$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144052.roa File: AS144052.roa (raw, json) Hash identifier: wvU1XvvZeIt4I1XB7maExnEu/De0P0GeBVxESXeYU04= Subject key identifier: 9F:42:F2:C2:31:F3:D7:23:E9:63:C9:24:C8:D0:2E:D4:EC:DE:DC:0F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 610E89147339BD62AE8B30B44A563AE528D5FB53 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144052.roa Signing time: Wed 04 Mar 2026 06:14:33 +0000 ROA not before: Wed 04 Mar 2026 06:09:33 +0000 ROA not after: Wed 03 Mar 2027 06:14:33 +0000 asID: 144052 IP address blocks: 240a:a57a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:0e:89:14:73:39:bd:62:ae:8b:30:b4:4a:56:3a:e5:28:d5:fb:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:33 2026 GMT Not After : Mar 3 06:14:33 2027 GMT Subject: CN=9F42F2C231F3D723E963C924C8D02ED4ECDEDC0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:be:d2:2c:b5:cb:d8:d4:64:d9:5b:57:7b:57: e7:ce:8a:a5:17:f9:fc:86:f4:fa:1e:c7:a5:fe:18: 19:42:1c:94:57:1f:22:ca:0f:98:80:28:7e:6f:39: 85:8d:99:7d:84:74:9b:a7:59:94:e2:2f:94:e2:f9: b4:e2:55:21:98:45:c1:9c:a1:0d:c2:9a:30:d7:04: 61:ee:e9:6a:98:4b:b9:c9:93:81:7d:da:01:5b:63: ec:f6:df:bf:b3:59:ed:a2:80:bd:a1:37:d5:ea:cd: 23:7b:7d:d8:75:8f:a3:29:cd:81:58:b8:e7:da:bc: 10:22:65:47:46:2d:0b:f8:72:cc:18:e5:fa:99:33: 32:06:35:5c:e4:d8:42:4c:63:a3:18:7c:5d:5c:48: 72:6d:4e:5d:11:8a:2b:cd:b2:a1:66:8c:c9:56:a5: d8:62:fc:65:44:fd:c1:30:e7:cc:09:8f:5a:f4:bb: e0:5f:30:fd:c1:6f:a4:92:f2:5d:75:0e:79:1c:17: 61:75:bf:f7:87:6b:0a:83:55:f6:72:f6:b5:08:a0: 7d:ca:0b:04:d6:51:b2:b3:eb:cc:96:8c:dc:2d:52: 4b:34:ae:c7:b7:d9:f3:57:09:f9:86:a1:14:d8:88: b9:ac:21:39:81:18:cf:56:18:aa:41:27:28:5c:58: 48:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:42:F2:C2:31:F3:D7:23:E9:63:C9:24:C8:D0:2E:D4:EC:DE:DC:0F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144052.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a57a::/32 Signature Algorithm: sha256WithRSAEncryption 76:0a:25:4e:39:fc:32:76:41:e2:a4:45:45:9c:61:5d:07:d4: 96:6d:a6:2c:0a:5c:95:cc:a1:e2:c0:65:fb:71:c5:f2:11:75: b8:ee:ad:49:a0:68:b8:ac:f3:47:50:65:d1:cb:5b:98:a4:91: 40:28:56:ef:8f:ab:e5:19:3f:60:df:23:06:9d:a7:4a:62:e7: 6e:71:c2:d9:69:b9:2c:ae:94:21:ce:9c:58:ac:c4:b1:22:d1: 49:54:09:72:f3:ff:a6:2a:3b:65:c0:c0:22:75:33:53:b4:56: 91:88:03:41:6b:86:57:2e:77:0c:bf:a9:9f:12:7b:6d:40:01: 01:b8:92:0b:20:96:c4:fa:3c:2e:4c:d0:15:af:4a:8c:02:88: b7:e5:d8:26:c9:40:db:f5:d5:c8:da:02:b1:34:a8:03:7c:06: 6a:1b:d0:b5:a5:d8:43:9e:6c:bc:63:ca:73:f2:5d:28:86:9a: 9b:b5:a6:57:8c:60:75:83:d0:5d:97:05:79:03:a1:4a:0f:cc: 27:52:73:89:e5:c8:dc:fd:23:92:21:51:03:07:3b:24:1b:bf: 3e:57:42:e1:aa:96:b8:2a:02:02:05:e1:e3:6b:2c:85:31:97: 03:c3:9a:ec:a0:40:1f:1e:a2:b7:47:4c:d6:d3:e1:5e:d6:2e: 5d:63:4e:a4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYQ6JFHM5vWKuizC0SlY65SjV+1MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzM1oX DTI3MDMwMzA2MTQzM1owMzExMC8GA1UEAxMoOUY0MkYyQzIzMUYzRDcyM0U5NjND OTI0QzhEMDJFRDRFQ0RFREMwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANa+0iy1y9jUZNlbV3tX586KpRf5/Ib0+h7Hpf4YGUIclFcfIsoPmIAofm85 hY2ZfYR0m6dZlOIvlOL5tOJVIZhFwZyhDcKaMNcEYe7paphLucmTgX3aAVtj7Pbf v7NZ7aKAvaE31erNI3t92HWPoynNgVi459q8ECJlR0YtC/hyzBjl+pkzMgY1XOTY Qkxjoxh8XVxIcm1OXRGKK82yoWaMyVal2GL8ZUT9wTDnzAmPWvS74F8w/cFvpJLy XXUOeRwXYXW/94drCoNV9nL2tQigfcoLBNZRsrPrzJaM3C1SSzSux7fZ81cJ+Yah FNiIuawhOYEYz1YYqkEnKFxYSMECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSfQvLC MfPXI+ljySTI0C7U7N7cDzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDA1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pXowDQYJKoZIhvcNAQELBQADggEBAHYKJU45/DJ2QeKkRUWcYV0H1JZtpiwKXJXM oeLAZftxxfIRdbjurUmgaLis80dQZdHLW5ikkUAoVu+Pq+UZP2DfIwadp0pi525x wtlpuSyulCHOnFisxLEi0UlUCXLz/6YqO2XAwCJ1M1O0VpGIA0Frhlcudwy/qZ8S e21AAQG4kgsglsT6PC5M0BWvSowCiLfl2CbJQNv11cjaArE0qAN8Bmob0LWl2EOe bLxjynPyXSiGmpu1pleMYHWD0F2XBXkDoUoPzCdSc4nlyNz9I5IhUQMHOyQbvz5X QuGqlrgqAgIF4eNrLIUxlwPDmuygQB8eordHTNbT4V7WLl1jTqQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:57 2026 by rpki-client