$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144713.roa File: AS144713.roa (raw, json) Hash identifier: PZz7AjPJGhEJJ5UTwIvL2FiMc4wM8uFxwxFqtLYqzyo= Subject key identifier: 3D:4E:1B:4B:9A:F6:1A:87:E7:46:4D:5F:33:D9:6D:9D:67:74:48:28 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2FA76683960AAB8A8929BE0C50855EB58377F169 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144713.roa Signing time: Wed 04 Mar 2026 06:21:50 +0000 ROA not before: Wed 04 Mar 2026 06:16:50 +0000 ROA not after: Wed 03 Mar 2027 06:21:50 +0000 asID: 144713 IP address blocks: 240a:a80f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:a7:66:83:96:0a:ab:8a:89:29:be:0c:50:85:5e:b5:83:77:f1:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:50 2026 GMT Not After : Mar 3 06:21:50 2027 GMT Subject: CN=3D4E1B4B9AF61A87E7464D5F33D96D9D67744828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:af:ca:7c:04:3a:7e:85:cb:41:ff:01:e8:f4: 66:a8:7d:b7:69:f2:a7:7f:ea:4d:66:4c:e3:05:4c: bd:3a:60:31:22:73:07:8e:d6:b3:a7:11:43:ea:54: ce:a5:0d:39:32:4d:27:3c:26:48:f6:1a:a6:9f:94: 63:e7:fd:e2:08:95:f8:af:98:e9:63:b8:4a:66:ab: 0a:b1:6b:9c:0a:10:68:6c:06:8c:fa:4b:aa:80:55: 75:2b:11:fd:79:48:14:d2:0a:57:a4:d2:44:68:74: 5a:02:75:06:01:b2:be:f9:3b:7b:df:d3:e1:7b:92: fe:98:10:16:17:12:85:03:2a:01:25:ed:ce:b6:ef: d5:5e:df:34:54:f1:a1:d9:48:e8:b0:50:71:6f:73: 16:3c:da:18:29:3a:c6:9a:cd:d3:b4:70:fe:9d:23: 81:b5:78:21:42:91:54:9e:0f:fc:63:48:d5:53:54: 45:0d:85:96:11:35:63:da:74:a9:89:59:f8:49:20: 9d:79:d1:21:30:87:ed:33:ea:0b:ad:20:a2:6b:a7: aa:a6:14:db:40:43:9b:63:bd:78:55:72:78:91:f3: 9d:3e:f4:78:af:c1:c3:73:b7:7b:f9:30:be:e4:29: 80:57:fb:6c:d2:90:c4:09:af:17:3a:a0:31:e2:65: 32:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:4E:1B:4B:9A:F6:1A:87:E7:46:4D:5F:33:D9:6D:9D:67:74:48:28 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144713.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a80f::/32 Signature Algorithm: sha256WithRSAEncryption 91:5a:f4:c5:94:f2:ed:f7:83:64:51:bc:37:a5:36:10:32:7b: da:b1:7f:a5:65:92:50:84:06:67:be:96:f5:3a:c9:e8:aa:8f: 30:d6:f4:50:07:08:59:c4:cf:b3:82:f3:3b:41:35:0e:bc:6f: 4a:89:d1:34:cf:ee:f3:eb:3d:79:0c:7d:b1:5a:b5:80:6e:61: 37:d4:c1:13:6a:c7:e1:43:84:d2:87:41:db:3f:23:63:89:71: c6:57:d5:30:43:62:f3:2e:1d:98:f7:e4:d2:fb:82:f9:73:74: 9b:9f:94:45:c8:0e:c8:cb:1f:58:8e:54:f7:8a:3c:89:81:88: 8b:ab:b7:59:f9:97:2e:c2:de:28:2c:61:03:1e:c6:9d:64:60: 60:f4:7f:02:ab:c5:32:d9:c4:6a:56:9d:f5:34:9e:17:06:ae: fb:c8:9e:36:3a:2c:a3:42:11:70:a5:82:87:53:c0:a6:03:4d: 9a:3e:53:8e:d4:aa:0e:1b:d0:44:62:d4:ee:4a:48:ba:35:5c: 27:81:cd:8f:ae:e7:34:04:15:08:4d:db:10:4d:63:ec:0f:5c: 3b:c7:fd:96:4e:fb:e0:18:0c:77:95:a6:3e:b8:aa:11:97:c4: bf:bb:8c:cb:71:c4:8b:57:db:b9:27:bb:66:a5:7e:cd:a8:1e: f7:8d:ed:9a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL6dmg5YKq4qJKb4MUIVetYN38WkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1MFoX DTI3MDMwMzA2MjE1MFowMzExMC8GA1UEAxMoM0Q0RTFCNEI5QUY2MUE4N0U3NDY0 RDVGMzNEOTZEOUQ2Nzc0NDgyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2vynwEOn6Fy0H/Aej0Zqh9t2nyp3/qTWZM4wVMvTpgMSJzB47Ws6cRQ+pU zqUNOTJNJzwmSPYapp+UY+f94giV+K+Y6WO4SmarCrFrnAoQaGwGjPpLqoBVdSsR /XlIFNIKV6TSRGh0WgJ1BgGyvvk7e9/T4XuS/pgQFhcShQMqASXtzrbv1V7fNFTx odlI6LBQcW9zFjzaGCk6xprN07Rw/p0jgbV4IUKRVJ4P/GNI1VNURQ2FlhE1Y9p0 qYlZ+EkgnXnRITCH7TPqC60gomunqqYU20BDm2O9eFVyeJHznT70eK/Bw3O3e/kw vuQpgFf7bNKQxAmvFzqgMeJlMvUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ9ThtL mvYah+dGTV8z2W2dZ3RIKDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDcxMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qA8wDQYJKoZIhvcNAQELBQADggEBAJFa9MWU8u33g2RRvDelNhAye9qxf6VlklCE Bme+lvU6yeiqjzDW9FAHCFnEz7OC8ztBNQ68b0qJ0TTP7vPrPXkMfbFatYBuYTfU wRNqx+FDhNKHQds/I2OJccZX1TBDYvMuHZj35NL7gvlzdJuflEXIDsjLH1iOVPeK PImBiIurt1n5ly7C3igsYQMexp1kYGD0fwKrxTLZxGpWnfU0nhcGrvvInjY6LKNC EXClgodTwKYDTZo+U47Uqg4b0ERi1O5KSLo1XCeBzY+u5zQEFQhN2xBNY+wPXDvH /ZZO++AYDHeVpj64qhGXxL+7jMtxxItX27knu2alfs2oHveN7Zo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:05 2026 by rpki-client