$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144457.roa File: AS144457.roa (raw, json) Hash identifier: AyL8YiWm6l9ONPZbhyP6XcX3YPUEnPlob84c7F01jYc= Subject key identifier: 39:24:DC:E1:6C:8C:45:10:3E:3B:A4:86:E5:38:5B:2B:85:A6:30:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1BE24AA9DD9F3BB1E9D8BCDB5C169226860020F1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144457.roa Signing time: Wed 04 Mar 2026 06:14:46 +0000 ROA not before: Wed 04 Mar 2026 06:09:46 +0000 ROA not after: Wed 03 Mar 2027 06:14:46 +0000 asID: 144457 IP address blocks: 240a:a70f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:e2:4a:a9:dd:9f:3b:b1:e9:d8:bc:db:5c:16:92:26:86:00:20:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:46 2026 GMT Not After : Mar 3 06:14:46 2027 GMT Subject: CN=3924DCE16C8C45103E3BA486E5385B2B85A63034 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:f1:68:1a:17:b1:82:8e:7f:41:4d:1d:4f:85: 0b:09:da:6b:4a:d9:28:fe:d7:35:0f:28:f9:a5:31: 1d:ab:69:19:52:ce:59:96:62:7b:ed:29:b6:6b:f7: e3:4a:7d:49:99:be:e4:7c:39:30:1b:38:10:be:79: 51:2f:d1:75:77:c8:bc:2c:5c:c8:79:b5:c7:c1:76: e5:0d:e2:f5:82:3e:ca:d9:d7:be:fe:5d:65:9f:15: 9d:63:63:50:f7:36:21:e6:d3:34:94:d2:fc:35:b2: b1:6f:10:a4:9c:c8:8f:0a:fa:a2:b7:2d:6f:64:06: ce:2a:34:00:29:e0:11:f2:96:6d:45:e9:4f:79:af: c1:a4:83:93:1b:f5:e8:b2:88:d3:48:11:2c:7f:5d: 7b:29:3e:4b:42:6c:8d:c2:da:3f:cc:69:b2:3b:97: 2d:75:83:ce:d7:fd:80:d5:20:a1:2f:56:b0:0c:f1: 95:1d:f5:61:80:3d:22:23:41:86:2a:f8:c8:eb:ee: 7f:1e:5b:65:85:4b:9c:6e:23:d5:19:da:84:34:b2: db:c1:a3:ee:16:7b:ad:d6:20:b8:2d:98:6a:94:fe: 50:47:0f:29:19:7b:c5:ed:1f:80:69:66:60:cb:d0: 43:ff:86:a0:61:ec:1e:c3:c0:9f:b9:79:2e:6e:c4: 30:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:24:DC:E1:6C:8C:45:10:3E:3B:A4:86:E5:38:5B:2B:85:A6:30:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144457.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a70f::/32 Signature Algorithm: sha256WithRSAEncryption 3c:94:dc:f0:b7:01:af:da:3b:6b:ea:e7:47:1f:59:1a:8e:a3: 72:7f:5e:4a:62:c8:ad:4c:99:55:a2:cc:b0:eb:65:8c:9f:db: b5:86:8b:9d:28:f9:f5:cc:a3:ed:73:0f:da:cd:25:b7:fc:93: 6e:54:35:c9:a1:6c:22:bc:f0:b0:55:6f:95:90:41:d0:d4:d5: 1e:38:99:60:88:0a:83:8b:53:11:b0:b1:96:e3:0f:1e:41:12: 88:a1:8a:43:96:f6:23:e5:e5:f2:33:90:e0:c8:19:54:97:4c: 58:1c:c7:c2:5f:52:08:a9:c5:f2:a8:cf:46:9c:6c:06:86:12: 52:fa:fd:88:e0:7d:21:32:3b:92:ce:c1:02:77:16:a2:18:db: c0:31:91:5f:49:af:93:ec:89:a3:42:6a:5e:52:a6:17:74:c1: 21:54:22:b7:72:b3:40:a4:27:84:5f:09:f2:32:fe:aa:8d:77: e0:82:7d:09:a1:a8:80:6d:0e:dc:19:72:82:e5:ec:18:b3:26: ca:0f:46:00:e7:11:fe:fb:d8:53:98:6f:dc:5e:98:25:5a:72: db:e7:3b:b3:77:d0:49:e0:ed:95:65:be:a2:35:3c:2a:d2:42: bb:2b:4b:4f:55:8c:d8:d6:9c:24:65:85:09:2c:63:79:8c:d1: 24:30:32:58 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG+JKqd2fO7Hp2LzbXBaSJoYAIPEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk0NloX DTI3MDMwMzA2MTQ0NlowMzExMC8GA1UEAxMoMzkyNERDRTE2QzhDNDUxMDNFM0JB NDg2RTUzODVCMkI4NUE2MzAzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANXxaBoXsYKOf0FNHU+FCwnaa0rZKP7XNQ8o+aUxHatpGVLOWZZie+0ptmv3 40p9SZm+5Hw5MBs4EL55US/RdXfIvCxcyHm1x8F25Q3i9YI+ytnXvv5dZZ8VnWNj UPc2IebTNJTS/DWysW8QpJzIjwr6orctb2QGzio0ACngEfKWbUXpT3mvwaSDkxv1 6LKI00gRLH9deyk+S0JsjcLaP8xpsjuXLXWDztf9gNUgoS9WsAzxlR31YYA9IiNB hir4yOvufx5bZYVLnG4j1RnahDSy28Gj7hZ7rdYguC2YapT+UEcPKRl7xe0fgGlm YMvQQ/+GoGHsHsPAn7l5Lm7EMEUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ5JNzh bIxFED47pIblOFsrhaYwNDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQ1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pw8wDQYJKoZIhvcNAQELBQADggEBADyU3PC3Aa/aO2vq50cfWRqOo3J/XkpiyK1M mVWizLDrZYyf27WGi50o+fXMo+1zD9rNJbf8k25UNcmhbCK88LBVb5WQQdDU1R44 mWCICoOLUxGwsZbjDx5BEoihikOW9iPl5fIzkODIGVSXTFgcx8JfUgipxfKoz0ac bAaGElL6/YjgfSEyO5LOwQJ3FqIY28AxkV9Jr5PsiaNCal5Sphd0wSFUIrdys0Ck J4RfCfIy/qqNd+CCfQmhqIBtDtwZcoLl7BizJsoPRgDnEf772FOYb9xemCVactvn O7N30Eng7ZVlvqI1PCrSQrsrS09VjNjWnCRlhQksY3mM0SQwMlg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:07 2026 by rpki-client