$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144007.roa File: AS144007.roa (raw, json) Hash identifier: 32S6S+EfhLrjGOSwi02aP9wG75HtpF3qDpLaud3W2R0= Subject key identifier: AA:07:95:A4:DA:22:9F:2C:ED:E2:9F:01:55:B7:9C:64:E5:1F:3C:59 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 788A049C4E170B0A74061F558C1FF1F57179B3A6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144007.roa Signing time: Wed 04 Mar 2026 06:14:34 +0000 ROA not before: Wed 04 Mar 2026 06:09:34 +0000 ROA not after: Wed 03 Mar 2027 06:14:34 +0000 asID: 144007 IP address blocks: 240a:a54d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:8a:04:9c:4e:17:0b:0a:74:06:1f:55:8c:1f:f1:f5:71:79:b3:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:34 2026 GMT Not After : Mar 3 06:14:34 2027 GMT Subject: CN=AA0795A4DA229F2CEDE29F0155B79C64E51F3C59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f2:7f:81:ea:3b:87:18:a7:06:5a:07:d3:8a: 36:d8:db:9e:a0:fe:58:92:7f:2c:0f:a7:83:c1:98: 5d:61:8b:f6:ac:e7:ef:81:de:6a:a6:36:b4:42:5c: 2b:30:32:e5:2d:45:e4:03:db:b2:9d:51:26:e1:3f: bb:48:75:95:1a:a5:61:ec:f4:ba:c7:6b:0a:64:17: da:f7:5e:a2:25:58:1e:ce:2a:81:97:60:ae:fe:19: a2:f7:59:b8:f0:66:6d:68:ab:ee:15:f2:0b:34:2b: 21:bf:1d:c3:a4:17:56:2e:4f:93:e0:8b:3d:6a:7f: 40:b4:50:6a:61:8c:b7:85:89:94:8f:cd:21:2a:90: 02:ff:21:da:5c:5d:b2:e5:1a:36:35:06:73:28:07: 60:b5:e1:d7:87:a6:af:8a:3a:85:d5:82:43:26:41: 6d:90:28:f4:ad:d5:ad:a9:9c:73:86:74:3d:14:39: 55:5c:cb:e0:44:17:59:24:68:db:48:02:32:8d:41: f8:8b:70:12:01:c9:8c:ab:bd:18:2a:ed:4c:7b:4d: d7:fb:06:12:9f:4b:9d:b5:5a:85:01:4d:7c:b0:8c: e4:07:3d:b0:0e:8a:cf:ff:6b:3d:a0:ec:6f:b4:8c: 25:fd:d0:8d:8d:49:97:96:a0:c5:17:a1:c6:5b:bc: 63:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:07:95:A4:DA:22:9F:2C:ED:E2:9F:01:55:B7:9C:64:E5:1F:3C:59 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144007.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a54d::/32 Signature Algorithm: sha256WithRSAEncryption 28:f3:7e:2b:80:7e:c2:5e:d3:2b:23:4f:51:e2:fd:e8:fd:58: 16:f7:ae:7f:ac:3e:3b:98:af:e2:d5:87:78:69:a5:bc:67:07: 94:33:dc:82:6a:72:33:86:d3:f1:c3:9f:1d:5d:8b:68:27:c5: 51:f0:cc:88:17:15:14:46:22:a1:6e:44:af:0c:33:47:4b:db: 75:c2:79:df:0f:b2:25:b5:b8:78:78:b4:57:68:31:0a:33:25: 2c:24:37:45:f8:2d:92:9c:97:14:75:75:f0:68:f0:3d:9c:73: a0:68:16:d3:50:06:ad:4e:a1:8b:01:b5:cb:2f:71:6c:1e:c2: 78:86:66:37:2d:0b:d5:15:18:7b:a6:ee:bf:60:e8:29:47:c6: ca:cf:13:db:79:83:07:da:14:0a:6e:01:52:3c:1b:b1:fb:b5: 69:b3:1b:0f:6a:aa:60:7e:ea:e1:a5:c5:68:df:15:18:d5:48: 6e:9d:91:ae:0d:94:b8:8b:19:8e:a0:3c:2b:dc:c3:d8:9b:f0: 02:e4:f3:42:1e:ff:28:f2:98:1b:d7:3f:0a:b1:f1:16:a1:5a: 95:89:6c:b9:ea:68:80:42:33:b7:73:78:ac:1d:32:9a:a8:ae: c4:3c:dd:60:39:78:4b:cd:68:2a:a3:4f:e5:7a:5c:ec:7a:19: 33:4b:35:9e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeIoEnE4XCwp0Bh9VjB/x9XF5s6YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzNFoX DTI3MDMwMzA2MTQzNFowMzExMC8GA1UEAxMoQUEwNzk1QTREQTIyOUYyQ0VERTI5 RjAxNTVCNzlDNjRFNTFGM0M1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzyf4HqO4cYpwZaB9OKNtjbnqD+WJJ/LA+ng8GYXWGL9qzn74HeaqY2tEJc KzAy5S1F5APbsp1RJuE/u0h1lRqlYez0usdrCmQX2vdeoiVYHs4qgZdgrv4ZovdZ uPBmbWir7hXyCzQrIb8dw6QXVi5Pk+CLPWp/QLRQamGMt4WJlI/NISqQAv8h2lxd suUaNjUGcygHYLXh14emr4o6hdWCQyZBbZAo9K3Vramcc4Z0PRQ5VVzL4EQXWSRo 20gCMo1B+ItwEgHJjKu9GCrtTHtN1/sGEp9LnbVahQFNfLCM5Ac9sA6Kz/9rPaDs b7SMJf3QjY1Jl5agxRehxlu8Y/UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSqB5Wk 2iKfLO3inwFVt5xk5R88WTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAwNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pU0wDQYJKoZIhvcNAQELBQADggEBACjzfiuAfsJe0ysjT1Hi/ej9WBb3rn+sPjuY r+LVh3hppbxnB5Qz3IJqcjOG0/HDnx1di2gnxVHwzIgXFRRGIqFuRK8MM0dL23XC ed8PsiW1uHh4tFdoMQozJSwkN0X4LZKclxR1dfBo8D2cc6BoFtNQBq1OoYsBtcsv cWwewniGZjctC9UVGHum7r9g6ClHxsrPE9t5gwfaFApuAVI8G7H7tWmzGw9qqmB+ 6uGlxWjfFRjVSG6dka4NlLiLGY6gPCvcw9ib8ALk80Ie/yjymBvXPwqx8RahWpWJ bLnqaIBCM7dzeKwdMpqorsQ83WA5eEvNaCqjT+V6XOx6GTNLNZ4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:04 2026 by rpki-client