$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144006.roa File: AS144006.roa (raw, json) Hash identifier: +H/CfIgP6nncyoe32VcqwC/nkM7Qt9DwRLIa5s+Vfw0= Subject key identifier: 45:8E:FC:5D:15:0B:34:A3:71:C3:FC:DB:2F:F0:2A:9D:85:94:4E:D3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 48D6BCB78EA5089B8AB2072BCC284DEF5C023E3F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144006.roa Signing time: Wed 04 Mar 2026 06:13:10 +0000 ROA not before: Wed 04 Mar 2026 06:08:10 +0000 ROA not after: Wed 03 Mar 2027 06:13:10 +0000 asID: 144006 IP address blocks: 240a:a54c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:d6:bc:b7:8e:a5:08:9b:8a:b2:07:2b:cc:28:4d:ef:5c:02:3e:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:10 2026 GMT Not After : Mar 3 06:13:10 2027 GMT Subject: CN=458EFC5D150B34A371C3FCDB2FF02A9D85944ED3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:76:ee:cf:b8:0e:3d:b4:ec:bd:57:50:6d:67: fa:14:95:3a:dd:62:37:0f:48:53:4a:a9:a9:28:8c: 1e:72:30:9f:b5:9f:86:51:8c:5c:f4:e0:05:fb:5c: 63:f5:d0:15:81:bc:9b:e1:a3:d8:31:fd:11:0b:c6: b6:f6:63:a4:ec:07:c4:de:8f:8b:d7:3f:cb:be:c1: aa:26:16:68:13:6d:cd:32:56:fc:be:0c:c2:9f:11: 77:50:54:16:42:d1:1b:07:f4:62:62:0d:7c:68:55: 8f:76:84:db:00:4f:be:1d:38:df:b2:c3:26:41:39: e5:dd:e8:32:5f:97:f2:cb:95:73:16:c8:b2:06:ea: fd:02:4b:ea:58:24:70:24:4a:f2:89:ed:ca:13:9c: f3:39:87:34:d1:85:1e:49:e7:6f:ab:1c:eb:6b:0f: 6c:23:28:93:70:ec:b8:c1:55:63:58:67:80:0a:5c: aa:a8:a0:8d:77:f5:b3:41:c5:e0:67:55:67:57:06: 61:13:5e:fc:e3:80:ce:00:a1:3f:3a:2c:d5:0f:eb: 1d:1e:05:5e:5f:40:86:24:96:15:1e:90:c0:e5:fe: 5a:84:0f:8c:ef:cc:45:09:87:89:3d:16:ff:59:97: f6:44:ed:46:1a:b9:89:f7:80:64:eb:bc:13:70:20: 98:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:8E:FC:5D:15:0B:34:A3:71:C3:FC:DB:2F:F0:2A:9D:85:94:4E:D3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144006.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a54c::/32 Signature Algorithm: sha256WithRSAEncryption dc:2d:88:00:94:16:b8:20:72:b8:6a:d0:01:d7:53:d0:c9:9d: 9d:df:86:d6:8a:c0:3a:aa:e0:99:8a:2e:07:e1:37:76:7a:4f: ef:4f:ed:39:07:ff:9f:c0:bc:3d:71:61:7c:3d:46:d0:81:f9: 65:4d:69:f0:7e:4b:c9:68:95:3e:19:fd:5a:ff:21:b3:9b:9e: 67:e7:e1:c5:67:7c:b3:0b:45:75:ba:bb:c3:c0:1d:4a:40:86: b2:dc:21:28:05:23:53:bf:a9:c8:cc:0f:7c:29:55:db:04:8f: 4a:91:77:b5:d5:84:4a:4f:02:78:42:95:b2:68:28:75:4d:df: 78:b6:11:bf:6c:c2:ea:ad:4c:2b:61:28:e4:cf:36:bb:f0:a8: 22:0e:c1:f2:c1:1a:38:53:ce:80:46:76:2f:89:48:be:c7:0a: b8:76:1c:94:cf:c9:99:c8:63:36:2d:7a:c7:b8:b1:7f:ff:01: c8:e4:cd:87:26:c7:e8:7f:78:af:6b:56:14:40:dd:04:01:51: a1:15:6f:2a:db:cd:ca:95:b8:0e:1c:c6:1e:91:c9:56:a3:f4: 26:1f:37:e5:e9:e0:1d:54:ce:98:86:65:18:10:00:c2:d7:ae: 5c:e4:48:d9:90:8c:ce:23:5d:c0:54:52:3c:e8:c7:b7:2c:93: cd:8d:e6:75 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSNa8t46lCJuKsgcrzChN71wCPj8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMFoX DTI3MDMwMzA2MTMxMFowMzExMC8GA1UEAxMoNDU4RUZDNUQxNTBCMzRBMzcxQzNG Q0RCMkZGMDJBOUQ4NTk0NEVEMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK127s+4Dj207L1XUG1n+hSVOt1iNw9IU0qpqSiMHnIwn7WfhlGMXPTgBftc Y/XQFYG8m+Gj2DH9EQvGtvZjpOwHxN6Pi9c/y77BqiYWaBNtzTJW/L4Mwp8Rd1BU FkLRGwf0YmINfGhVj3aE2wBPvh0437LDJkE55d3oMl+X8suVcxbIsgbq/QJL6lgk cCRK8ontyhOc8zmHNNGFHknnb6sc62sPbCMok3DsuMFVY1hngApcqqigjXf1s0HF 4GdVZ1cGYRNe/OOAzgChPzos1Q/rHR4FXl9AhiSWFR6QwOX+WoQPjO/MRQmHiT0W /1mX9kTtRhq5ifeAZOu8E3AgmGsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRFjvxd FQs0o3HD/Nsv8CqdhZRO0zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAwNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pUwwDQYJKoZIhvcNAQELBQADggEBANwtiACUFrggcrhq0AHXU9DJnZ3fhtaKwDqq 4JmKLgfhN3Z6T+9P7TkH/5/AvD1xYXw9RtCB+WVNafB+S8lolT4Z/Vr/IbObnmfn 4cVnfLMLRXW6u8PAHUpAhrLcISgFI1O/qcjMD3wpVdsEj0qRd7XVhEpPAnhClbJo KHVN33i2Eb9swuqtTCthKOTPNrvwqCIOwfLBGjhTzoBGdi+JSL7HCrh2HJTPyZnI YzYtese4sX//AcjkzYcmx+h/eK9rVhRA3QQBUaEVbyrbzcqVuA4cxh6RyVaj9CYf N+Xp4B1UzpiGZRgQAMLXrlzkSNmQjM4jXcBUUjzox7csk82N5nU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:48 2026 by rpki-client