$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144504.roa File: AS144504.roa (raw, json) Hash identifier: 5ajxCoZVqLOOczOnqLc0hsiEKkG6Ha6EDyEJZ0um4uE= Subject key identifier: 33:12:A2:28:05:EC:F7:9E:5C:3B:82:DE:99:E4:A3:82:27:51:07:6B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 37D3B3812ED9D7FCC6D560012E0201F37A0A9BBD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144504.roa Signing time: Wed 04 Mar 2026 06:13:34 +0000 ROA not before: Wed 04 Mar 2026 06:08:34 +0000 ROA not after: Wed 03 Mar 2027 06:13:34 +0000 asID: 144504 IP address blocks: 240a:a73e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:d3:b3:81:2e:d9:d7:fc:c6:d5:60:01:2e:02:01:f3:7a:0a:9b:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:34 2026 GMT Not After : Mar 3 06:13:34 2027 GMT Subject: CN=3312A22805ECF79E5C3B82DE99E4A3822751076B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9a:b3:9b:e8:44:de:a6:96:ba:6f:0c:71:3c: c8:24:96:ff:a9:ce:7f:ae:28:c7:b8:21:ba:4d:e5: e5:1a:83:7c:c7:dc:46:5b:53:ea:6c:96:c7:fc:73: 69:0f:1b:62:05:cb:74:82:e6:9f:37:d9:52:dd:3c: f4:de:94:12:12:6b:54:4d:06:50:0c:c9:bd:92:b4: c8:c1:4a:f2:fa:05:7b:6c:0f:83:e8:9b:5c:d6:e4: 4b:44:c1:c5:6b:cc:d8:00:f2:9f:b5:e2:92:a2:20: 6e:33:1d:ae:4f:0f:63:5d:9c:0f:88:ca:f4:a8:22: 7e:c9:e7:12:ad:61:74:0e:5f:58:cb:f7:d4:ee:83: 56:52:45:f4:f0:7a:5d:94:c6:99:fc:a3:55:0f:35: 5a:ef:17:10:83:1b:d3:36:fd:ff:db:92:d7:54:3b: 6d:f7:36:4a:67:e3:55:07:c0:a4:34:5d:00:f9:5b: a5:96:c1:e5:9f:41:b4:83:fc:c7:bd:75:0a:fd:be: c0:08:38:36:a4:41:b9:95:e1:18:ef:e0:ca:85:77: 74:a1:71:5b:9e:4a:6b:e6:af:34:6d:69:22:8b:22: dd:cc:b5:86:2e:96:e9:23:bf:24:58:0e:b0:70:76: 25:4a:c5:6a:22:3c:ca:c2:7a:0c:81:73:78:19:10: 33:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:12:A2:28:05:EC:F7:9E:5C:3B:82:DE:99:E4:A3:82:27:51:07:6B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144504.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a73e::/32 Signature Algorithm: sha256WithRSAEncryption 07:3e:02:07:1e:cc:7a:1f:d5:18:64:2e:7d:be:5d:30:6e:83: 44:d8:aa:46:88:30:a0:18:8e:2a:7b:fb:cc:eb:47:51:e9:92: ca:9d:8c:19:62:c1:db:49:1a:26:73:3e:7c:3d:cb:02:82:1b: 69:f2:96:51:81:41:a7:2e:fe:d3:9b:a6:e4:ec:25:6c:9a:79: cf:8d:27:56:0d:63:4c:af:2d:64:0a:81:c0:64:67:14:f5:33: 02:0e:9a:8f:34:af:20:06:61:14:39:f3:32:0f:45:30:28:ba: cb:8f:fc:09:5b:09:46:72:cf:dc:c9:4f:26:8a:05:7d:35:12: ba:56:02:9b:a7:86:70:93:7f:89:ee:56:65:5a:af:e8:a5:87: d2:32:4c:ae:1a:06:ad:eb:74:17:99:75:8f:e4:98:4d:30:1b: 8a:45:50:2b:44:c7:f5:e6:35:90:9d:d6:c0:8b:fa:88:12:da: c5:f2:dc:21:fc:f2:5d:69:33:87:1b:52:ff:fa:70:26:a7:ae: 50:b2:3d:a9:e2:2a:01:0e:ed:1e:d0:83:b1:39:3c:af:8c:9f: 43:c3:27:b9:03:3d:de:70:54:44:5b:cd:d9:d8:8d:58:21:ea: 12:7f:5d:d4:d4:2c:6a:ae:c6:6f:b9:fd:93:13:1a:3a:9a:a6: 67:de:bd:82 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUN9OzgS7Z1/zG1WABLgIB83oKm70wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzNFoX DTI3MDMwMzA2MTMzNFowMzExMC8GA1UEAxMoMzMxMkEyMjgwNUVDRjc5RTVDM0I4 MkRFOTlFNEEzODIyNzUxMDc2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+as5voRN6mlrpvDHE8yCSW/6nOf64ox7ghuk3l5RqDfMfcRltT6myWx/xz aQ8bYgXLdILmnzfZUt089N6UEhJrVE0GUAzJvZK0yMFK8voFe2wPg+ibXNbkS0TB xWvM2ADyn7XikqIgbjMdrk8PY12cD4jK9KgifsnnEq1hdA5fWMv31O6DVlJF9PB6 XZTGmfyjVQ81Wu8XEIMb0zb9/9uS11Q7bfc2SmfjVQfApDRdAPlbpZbB5Z9BtIP8 x711Cv2+wAg4NqRBuZXhGO/gyoV3dKFxW55Ka+avNG1pIosi3cy1hi6W6SO/JFgO sHB2JUrFaiI8ysJ6DIFzeBkQM18CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQzEqIo Bez3nlw7gt6Z5KOCJ1EHazAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDUwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pz4wDQYJKoZIhvcNAQELBQADggEBAAc+AgcezHof1RhkLn2+XTBug0TYqkaIMKAY jip7+8zrR1HpksqdjBliwdtJGiZzPnw9ywKCG2nyllGBQacu/tObpuTsJWyaec+N J1YNY0yvLWQKgcBkZxT1MwIOmo80ryAGYRQ58zIPRTAousuP/AlbCUZyz9zJTyaK BX01ErpWApunhnCTf4nuVmVar+ilh9IyTK4aBq3rdBeZdY/kmE0wG4pFUCtEx/Xm NZCd1sCL+ogS2sXy3CH88l1pM4cbUv/6cCanrlCyPaniKgEO7R7Qg7E5PK+Mn0PD J7kDPd5wVERbzdnYjVgh6hJ/XdTULGquxm+5/ZMTGjqapmfevYI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:01 2026 by rpki-client