$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144131.roa File: AS144131.roa (raw, json) Hash identifier: ek93b9FAzP3FKjOJ1uER5tOIwCNNk5gelW6+ZIm6/Rg= Subject key identifier: 99:D5:5B:C8:78:D6:51:FC:88:C4:AA:C4:0C:FD:74:9A:67:6C:99:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4DDD160D92E284849B06909BB0B102B2B0D10E52 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144131.roa Signing time: Wed 04 Mar 2026 06:14:38 +0000 ROA not before: Wed 04 Mar 2026 06:09:38 +0000 ROA not after: Wed 03 Mar 2027 06:14:38 +0000 asID: 144131 IP address blocks: 240a:a5c9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:dd:16:0d:92:e2:84:84:9b:06:90:9b:b0:b1:02:b2:b0:d1:0e:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:38 2026 GMT Not After : Mar 3 06:14:38 2027 GMT Subject: CN=99D55BC878D651FC88C4AAC40CFD749A676C99E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:de:21:ca:d0:ab:ec:3f:18:06:8a:04:f1:8d: 53:f3:4b:1d:70:9c:f1:54:9b:89:4d:34:96:7d:ab: a1:0c:e5:de:b6:f7:16:52:4b:84:69:40:07:fe:95: b2:ff:2b:ce:58:74:aa:53:a1:56:2b:f1:fa:cf:38: f2:1e:b3:6e:e8:ea:99:8a:2b:2c:f0:39:b7:6a:6d: 42:c7:d8:8c:c6:8c:06:ce:c2:88:bc:f7:af:73:92: 3e:6d:f9:5b:ee:4a:9a:c4:95:c1:1d:92:b4:fa:61: 66:36:ae:e4:aa:28:5b:62:2d:cb:b5:94:d3:5c:59: f9:30:10:45:76:fe:27:65:42:4f:f6:9f:61:00:2e: b0:86:80:46:e6:c5:ee:22:ce:57:54:00:45:2b:13: 9f:7d:33:04:7c:ff:f0:66:86:36:63:1b:fa:d7:59: d5:43:8d:05:00:12:4c:46:1e:e8:68:5d:dc:a9:5f: a8:63:f7:9a:69:77:bf:f9:2f:b5:cd:fc:d0:77:16: da:75:7f:8b:b1:52:57:59:1f:32:ae:a3:a8:d2:0c: d9:ba:b2:3b:06:cd:3f:0f:c9:89:af:67:f3:9e:cc: 35:4f:41:98:20:a5:a2:ae:a3:9b:27:b2:0a:6a:ad: 56:8b:68:2f:b6:72:66:72:6c:83:e6:7d:2e:40:a6: ec:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:D5:5B:C8:78:D6:51:FC:88:C4:AA:C4:0C:FD:74:9A:67:6C:99:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5c9::/32 Signature Algorithm: sha256WithRSAEncryption 1a:2b:0b:d6:52:7f:ab:93:4b:85:58:5c:3d:e7:7b:59:39:0c: c8:80:e2:ac:49:94:c4:a3:03:87:d1:ef:b8:f4:1a:6e:03:6f: c9:f1:b3:83:e5:82:db:eb:fd:49:1e:30:1e:9a:a8:b3:fd:7a: de:67:12:06:4a:a4:00:27:c1:b1:d0:e5:ce:4f:cc:69:e6:2f: f3:ea:3f:23:dc:2c:fd:c6:04:3a:0b:8c:76:3d:a3:10:17:2e: 78:bc:f6:81:62:fd:fe:9e:1d:54:21:39:b0:08:89:7c:4d:36: 6b:89:ab:f7:5f:3d:9f:97:62:25:64:e8:ac:b3:34:b6:c9:69: a4:d7:3c:1f:da:c0:4d:99:c1:3b:32:db:bf:b6:b5:e2:61:c9: 12:2c:eb:3c:82:2c:80:1a:b1:0b:c1:50:25:19:34:cd:a1:73: 04:d8:ac:ba:9d:3c:4a:ea:dd:8d:e8:ea:5e:f5:22:12:5c:85: 94:4f:9d:95:49:19:c8:99:72:a4:49:12:3f:74:0a:e4:d7:c4: b6:07:42:f6:f3:6c:0f:95:bd:0b:98:96:49:14:73:0d:5d:bf: 3c:04:f8:37:58:68:6b:78:3d:2d:36:fc:bd:76:84:7c:8e:38: 6c:b8:c7:f7:94:9b:a1:81:f7:83:f2:76:4c:c4:d5:76:02:5b: 9c:27:d8:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTd0WDZLihISbBpCbsLECsrDRDlIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzOFoX DTI3MDMwMzA2MTQzOFowMzExMC8GA1UEAxMoOTlENTVCQzg3OEQ2NTFGQzg4QzRB QUM0MENGRDc0OUE2NzZDOTlFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ7eIcrQq+w/GAaKBPGNU/NLHXCc8VSbiU00ln2roQzl3rb3FlJLhGlAB/6V sv8rzlh0qlOhVivx+s848h6zbujqmYorLPA5t2ptQsfYjMaMBs7CiLz3r3OSPm35 W+5KmsSVwR2StPphZjau5KooW2Ity7WU01xZ+TAQRXb+J2VCT/afYQAusIaARubF 7iLOV1QARSsTn30zBHz/8GaGNmMb+tdZ1UONBQASTEYe6Ghd3KlfqGP3mml3v/kv tc380HcW2nV/i7FSV1kfMq6jqNIM2bqyOwbNPw/Jia9n857MNU9BmCCloq6jmyey CmqtVotoL7ZyZnJsg+Z9LkCm7NkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSZ1VvI eNZR/IjEqsQM/XSaZ2yZ4jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDEzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pckwDQYJKoZIhvcNAQELBQADggEBABorC9ZSf6uTS4VYXD3ne1k5DMiA4qxJlMSj A4fR77j0Gm4Db8nxs4Plgtvr/UkeMB6aqLP9et5nEgZKpAAnwbHQ5c5PzGnmL/Pq PyPcLP3GBDoLjHY9oxAXLni89oFi/f6eHVQhObAIiXxNNmuJq/dfPZ+XYiVk6Kyz NLbJaaTXPB/awE2ZwTsy27+2teJhyRIs6zyCLIAasQvBUCUZNM2hcwTYrLqdPErq 3Y3o6l71IhJchZRPnZVJGciZcqRJEj90CuTXxLYHQvbzbA+VvQuYlkkUcw1dvzwE +DdYaGt4PS02/L12hHyOOGy4x/eUm6GB94PydkzE1XYCW5wn2Ag= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:40 2026 by rpki-client