$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144134.roa File: AS144134.roa (raw, json) Hash identifier: 7SiZk56wxiA1lJtkHW1JIt2ejMbtaKAjhS7DLJ54biU= Subject key identifier: B5:D5:B6:96:16:A9:47:24:AF:7C:90:95:EB:79:FC:FD:B9:A7:AE:05 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A7208AB56C475436B7C477784DE23B711A3B90C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144134.roa Signing time: Wed 04 Mar 2026 06:12:49 +0000 ROA not before: Wed 04 Mar 2026 06:07:49 +0000 ROA not after: Wed 03 Mar 2027 06:12:49 +0000 asID: 144134 IP address blocks: 240a:a5cc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:72:08:ab:56:c4:75:43:6b:7c:47:77:84:de:23:b7:11:a3:b9:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:49 2026 GMT Not After : Mar 3 06:12:49 2027 GMT Subject: CN=B5D5B69616A94724AF7C9095EB79FCFDB9A7AE05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:bb:cc:0c:7b:d4:23:73:7d:71:4f:a7:b9:07: 89:fa:74:01:24:1a:c7:71:63:16:6e:b7:9b:c5:46: e6:ec:cf:07:db:a7:49:0e:a8:f9:15:6c:aa:fb:da: 17:15:40:54:f4:17:3f:b6:00:9c:d2:32:9e:a8:fc: 8f:b5:da:d7:c8:65:c7:a6:ab:ad:39:91:ed:52:a4: cd:84:b1:14:4b:e1:fc:f6:c1:3e:7d:08:36:ed:f3: 29:d7:3c:e2:26:a1:d8:88:a0:01:1b:32:e8:f1:e6: 2e:c2:32:0e:d0:18:c5:c7:70:49:1a:cd:4d:4c:6c: 3c:e2:3a:72:f2:cb:e3:41:38:e5:9c:24:49:4b:6a: 41:6a:8a:be:47:f3:69:5d:f0:28:04:34:38:3d:22: 4a:4c:b9:bb:07:14:8a:6a:c2:7a:36:6f:bc:5a:c4: 40:29:1b:ba:30:88:85:8c:f7:0f:2e:d0:28:c6:11: ad:72:4a:95:b6:79:6f:62:52:3c:c0:6a:86:14:5b: 55:63:96:23:4c:f6:db:f7:1d:d1:7d:5b:c3:cc:c6: 55:9f:57:e2:80:f3:80:54:81:59:33:80:77:9e:41: 4f:0c:bb:ba:0d:3e:e1:ee:16:3f:ed:b6:f1:94:15: dd:da:56:c2:c4:c0:de:52:e0:54:67:75:d4:a0:0b: ad:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:D5:B6:96:16:A9:47:24:AF:7C:90:95:EB:79:FC:FD:B9:A7:AE:05 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144134.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5cc::/32 Signature Algorithm: sha256WithRSAEncryption db:68:64:ca:b4:39:4e:3c:7c:a0:c4:93:ad:1c:8a:c2:88:4f: e4:6a:c2:ff:f6:65:61:0a:07:0b:89:db:8a:32:72:57:27:d1: 88:a1:10:6d:51:c6:db:11:8e:01:07:1c:65:66:75:ff:dd:1e: f9:37:33:fe:90:0a:88:8a:c2:76:a8:80:5d:e6:c6:77:09:48: 80:be:09:49:e2:a0:1b:a0:c0:b2:1a:a4:6a:a3:9b:6f:89:ab: 55:82:33:9a:1b:92:3b:35:42:0d:e4:a9:7d:2e:c9:63:dc:84: 10:54:b4:dc:e4:51:da:58:b1:38:d0:f0:ef:aa:eb:aa:63:c8: 46:a9:93:98:04:07:6c:da:ef:f6:08:ad:bd:65:f2:bd:6f:1d: 7f:b9:0e:e8:0c:b1:07:01:b9:e6:41:76:44:ad:e5:be:62:6e: 4f:6e:30:25:f6:ea:49:aa:32:1f:70:b5:54:73:a8:ee:eb:f7: 61:5f:2f:ef:e1:00:8f:bb:91:87:81:33:c4:bd:8a:64:ce:4c: c2:36:bd:fa:35:b0:22:a1:ba:2c:5f:78:7c:19:09:13:2c:59: d1:79:ef:f7:bc:50:39:63:97:2d:9f:f3:52:96:1c:9c:19:39: af:16:49:0c:92:85:ca:e6:30:87:8b:6d:dc:6d:0e:d8:34:c9: 50:53:20:31 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWnIIq1bEdUNrfEd3hN4jtxGjuQwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0OVoX DTI3MDMwMzA2MTI0OVowMzExMC8GA1UEAxMoQjVENUI2OTYxNkE5NDcyNEFGN0M5 MDk1RUI3OUZDRkRCOUE3QUUwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMy7zAx71CNzfXFPp7kHifp0ASQax3FjFm63m8VG5uzPB9unSQ6o+RVsqvva FxVAVPQXP7YAnNIynqj8j7Xa18hlx6arrTmR7VKkzYSxFEvh/PbBPn0INu3zKdc8 4iah2IigARsy6PHmLsIyDtAYxcdwSRrNTUxsPOI6cvLL40E45ZwkSUtqQWqKvkfz aV3wKAQ0OD0iSky5uwcUimrCejZvvFrEQCkbujCIhYz3Dy7QKMYRrXJKlbZ5b2JS PMBqhhRbVWOWI0z22/cd0X1bw8zGVZ9X4oDzgFSBWTOAd55BTwy7ug0+4e4WP+22 8ZQV3dpWwsTA3lLgVGd11KALrfsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS11baW FqlHJK98kJXrefz9uaeuBTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDEzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pcwwDQYJKoZIhvcNAQELBQADggEBANtoZMq0OU48fKDEk60cisKIT+Rqwv/2ZWEK BwuJ24oyclcn0YihEG1RxtsRjgEHHGVmdf/dHvk3M/6QCoiKwnaogF3mxncJSIC+ CUnioBugwLIapGqjm2+Jq1WCM5obkjs1Qg3kqX0uyWPchBBUtNzkUdpYsTjQ8O+q 66pjyEapk5gEB2za7/YIrb1l8r1vHX+5DugMsQcBueZBdkSt5b5ibk9uMCX26kmq Mh9wtVRzqO7r92FfL+/hAI+7kYeBM8S9imTOTMI2vfo1sCKhuixfeHwZCRMsWdF5 7/e8UDljly2f81KWHJwZOa8WSQyShcrmMIeLbdxtDtg0yVBTIDE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:00 2026 by rpki-client