$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144429.roa File: AS144429.roa (raw, json) Hash identifier: LugmTvSN59hK1+iqiC7WRceMm/63lNSc2cRvxRs0PRQ= Subject key identifier: DD:AD:95:B2:4C:15:17:AF:57:B4:4C:77:52:F0:7B:06:BA:ED:2B:1D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6520EBF757EA04A31C6BA492D87FCB724718B14B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144429.roa Signing time: Wed 04 Mar 2026 06:15:34 +0000 ROA not before: Wed 04 Mar 2026 06:10:34 +0000 ROA not after: Wed 03 Mar 2027 06:15:34 +0000 asID: 144429 IP address blocks: 240a:a6f3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:20:eb:f7:57:ea:04:a3:1c:6b:a4:92:d8:7f:cb:72:47:18:b1:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:34 2026 GMT Not After : Mar 3 06:15:34 2027 GMT Subject: CN=DDAD95B24C1517AF57B44C7752F07B06BAED2B1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:19:6e:84:12:61:78:0c:bb:82:57:fb:59:14: c8:52:c9:c7:5c:bb:d3:90:86:26:47:e8:96:00:c2: a9:a9:33:26:50:92:48:8f:b8:4a:8a:1d:ee:ab:1b: 65:19:bd:cb:0c:68:8a:0a:44:9d:51:03:7c:f3:8a: bc:6b:0a:29:b4:63:e6:ec:2d:c9:02:c6:59:11:3d: 58:9e:47:0a:65:ec:75:d7:0d:67:66:d5:90:3c:7e: 27:4a:99:11:80:99:10:df:5c:6d:14:e6:23:90:3d: bc:f1:5d:e2:89:44:2e:38:0d:ca:72:5c:fa:c1:78: 81:7d:f0:b4:70:cf:e3:53:07:21:78:c7:67:c2:93: 3f:25:7b:c2:1d:32:3b:9b:03:24:8b:69:9b:b4:98: b9:8e:f3:ed:75:05:cf:d5:ce:ca:f1:26:d6:b9:8b: bd:4e:16:5a:54:4c:e8:08:70:1b:01:6b:15:6c:a7: bc:f8:d8:99:ae:61:47:0a:15:33:f9:c4:4a:32:36: ca:fe:df:b2:93:98:cb:8b:66:72:77:9e:46:98:0e: 42:5d:64:a9:de:d5:ad:61:57:a3:d4:37:c9:6d:39: f5:84:20:76:fc:34:c0:cd:b8:49:30:8d:12:6b:e8: c7:81:51:48:81:28:2c:66:f8:09:de:3e:f0:fd:26: f3:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:AD:95:B2:4C:15:17:AF:57:B4:4C:77:52:F0:7B:06:BA:ED:2B:1D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144429.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6f3::/32 Signature Algorithm: sha256WithRSAEncryption 51:35:93:05:57:ff:97:05:9f:19:3c:8e:45:e4:7b:2c:95:0a: 2e:c0:79:d8:51:5e:ca:6f:73:73:17:6a:6d:dd:46:af:86:99: 2a:73:11:21:82:fe:21:b5:c9:5f:3b:ba:1d:60:e8:a5:d8:69: 46:b2:76:2b:f3:13:7a:cc:ba:ab:1a:2c:e3:90:a3:26:27:48: b3:f9:14:7e:64:78:51:14:05:09:e6:d8:0e:33:b9:f7:99:52: 32:fb:c3:a4:8d:43:a6:d5:ad:69:05:44:d3:64:62:f0:8d:38: 3e:f5:99:3e:84:d6:8f:d4:4b:4d:c5:f2:2b:af:e8:53:f6:2a: 3a:5e:77:31:9c:e8:91:5c:67:cd:c7:a7:ef:89:f5:4c:a6:3d: d6:b8:ca:73:d5:cf:93:ec:5b:0c:b2:3f:13:94:6a:e3:6c:ad: 36:26:3b:36:ec:4e:2a:c6:34:86:f1:67:f7:20:84:5d:d8:b9: e1:d9:46:c0:ba:08:f9:b9:67:d4:ea:d8:18:55:f2:94:46:f4: 5f:80:08:dc:06:58:ac:5e:97:da:8f:11:cb:c5:9c:da:4e:fd: d7:f9:9d:85:30:69:05:e3:0f:37:2b:b0:43:38:07:43:2d:7c: 82:28:38:50:e6:3b:16:56:e4:c3:31:2f:c3:ce:a3:9f:26:17: 4d:01:75:cf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZSDr91fqBKMca6SS2H/LckcYsUswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzNFoX DTI3MDMwMzA2MTUzNFowMzExMC8GA1UEAxMoRERBRDk1QjI0QzE1MTdBRjU3QjQ0 Qzc3NTJGMDdCMDZCQUVEMkIxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUZboQSYXgMu4JX+1kUyFLJx1y705CGJkfolgDCqakzJlCSSI+4Sood7qsb ZRm9ywxoigpEnVEDfPOKvGsKKbRj5uwtyQLGWRE9WJ5HCmXsddcNZ2bVkDx+J0qZ EYCZEN9cbRTmI5A9vPFd4olELjgNynJc+sF4gX3wtHDP41MHIXjHZ8KTPyV7wh0y O5sDJItpm7SYuY7z7XUFz9XOyvEm1rmLvU4WWlRM6AhwGwFrFWynvPjYma5hRwoV M/nESjI2yv7fspOYy4tmcneeRpgOQl1kqd7VrWFXo9Q3yW059YQgdvw0wM24STCN Emvox4FRSIEoLGb4Cd4+8P0m85ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTdrZWy TBUXr1e0THdS8HsGuu0rHTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pvMwDQYJKoZIhvcNAQELBQADggEBAFE1kwVX/5cFnxk8jkXkeyyVCi7AedhRXspv c3MXam3dRq+GmSpzESGC/iG1yV87uh1g6KXYaUaydivzE3rMuqsaLOOQoyYnSLP5 FH5keFEUBQnm2A4zufeZUjL7w6SNQ6bVrWkFRNNkYvCNOD71mT6E1o/US03F8iuv 6FP2KjpedzGc6JFcZ83Hp++J9UymPda4ynPVz5PsWwyyPxOUauNsrTYmOzbsTirG NIbxZ/cghF3YueHZRsC6CPm5Z9Tq2BhV8pRG9F+ACNwGWKxel9qPEcvFnNpO/df5 nYUwaQXjDzcrsEM4B0MtfIIoOFDmOxZW5MMxL8POo58mF00Bdc8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:00 2026 by rpki-client