$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144114.roa File: AS144114.roa (raw, json) Hash identifier: x1vFSYC0aCZkGAMs17bH8VVySMehZGdV2oaGnM/II+U= Subject key identifier: 60:A0:E7:7C:F4:F4:DE:2C:78:8B:08:8B:EE:1D:D7:30:0C:B1:E4:09 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5E329DCDC2679D8C4D96A922159EF4F5301FA29C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144114.roa Signing time: Wed 04 Mar 2026 06:13:28 +0000 ROA not before: Wed 04 Mar 2026 06:08:28 +0000 ROA not after: Wed 03 Mar 2027 06:13:28 +0000 asID: 144114 IP address blocks: 240a:a5b8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:32:9d:cd:c2:67:9d:8c:4d:96:a9:22:15:9e:f4:f5:30:1f:a2:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:28 2026 GMT Not After : Mar 3 06:13:28 2027 GMT Subject: CN=60A0E77CF4F4DE2C788B088BEE1DD7300CB1E409 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:77:3f:aa:a0:d0:35:a0:8d:41:92:9b:90:c1: 71:2f:e7:57:a0:46:5d:ac:7c:65:09:e0:26:f2:12: 7b:d5:21:c8:f7:28:48:54:0a:92:0a:27:23:8b:61: f3:4b:84:9b:a7:b1:7b:65:a7:3c:95:da:b2:43:38: 28:d8:67:78:d7:8e:aa:82:59:6c:c3:11:ef:eb:20: 61:b6:1d:77:2b:0a:0a:3d:c4:99:0c:2b:e3:05:87: b2:d0:5e:f8:0a:ee:14:4d:15:d9:37:41:e3:3a:51: c0:0f:c0:ba:e8:23:00:37:83:3c:0c:cf:93:1a:29: 29:14:41:1f:eb:8e:00:98:08:46:b9:fa:90:c0:93: 85:5e:c8:41:fd:1e:2f:ca:33:8b:90:73:1a:be:f5: ce:69:79:ca:c6:4e:65:9b:d7:bc:f9:55:6f:b6:e3: a4:7c:6f:94:bf:61:6e:26:2e:ec:05:b7:81:e3:7b: 53:dc:d5:c8:9e:19:80:f0:60:2c:b3:6d:ce:cf:dc: 13:d6:7c:be:62:7d:07:54:2b:21:c3:c9:4c:d5:5c: 5b:7d:7f:43:ea:9a:27:3b:46:8e:b2:fc:60:80:f4: 72:d1:fc:b2:2b:d4:bb:48:d9:33:2d:93:90:e9:59: da:23:d7:97:e0:98:70:27:be:0f:7b:56:41:a3:81: 0c:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:A0:E7:7C:F4:F4:DE:2C:78:8B:08:8B:EE:1D:D7:30:0C:B1:E4:09 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144114.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5b8::/32 Signature Algorithm: sha256WithRSAEncryption 7b:1a:96:b3:76:45:5a:fa:bb:fb:b8:43:ca:40:b6:0d:2f:d1: 6f:43:8d:d0:0e:ff:ed:4a:05:dd:cb:36:0b:04:79:5b:02:d1: d5:9e:9c:6e:af:85:7d:57:40:f0:fb:3f:08:93:d0:3b:d3:22: 76:3b:79:6f:dc:39:54:74:8c:cc:c0:e3:81:dc:0a:67:49:c2: 8d:69:a1:8e:39:b0:b6:a6:55:0d:6e:ec:62:db:6e:56:f6:04: 4f:a7:8f:ce:80:70:07:50:77:14:40:8f:3f:7c:a8:3f:df:87: e0:e4:29:8b:9f:b5:90:84:95:f2:71:af:e7:83:13:1e:1f:95: 37:8c:3e:8c:4e:eb:66:46:53:48:34:3d:47:c4:a7:9b:9b:de: 10:bf:75:15:fb:77:16:c2:02:bf:0b:43:5d:74:fe:20:e0:5e: 6b:5c:3f:d6:07:cc:6d:60:fb:04:35:33:66:0e:e2:2d:98:fa: 46:08:dd:1b:77:25:bc:2d:71:26:fd:86:42:37:df:5d:49:aa: 43:1b:ce:98:c2:98:4b:c8:e5:7f:0c:39:51:72:cb:24:0f:15: 01:03:0b:a4:5c:b6:46:16:be:8a:9d:45:a9:8a:34:ff:f6:40: 98:17:69:9f:18:c3:2a:84:c1:67:b0:33:93:e7:48:78:f4:2e: 42:b6:d4:31 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXjKdzcJnnYxNlqkiFZ709TAfopwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyOFoX DTI3MDMwMzA2MTMyOFowMzExMC8GA1UEAxMoNjBBMEU3N0NGNEY0REUyQzc4OEIw ODhCRUUxREQ3MzAwQ0IxRTQwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMF3P6qg0DWgjUGSm5DBcS/nV6BGXax8ZQngJvISe9UhyPcoSFQKkgonI4th 80uEm6exe2WnPJXaskM4KNhneNeOqoJZbMMR7+sgYbYddysKCj3EmQwr4wWHstBe +AruFE0V2TdB4zpRwA/AuugjADeDPAzPkxopKRRBH+uOAJgIRrn6kMCThV7IQf0e L8ozi5BzGr71zml5ysZOZZvXvPlVb7bjpHxvlL9hbiYu7AW3geN7U9zVyJ4ZgPBg LLNtzs/cE9Z8vmJ9B1QrIcPJTNVcW31/Q+qaJztGjrL8YID0ctH8sivUu0jZMy2T kOlZ2iPXl+CYcCe+D3tWQaOBDGECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRgoOd8 9PTeLHiLCIvuHdcwDLHkCTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDExNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pbgwDQYJKoZIhvcNAQELBQADggEBAHsalrN2RVr6u/u4Q8pAtg0v0W9DjdAO/+1K Bd3LNgsEeVsC0dWenG6vhX1XQPD7PwiT0DvTInY7eW/cOVR0jMzA44HcCmdJwo1p oY45sLamVQ1u7GLbblb2BE+nj86AcAdQdxRAjz98qD/fh+DkKYuftZCElfJxr+eD Ex4flTeMPoxO62ZGU0g0PUfEp5ub3hC/dRX7dxbCAr8LQ110/iDgXmtcP9YHzG1g +wQ1M2YO4i2Y+kYI3Rt3JbwtcSb9hkI3311JqkMbzpjCmEvI5X8MOVFyyyQPFQED C6RctkYWvoqdRamKNP/2QJgXaZ8YwyqEwWewM5PnSHj0LkK21DE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:52 2026 by rpki-client