea:e8:f5:b6:29:5f:c0:d1:d3: 07:40:fd:24:05:1c:e1:12:0b:6f:ca:91:c0:45:c1: 55:f1:26:13:69:64:9c:3d:6d:3a:55:23:e3:f3:b9: 48:52:a6:e2:73:39:78:ca:b4:d0:d2:bd:6a:47:01: 85:88:eb:ca:c2:0e:eb:11:72:d3:42:de:c3:9c:b4: 25:0d:dc:7e:2f:68:af:f1:2f:31:92:e0:8b:f9:49: 2a:48:c7:3d:93:e0:d1:6f:94:54:79:fb:4c:37:d3: ff:65:21:b9:30:64:53:e2:2d:80:76:ef:a8:28:b6: 36:94:e3:b0:a1:c6:b7:bf:2c:15:74:ee:36:d7:e5: 23:6f:8b:b9:62:f8:6e:e6:f5:3a:56:c1:3d:22:c3: e2:97:f1:f4:af:da:29:60:cf:d0:f2:82:54:c3:65: 46:7b:c1:bd:13:29:77:33:97:dd:86:a5:c5:e4:0e: 5f:27:06:85:10:43:ac:a1:2a:c7:2d:ae:6f:ee:cc: a0:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:E7:F5:BA:22:5B:49:2D:89:6A:85:33:6B:E5:0E:2F:8B:90:89:B6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144421.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6eb::/32 Signature Algorithm: sha256WithRSAEncryption a8:10:ec:6f:41:49:2d:fd:84:30:fa:5e:b1:37:f7:ef:c9:eb: 63:40:79:6e:44:66:7e:64:cb:ee:3b:cb:75:20:5c:f1:80:af: c7:99:6a:65:6b:4d:95:c2:d6:ed:a8:a8:54:4f:37:c3:cc:9b: 7a:9d:cd:9c:75:cf:67:6f:fa:a4:24:46:69:c7:01:5b:87:dd: ab:1c:da:6f:a2:28:22:62:b6:53:d1:f1:f5:c3:48:db:2c:95: 62:03:27:69:af:7b:16:91:10:75:44:f7:c6:1e:6f:5d:d0:a5: d3:60:99:66:d2:67:67:fe:e7:e6:e8:b2:1c:1a:7b:e7:9f:11: de:d5:03:35:cd:38:13:34:26:08:2c:24:35:f2:97:46:38:24: 85:b4:01:0d:59:9c:86:0f:c0:e2:e1:ac:c2:34:ee:a6:60:55: c3:01:9b:1c:0d:1e:35:97:16:04:16:cb:f5:7b:e9:8c:80:06: ef:22:4f:1c:b9:68:89:21:04:3d:a4:27:1f:5b:39:1f:8a:de: b8:65:db:14:f1:9e:87:9b:83:f2:3c:ca:6d:02:8a:13:8d:70: 86:46:63:10:7d:be:52:01:51:35:a1:58:9f:af:4e:fd:95:a2: 17:7c:30:61:3d:53:0c:5d:02:66:92:02:f9:b2:1d:4a:70:af: 4e:41:7a:28 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUH2bfdXzZ7lV1cPcfHEckLLJ+quYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyNVoX DTI3MDMwMzA2MTQyNVowMzExMC8GA1UEAxMoREJFN0Y1QkEyMjVCNDkyRDg5NkE4 NTMzNkJFNTBFMkY4QjkwODlCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMIPCj78cfbs9kH2nkKB91hNhmtmK/nbu/4yto11OZa7F8tHca8P59xFhoia w2oPJeJlB83NWzMscPDfQRvWD2Y46uj1tilfwNHTB0D9JAUc4RILb8qRwEXBVfEm E2lknD1tOlUj4/O5SFKm4nM5eMq00NK9akcBhYjrysIO6xFy00Lew5y0JQ3cfi9o r/EvMZLgi/lJKkjHPZPg0W+UVHn7TDfT/2UhuTBkU+ItgHbvqCi2NpTjsKHGt78s FXTuNtflI2+LuWL4bub1OlbBPSLD4pfx9K/aKWDP0PKCVMNlRnvBvRMpdzOX3Yal xeQOXycGhRBDrKEqxy2ub+7MoEUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTb5/W6 IltJLYlqhTNr5Q4vi5CJtjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK puswDQYJKoZIhvcNAQELBQADggEBAKgQ7G9BSS39hDD6XrE39+/J62NAeW5EZn5k y+47y3UgXPGAr8eZamVrTZXC1u2oqFRPN8PMm3qdzZx1z2dv+qQkRmnHAVuH3asc 2m+iKCJitlPR8fXDSNsslWIDJ2mvexaREHVE98Yeb13QpdNgmWbSZ2f+5+boshwa e+efEd7VAzXNOBM0JggsJDXyl0Y4JIW0AQ1ZnIYPwOLhrMI07qZgVcMBmxwNHjWX FgQWy/V76YyABu8iTxy5aIkhBD2kJx9bOR+K3rhl2xTxnoebg/I8ym0CihONcIZG YxB9vlIBUTWhWJ+vTv2Vohd8MGE9UwxdAmaSAvmyHUpwr05Beig= -----END CERTIFICATE-----Generated at Sat Mar 28 13:12:52 2026 by rpki-client