$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144089.roa File: AS144089.roa (raw, json) Hash identifier: IRstaQ2DpaFp9beY40PCK4OfQ1WYmFNDv6wz+oTa2pU= Subject key identifier: A5:88:C9:EC:15:A5:BB:95:0A:A5:5B:1E:40:E3:2C:F3:F7:8A:8B:82 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7657BC9C57A15C3DC9B6A8CB532A441630FB0149 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144089.roa Signing time: Wed 04 Mar 2026 06:13:51 +0000 ROA not before: Wed 04 Mar 2026 06:08:51 +0000 ROA not after: Wed 03 Mar 2027 06:13:51 +0000 asID: 144089 IP address blocks: 240a:a59f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:57:bc:9c:57:a1:5c:3d:c9:b6:a8:cb:53:2a:44:16:30:fb:01:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:51 2026 GMT Not After : Mar 3 06:13:51 2027 GMT Subject: CN=A588C9EC15A5BB950AA55B1E40E32CF3F78A8B82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:3b:b3:a1:04:f2:de:4a:21:e2:6a:41:e7:6e: 07:d7:ed:0f:05:7e:a8:a3:70:e8:09:fe:fc:8b:35: e7:ba:6f:7a:80:fc:79:87:1d:56:ae:88:88:d9:7d: f5:d6:75:98:3a:78:74:db:9e:03:bb:9e:61:e5:7e: a5:69:82:fb:be:7f:79:05:c7:6d:46:e4:20:4c:c1: d4:57:77:13:44:46:34:ad:d9:42:a1:c1:f8:75:eb: 1e:d9:36:43:59:86:bb:51:2c:c7:53:27:ce:42:7d: 14:92:f8:69:36:74:b7:e9:82:da:7a:bd:6b:a2:c0: 80:bd:f0:05:c6:74:90:57:3d:85:df:23:32:1f:32: 91:58:dd:65:c9:cb:25:96:40:b9:f4:83:4d:48:bb: c0:0d:c8:75:9d:09:b7:61:3e:60:7e:57:82:6b:6a: 26:5c:8d:cd:d3:be:a4:19:af:b3:17:c2:2c:55:82: f1:fa:8c:a2:03:68:b4:61:26:ad:ac:4f:7d:31:3c: 6f:a6:c6:7e:09:02:75:c6:fd:a1:b4:7e:31:ed:95: a9:05:c1:b7:47:51:d9:ba:9d:63:3a:7e:11:3e:17: 4e:74:37:21:9a:87:29:2b:cb:49:8d:29:f9:98:a3: db:87:8e:9e:fa:2c:0c:43:b6:98:9e:09:1a:99:21: f6:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:88:C9:EC:15:A5:BB:95:0A:A5:5B:1E:40:E3:2C:F3:F7:8A:8B:82 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a59f::/32 Signature Algorithm: sha256WithRSAEncryption 75:b3:2d:4a:3e:f3:5c:cb:8f:ab:8b:98:79:65:86:4e:5a:9d: 08:fb:ba:99:8f:d2:60:68:39:50:b6:ab:4d:b1:fa:bf:70:a7: d6:31:f7:04:dc:1f:8f:57:71:2a:dd:0d:f2:ae:60:5f:87:0b: c1:45:a8:f1:e0:e1:1f:58:83:28:14:31:32:a6:bc:7d:44:4e: 33:0d:eb:d7:27:ea:9a:58:98:87:a8:da:b8:17:e0:19:f0:81: 3e:c2:5d:ff:80:1c:29:1d:f3:ae:93:4f:ce:07:b5:41:49:55: be:70:75:03:5d:ad:31:68:b8:86:cd:8a:cf:fb:93:61:72:d2: a9:2d:e5:29:53:f9:d7:0c:10:36:d3:de:a2:a5:32:ae:7c:13: 39:d4:01:1d:85:b9:46:a4:db:5e:7f:f1:b7:95:da:48:7e:96: 05:b2:a2:4e:9d:6a:99:2e:02:58:9a:82:78:cf:3d:86:3e:aa: 50:2a:b1:02:54:c0:f2:af:87:ed:62:31:6b:89:7a:e2:e3:61: 9d:48:53:3f:6a:41:46:15:e9:b3:5a:72:8f:b5:51:08:06:ab: 21:a0:cf:ce:e9:dd:fa:e1:9c:2e:1d:b5:7b:3a:4b:aa:dd:0c: 10:73:cf:3c:8e:2c:bb:8c:a0:88:e4:a7:f5:b0:39:a5:ce:9f: 05:03:f2:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdle8nFehXD3JtqjLUypEFjD7AUkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1MVoX DTI3MDMwMzA2MTM1MVowMzExMC8GA1UEAxMoQTU4OEM5RUMxNUE1QkI5NTBBQTU1 QjFFNDBFMzJDRjNGNzhBOEI4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOs7s6EE8t5KIeJqQeduB9ftDwV+qKNw6An+/Is157pveoD8eYcdVq6IiNl9 9dZ1mDp4dNueA7ueYeV+pWmC+75/eQXHbUbkIEzB1Fd3E0RGNK3ZQqHB+HXrHtk2 Q1mGu1Esx1MnzkJ9FJL4aTZ0t+mC2nq9a6LAgL3wBcZ0kFc9hd8jMh8ykVjdZcnL JZZAufSDTUi7wA3IdZ0Jt2E+YH5XgmtqJlyNzdO+pBmvsxfCLFWC8fqMogNotGEm raxPfTE8b6bGfgkCdcb9obR+Me2VqQXBt0dR2bqdYzp+ET4XTnQ3IZqHKSvLSY0p +Zij24eOnvosDEO2mJ4JGpkh9qMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSliMns FaW7lQqlWx5A4yzz94qLgjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDA4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pZ8wDQYJKoZIhvcNAQELBQADggEBAHWzLUo+81zLj6uLmHllhk5anQj7upmP0mBo OVC2q02x+r9wp9Yx9wTcH49XcSrdDfKuYF+HC8FFqPHg4R9YgygUMTKmvH1ETjMN 69cn6ppYmIeo2rgX4BnwgT7CXf+AHCkd866TT84HtUFJVb5wdQNdrTFouIbNis/7 k2Fy0qkt5SlT+dcMEDbT3qKlMq58EznUAR2FuUak215/8beV2kh+lgWyok6dapku AliagnjPPYY+qlAqsQJUwPKvh+1iMWuJeuLjYZ1IUz9qQUYV6bNaco+1UQgGqyGg z87p3frhnC4dtXs6S6rdDBBzzzyOLLuMoIjkp/WwOaXOnwUD8pg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:27 2026 by rpki-client