$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144045.roa File: AS144045.roa (raw, json) Hash identifier: /eUpW1eW4ITT2dfwBxC87MPh1ckHEi+BBtbOXmGVT2M= Subject key identifier: C0:2A:B1:28:6E:85:E7:3A:72:10:D8:30:31:80:80:C5:8F:5B:48:9F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2D6B3A7F1F90BB7AFAEAC6FA2E5C2F918DE3476A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144045.roa Signing time: Wed 04 Mar 2026 06:14:18 +0000 ROA not before: Wed 04 Mar 2026 06:09:18 +0000 ROA not after: Wed 03 Mar 2027 06:14:18 +0000 asID: 144045 IP address blocks: 240a:a573::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:6b:3a:7f:1f:90:bb:7a:fa:ea:c6:fa:2e:5c:2f:91:8d:e3:47:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:18 2026 GMT Not After : Mar 3 06:14:18 2027 GMT Subject: CN=C02AB1286E85E73A7210D830318080C58F5B489F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d2:b8:08:4b:3b:b5:51:ee:7b:5d:39:b8:3a: 76:30:b6:32:a5:84:82:e1:2f:1c:2b:c7:16:0a:16: 4d:de:59:7e:30:95:5b:f6:7a:73:57:6b:48:3e:81: 8b:0d:a4:25:ed:5a:7c:28:64:aa:a7:d1:1e:35:73: 9a:a7:81:c6:d6:64:07:6b:01:79:e4:15:6b:36:af: 1b:ea:75:73:ce:a0:e1:92:21:5e:5d:7a:ce:80:36: f4:e9:97:24:5f:3b:c2:bc:2b:70:b3:c5:fc:dd:2a: 6f:bb:46:08:f0:e4:e5:ef:64:c8:fe:da:f2:ae:17: 6a:80:b4:4a:ad:98:c4:89:7d:09:5c:b6:fb:36:a9: c3:88:10:cb:43:96:0b:fb:3a:1b:35:05:af:74:7c: 7f:c6:24:18:12:70:9d:d4:5c:1e:0f:b9:a3:1a:87: f9:8d:3c:de:e6:07:ac:d6:c7:2a:c4:10:51:25:bf: 26:af:82:c7:6f:71:bf:07:02:e5:80:7b:1b:72:0c: 76:07:90:03:42:87:42:74:99:58:0e:82:7e:e1:e4: b3:2b:70:2b:bb:c6:78:23:f3:f2:d8:58:cc:39:3c: 9f:2b:1e:19:54:f0:85:48:e4:0c:33:04:ba:97:5b: c9:1c:4d:0d:01:e4:3f:cb:06:5b:60:03:93:bb:55: c2:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:2A:B1:28:6E:85:E7:3A:72:10:D8:30:31:80:80:C5:8F:5B:48:9F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144045.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a573::/32 Signature Algorithm: sha256WithRSAEncryption ae:a5:2f:fa:84:f6:43:3e:b5:ea:d4:d7:4b:55:aa:b7:4a:cd: 99:3c:42:9d:b2:6d:e0:a7:b0:6f:93:d3:30:63:fa:b7:b6:d8: 32:c7:74:3e:cc:62:38:e8:d7:b9:31:85:f0:9a:1d:79:d3:23: 00:c1:7a:69:48:60:bf:11:a5:d1:6d:cd:65:b4:36:47:e6:c2: 47:a6:8b:9a:76:03:70:f1:75:63:c1:c8:69:68:b3:0f:2d:98: 6f:3e:41:2b:89:f8:28:99:06:c0:e6:46:19:52:98:8f:6a:af: 9c:ad:cc:ef:8e:c9:f2:4e:0a:7e:f4:29:00:7e:f4:bd:50:2b: 60:b7:51:72:38:ca:88:5c:b3:a1:fb:94:28:ad:72:3e:dc:ff: 44:5c:36:60:6d:9e:e6:3d:33:2a:9c:f3:42:1c:34:11:34:74: c5:fa:3a:6a:b2:ea:9e:92:06:90:11:e6:5f:13:44:be:37:15: 25:a8:c9:29:17:fe:2c:c6:e1:69:e1:a5:de:8f:8e:cd:6a:57: 3e:cc:ae:00:e5:e0:bb:0a:b2:ba:46:53:6e:e9:e5:27:a2:eb: 09:56:10:76:07:21:7e:99:21:5b:49:72:aa:d2:4d:5f:78:be: 94:aa:43:0c:4f:79:30:45:4b:d0:ef:27:c0:e1:81:d0:af:36: cb:1e:79:ed -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULWs6fx+Qu3r66sb6LlwvkY3jR2owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxOFoX DTI3MDMwMzA2MTQxOFowMzExMC8GA1UEAxMoQzAyQUIxMjg2RTg1RTczQTcyMTBE ODMwMzE4MDgwQzU4RjVCNDg5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM/SuAhLO7VR7ntdObg6djC2MqWEguEvHCvHFgoWTd5ZfjCVW/Z6c1drSD6B iw2kJe1afChkqqfRHjVzmqeBxtZkB2sBeeQVazavG+p1c86g4ZIhXl16zoA29OmX JF87wrwrcLPF/N0qb7tGCPDk5e9kyP7a8q4XaoC0Sq2YxIl9CVy2+zapw4gQy0OW C/s6GzUFr3R8f8YkGBJwndRcHg+5oxqH+Y083uYHrNbHKsQQUSW/Jq+Cx29xvwcC 5YB7G3IMdgeQA0KHQnSZWA6CfuHksytwK7vGeCPz8thYzDk8nyseGVTwhUjkDDME updbyRxNDQHkP8sGW2ADk7tVwisCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTAKrEo boXnOnIQ2DAxgIDFj1tInzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDA0NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pXMwDQYJKoZIhvcNAQELBQADggEBAK6lL/qE9kM+terU10tVqrdKzZk8Qp2ybeCn sG+T0zBj+re22DLHdD7MYjjo17kxhfCaHXnTIwDBemlIYL8RpdFtzWW0Nkfmwkem i5p2A3DxdWPByGlosw8tmG8+QSuJ+CiZBsDmRhlSmI9qr5ytzO+OyfJOCn70KQB+ 9L1QK2C3UXI4yohcs6H7lCitcj7c/0RcNmBtnuY9Myqc80IcNBE0dMX6Omqy6p6S BpAR5l8TRL43FSWoySkX/izG4Wnhpd6Pjs1qVz7MrgDl4LsKsrpGU27p5Sei6wlW EHYHIX6ZIVtJcqrSTV94vpSqQwxPeTBFS9DvJ8DhgdCvNsseee0= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:43 2026 by rpki-client