$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144445.roa File: AS144445.roa (raw, json) Hash identifier: njWOGxHKfrQ+FldcRbCbEYM+Mb2VdDRok0vigEDff4o= Subject key identifier: 43:A2:EE:2A:FA:6A:1C:05:D3:3E:00:19:17:19:65:A8:60:23:38:AC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 36DD7F9EE6684603C77D2F0F9F89DF0B1B0754A3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144445.roa Signing time: Wed 04 Mar 2026 06:14:48 +0000 ROA not before: Wed 04 Mar 2026 06:09:48 +0000 ROA not after: Wed 03 Mar 2027 06:14:48 +0000 asID: 144445 IP address blocks: 240a:a703::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:dd:7f:9e:e6:68:46:03:c7:7d:2f:0f:9f:89:df:0b:1b:07:54:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:48 2026 GMT Not After : Mar 3 06:14:48 2027 GMT Subject: CN=43A2EE2AFA6A1C05D33E0019171965A8602338AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5d:85:fc:df:d7:d8:8d:0e:11:f6:53:ac:4f: 41:36:39:b2:5f:34:25:16:0f:a6:1f:dd:e7:f2:a3: 6f:17:e5:fb:dc:98:b9:52:02:cd:a2:41:34:45:65: d8:4e:d5:94:e6:5c:a0:7d:9e:ac:8e:04:8c:b6:be: 0a:51:aa:e2:6b:9b:20:f2:c4:2c:fc:cd:82:10:92: 59:17:2f:07:b9:5c:64:7c:62:ff:12:cb:04:c0:90: 99:7f:93:b5:d0:cf:38:45:82:82:5f:b9:15:5b:d3: 0f:79:77:47:f4:8d:25:b9:a6:ae:1d:88:a0:5f:0a: f3:cc:1b:3f:72:4d:e3:90:54:14:72:e6:92:18:5d: f9:18:67:1a:9d:a5:42:f8:b7:fb:13:17:46:e5:1a: 5d:32:75:45:82:15:4c:13:cd:71:37:da:31:e6:f2: 55:ef:4b:4b:a5:f9:ae:c4:d0:20:79:c3:73:f1:14: 75:52:09:10:de:e3:7f:c4:df:d7:70:73:90:3b:01: cc:88:07:88:19:ad:ea:9c:3e:9b:89:57:77:0f:b4: 5c:b4:46:70:93:57:8e:85:2a:e1:dc:f4:30:01:1b: c4:e1:ee:3d:d8:61:c9:62:aa:28:c5:5a:2a:55:c5: 35:d2:7a:f8:58:07:a1:05:63:5f:6d:63:4b:a1:83: 9e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:A2:EE:2A:FA:6A:1C:05:D3:3E:00:19:17:19:65:A8:60:23:38:AC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144445.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a703::/32 Signature Algorithm: sha256WithRSAEncryption d8:10:be:64:58:d0:84:bc:50:e5:d3:c2:97:d2:84:44:92:5f: d1:f7:a6:b7:4c:09:e4:fb:08:35:f8:fe:ee:32:d0:b3:6f:df: cc:c3:1c:4e:42:4f:05:ac:d3:25:21:9b:ba:0c:71:ac:64:3f: 31:10:8c:1f:44:aa:46:85:12:a1:37:21:f7:e6:2f:6e:7d:51: 3f:8e:16:c1:e8:24:bf:1f:69:db:8f:e1:9b:f0:16:0f:6d:59: 00:ba:46:94:85:17:b6:00:c5:37:e7:32:8e:0f:63:e7:52:fd: c4:af:d2:1f:e4:a2:96:f7:41:20:3f:d8:ce:50:9b:90:23:c6: c2:2b:be:ea:e5:74:fe:54:67:57:f1:77:66:10:50:cc:26:63: 39:fe:05:b2:3a:a2:8f:19:95:ed:38:2c:96:5f:17:7b:75:5d: bf:6e:96:f7:6c:26:8e:0c:96:49:31:82:73:6e:a8:2c:cc:3e: bf:41:b3:d7:ff:35:66:db:19:29:84:3f:1f:07:5f:b7:43:f9: 8b:81:54:46:a3:37:31:a0:3c:de:5c:08:ae:54:5b:54:74:38: a9:15:8a:0d:e0:f6:4e:cf:2b:14:19:17:82:20:89:13:a8:ad: 02:29:51:7f:09:b2:5d:09:71:1e:2c:4e:48:50:a3:de:ea:03: 47:ee:9b:e3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNt1/nuZoRgPHfS8Pn4nfCxsHVKMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0OFoX DTI3MDMwMzA2MTQ0OFowMzExMC8GA1UEAxMoNDNBMkVFMkFGQTZBMUMwNUQzM0Uw MDE5MTcxOTY1QTg2MDIzMzhBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFdhfzf19iNDhH2U6xPQTY5sl80JRYPph/d5/Kjbxfl+9yYuVICzaJBNEVl 2E7VlOZcoH2erI4EjLa+ClGq4mubIPLELPzNghCSWRcvB7lcZHxi/xLLBMCQmX+T tdDPOEWCgl+5FVvTD3l3R/SNJbmmrh2IoF8K88wbP3JN45BUFHLmkhhd+RhnGp2l Qvi3+xMXRuUaXTJ1RYIVTBPNcTfaMebyVe9LS6X5rsTQIHnDc/EUdVIJEN7jf8Tf 13BzkDsBzIgHiBmt6pw+m4lXdw+0XLRGcJNXjoUq4dz0MAEbxOHuPdhhyWKqKMVa KlXFNdJ6+FgHoQVjX21jS6GDnt8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRDou4q +mocBdM+ABkXGWWoYCM4rDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQ0NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pwMwDQYJKoZIhvcNAQELBQADggEBANgQvmRY0IS8UOXTwpfShESSX9H3prdMCeT7 CDX4/u4y0LNv38zDHE5CTwWs0yUhm7oMcaxkPzEQjB9EqkaFEqE3IffmL259UT+O FsHoJL8faduP4ZvwFg9tWQC6RpSFF7YAxTfnMo4PY+dS/cSv0h/kopb3QSA/2M5Q m5AjxsIrvurldP5UZ1fxd2YQUMwmYzn+BbI6oo8Zle04LJZfF3t1Xb9ulvdsJo4M lkkxgnNuqCzMPr9Bs9f/NWbbGSmEPx8HX7dD+YuBVEajNzGgPN5cCK5UW1R0OKkV ig3g9k7PKxQZF4IgiROorQIpUX8Jsl0JcR4sTkhQo97qA0fum+M= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:41 2026 by rpki-client