$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144668.roa File: AS144668.roa (raw, json) Hash identifier: Lp0BClMUfCk/vY/CVZLv2R1udJJfGiohNyhVqm3OjRw= Subject key identifier: 3F:C3:65:E3:38:C3:56:74:1A:2C:AF:23:6F:38:6D:1B:CC:6B:B8:B8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 104E5F76625F166950D8BE866197736A7C447E4A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144668.roa Signing time: Wed 04 Mar 2026 06:19:19 +0000 ROA not before: Wed 04 Mar 2026 06:14:19 +0000 ROA not after: Wed 03 Mar 2027 06:19:19 +0000 asID: 144668 IP address blocks: 240a:a7e2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:4e:5f:76:62:5f:16:69:50:d8:be:86:61:97:73:6a:7c:44:7e:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:19 2026 GMT Not After : Mar 3 06:19:19 2027 GMT Subject: CN=3FC365E338C356741A2CAF236F386D1BCC6BB8B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:a6:4a:ae:39:d2:2d:42:55:8c:4b:d4:25:bc: f0:bd:ab:22:59:7a:0a:57:cf:ac:85:8c:7a:88:64: 80:d7:a2:2c:a9:1d:d0:47:e4:bc:2c:f8:3e:a2:f5: e7:89:2f:2a:06:a6:e5:b7:70:6d:0b:32:3f:76:f7: 98:50:40:c8:f5:e1:6a:bb:2b:df:ee:47:f9:16:21: 40:b0:b9:f3:5e:3f:ba:9a:57:42:a2:41:3a:5f:ce: fc:60:c0:82:4e:a0:09:f1:7e:de:1b:76:42:85:e4: 47:f7:9e:20:e8:2c:67:e9:96:c9:9b:4b:fb:ca:a6: dc:aa:04:4f:bb:04:44:80:70:98:85:9e:8f:19:c5: 84:b5:2a:66:ed:b6:61:ef:61:28:99:87:09:78:e9: 26:13:1d:01:a5:a4:5a:3a:7d:3e:f4:49:f7:d4:ff: 1b:ea:15:c4:19:e7:3f:3c:a4:cf:d9:56:27:fc:c7: 79:70:08:45:f5:4f:2e:23:bb:ed:9a:df:7a:d7:39: a8:0f:54:92:cb:29:d2:4a:93:3c:88:0a:c6:67:20: e0:01:48:b4:4f:e5:df:65:de:47:50:21:50:92:e2: 80:eb:d4:78:1c:f5:6e:97:09:05:99:21:d3:38:56: 65:f9:0f:20:91:89:bc:02:bd:32:73:df:af:c0:ad: d0:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:C3:65:E3:38:C3:56:74:1A:2C:AF:23:6F:38:6D:1B:CC:6B:B8:B8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144668.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7e2::/32 Signature Algorithm: sha256WithRSAEncryption 7d:7c:6d:8f:8b:1b:3d:d0:5b:6b:44:af:ab:e0:58:9e:40:ce: 40:34:b3:b3:d1:42:ab:e2:5f:23:8e:3a:d7:82:0c:af:31:59: 62:28:28:1e:11:c1:e5:03:77:5e:7f:81:37:30:f4:2a:02:b5: 6d:9f:2b:95:88:f6:b1:0d:7b:d4:15:fd:6d:fb:d3:1b:91:42: c0:8c:b3:92:35:1c:7e:23:1a:3b:03:95:6e:4a:c7:99:7d:25: 45:be:d6:08:53:57:6e:fd:5d:6d:6f:2f:5c:e4:17:7d:1c:05: 8e:7f:71:6f:e4:db:0d:49:2d:cb:eb:1e:40:2f:bf:81:78:34: 61:3d:af:c1:01:af:20:7a:a1:d9:37:21:28:db:bb:32:d8:9c: fb:d3:c4:93:0a:99:1c:ef:8a:7f:3a:c7:a7:36:d3:ff:8c:e3: d8:eb:16:4c:b3:8a:da:f5:9d:78:a2:1b:41:f5:01:5c:32:c0: 32:49:1f:5e:e3:3c:3a:61:67:34:95:86:fe:fe:c2:c2:12:06: c9:c7:07:17:52:0e:f6:1b:c5:fc:8b:b9:65:9e:1f:e6:6c:9b: a7:58:2e:fa:dc:4a:20:cf:2a:b1:29:bd:04:a5:7f:82:61:91: 9c:02:01:39:7a:95:19:cb:75:d2:54:8f:77:ef:1d:64:cd:f7: 87:32:90:5f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEE5fdmJfFmlQ2L6GYZdzanxEfkowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQxOVoX DTI3MDMwMzA2MTkxOVowMzExMC8GA1UEAxMoM0ZDMzY1RTMzOEMzNTY3NDFBMkNB RjIzNkYzODZEMUJDQzZCQjhCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJimSq450i1CVYxL1CW88L2rIll6ClfPrIWMeohkgNeiLKkd0EfkvCz4PqL1 54kvKgam5bdwbQsyP3b3mFBAyPXharsr3+5H+RYhQLC5814/uppXQqJBOl/O/GDA gk6gCfF+3ht2QoXkR/eeIOgsZ+mWyZtL+8qm3KoET7sERIBwmIWejxnFhLUqZu22 Ye9hKJmHCXjpJhMdAaWkWjp9PvRJ99T/G+oVxBnnPzykz9lWJ/zHeXAIRfVPLiO7 7Zrfetc5qA9Ukssp0kqTPIgKxmcg4AFItE/l32XeR1AhUJLigOvUeBz1bpcJBZkh 0zhWZfkPIJGJvAK9MnPfr8Ct0I8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ/w2Xj OMNWdBosryNvOG0bzGu4uDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p+IwDQYJKoZIhvcNAQELBQADggEBAH18bY+LGz3QW2tEr6vgWJ5AzkA0s7PRQqvi XyOOOteCDK8xWWIoKB4RweUDd15/gTcw9CoCtW2fK5WI9rENe9QV/W370xuRQsCM s5I1HH4jGjsDlW5Kx5l9JUW+1ghTV279XW1vL1zkF30cBY5/cW/k2w1JLcvrHkAv v4F4NGE9r8EBryB6odk3ISjbuzLYnPvTxJMKmRzvin86x6c20/+M49jrFkyzitr1 nXiiG0H1AVwywDJJH17jPDphZzSVhv7+wsISBsnHBxdSDvYbxfyLuWWeH+Zsm6dY LvrcSiDPKrEpvQSlf4JhkZwCATl6lRnLddJUj3fvHWTN94cykF8= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:20 2026 by rpki-client