$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144474.roa File: AS144474.roa (raw, json) Hash identifier: RKyxFfAjG7Xbh/VE7ruRO+BrXgAHWSEW07DUa/r8xd4= Subject key identifier: C4:39:41:28:BB:B4:99:54:F9:12:84:9C:4C:BB:7A:50:0D:4A:D6:7C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 691F0F15C7E36E044C2FA02D85A2AC5C42D6FD2D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144474.roa Signing time: Wed 04 Mar 2026 06:14:07 +0000 ROA not before: Wed 04 Mar 2026 06:09:07 +0000 ROA not after: Wed 03 Mar 2027 06:14:07 +0000 asID: 144474 IP address blocks: 240a:a720::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:1f:0f:15:c7:e3:6e:04:4c:2f:a0:2d:85:a2:ac:5c:42:d6:fd:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:07 2026 GMT Not After : Mar 3 06:14:07 2027 GMT Subject: CN=C4394128BBB49954F912849C4CBB7A500D4AD67C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a2:9c:86:b6:45:fd:65:b1:3e:63:44:30:23: 01:70:d5:93:9b:83:55:57:08:59:3a:e5:3a:4d:98: 57:04:76:22:3a:84:52:e7:ed:b5:a9:e5:57:0d:81: 76:96:9e:c6:13:01:c9:76:9e:f0:e2:d1:f0:bf:22: c5:1d:fd:98:22:4d:bb:b5:9a:cf:15:10:b7:e1:d1: d9:16:6e:f1:25:b4:1a:e7:2c:16:c8:f3:99:fe:7d: c4:32:56:69:58:77:cc:23:27:28:f2:38:4c:4d:25: 14:4f:15:07:94:0e:6c:ed:7f:de:53:90:f2:2d:e9: 40:4a:1f:0c:91:04:2f:27:02:c7:75:8d:df:cc:65: 22:dd:fb:d2:4a:79:a8:ee:c3:2e:ae:8a:a6:eb:5c: 94:70:8a:ce:d4:fc:67:22:42:15:3b:57:5c:f5:27: 95:d3:8b:65:4a:cf:37:21:92:49:1b:52:de:ad:33: 1c:dc:b7:b9:61:d7:13:9d:cf:fc:f9:c4:64:e6:ec: 2c:39:45:c1:c7:6f:9a:f4:7a:09:60:b9:2b:46:1b: 80:e1:7f:35:ac:98:13:c6:ef:b0:e7:ab:c5:68:3b: 6f:92:38:28:6e:b6:9f:45:73:70:14:b7:cb:b6:7a: df:3e:43:47:33:46:c3:7a:88:a5:9d:4b:ca:f2:ed: 17:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:39:41:28:BB:B4:99:54:F9:12:84:9C:4C:BB:7A:50:0D:4A:D6:7C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144474.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a720::/32 Signature Algorithm: sha256WithRSAEncryption 3e:b5:f3:44:ad:e0:c5:3c:64:2d:a1:a1:3a:b7:94:53:d6:b5: 48:5b:8c:ce:fe:d5:cd:34:a5:20:73:a7:ad:87:d8:eb:7f:a8: 12:36:9b:55:39:56:04:af:af:31:ce:0e:ae:75:9a:77:8b:ac: 78:b5:7e:35:2d:32:0c:a2:5f:53:b4:3f:06:5b:a7:05:e3:d3: 75:08:7c:b1:ac:58:8d:45:5c:3b:ee:76:cb:52:a8:5f:85:ba: 88:67:7a:1f:66:34:cc:58:7a:be:20:8a:f7:1a:7e:76:13:7e: 3a:3d:96:2b:6f:e4:ab:76:d2:6f:a4:bf:d9:29:04:aa:b6:84: 3e:b4:38:43:5b:ce:63:69:19:b4:86:11:85:ca:f7:be:2d:e7: 10:3c:f3:f9:6a:ff:01:93:f7:5c:ff:d8:bb:4a:1a:d3:fd:f0: b1:a1:b3:bc:fa:be:3f:99:7f:2d:4e:6b:1e:45:ca:e2:03:d8: 45:25:2e:a0:66:f7:72:ea:19:16:5f:18:0e:2c:ed:7d:6e:80: df:1e:bb:86:0f:bd:a6:19:f2:91:55:31:0c:7f:e9:8d:1a:30: b1:8d:73:f7:49:88:49:da:56:70:77:91:55:e3:b0:a7:1b:36: ce:d5:a6:8e:bc:1a:57:7e:46:f6:a0:5e:71:18:31:31:e8:7b: 1f:92:73:b6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaR8PFcfjbgRML6AthaKsXELW/S0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwN1oX DTI3MDMwMzA2MTQwN1owMzExMC8GA1UEAxMoQzQzOTQxMjhCQkI0OTk1NEY5MTI4 NDlDNENCQjdBNTAwRDRBRDY3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMyinIa2Rf1lsT5jRDAjAXDVk5uDVVcIWTrlOk2YVwR2IjqEUufttanlVw2B dpaexhMByXae8OLR8L8ixR39mCJNu7WazxUQt+HR2RZu8SW0GucsFsjzmf59xDJW aVh3zCMnKPI4TE0lFE8VB5QObO1/3lOQ8i3pQEofDJEELycCx3WN38xlIt370kp5 qO7DLq6KputclHCKztT8ZyJCFTtXXPUnldOLZUrPNyGSSRtS3q0zHNy3uWHXE53P /PnEZObsLDlFwcdvmvR6CWC5K0YbgOF/NayYE8bvsOerxWg7b5I4KG62n0VzcBS3 y7Z63z5DRzNGw3qIpZ1LyvLtF3cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTEOUEo u7SZVPkShJxMu3pQDUrWfDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQ3NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pyAwDQYJKoZIhvcNAQELBQADggEBAD6180St4MU8ZC2hoTq3lFPWtUhbjM7+1c00 pSBzp62H2Ot/qBI2m1U5VgSvrzHODq51mneLrHi1fjUtMgyiX1O0PwZbpwXj03UI fLGsWI1FXDvudstSqF+Fuohneh9mNMxYer4givcafnYTfjo9litv5Kt20m+kv9kp BKq2hD60OENbzmNpGbSGEYXK974t5xA88/lq/wGT91z/2LtKGtP98LGhs7z6vj+Z fy1Oax5FyuID2EUlLqBm93LqGRZfGA4s7X1ugN8eu4YPvaYZ8pFVMQx/6Y0aMLGN c/dJiEnaVnB3kVXjsKcbNs7Vpo68Gld+RvagXnEYMTHoex+Sc7Y= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:05 2026 by rpki-client