$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144150.roa File: AS144150.roa (raw, json) Hash identifier: uFa/+HPuGMfSFdnJo6RNrV7S3Yx6QIX7/+1RQ6rzeJA= Subject key identifier: 0F:DF:43:AE:33:13:E5:AC:0E:B6:BD:F5:85:52:A3:6C:FC:FB:DA:25 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 52CC008A7D51D0AF5708D4A3A4921A37F3AA13D5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144150.roa Signing time: Wed 04 Mar 2026 06:12:48 +0000 ROA not before: Wed 04 Mar 2026 06:07:48 +0000 ROA not after: Wed 03 Mar 2027 06:12:48 +0000 asID: 144150 IP address blocks: 240a:a5dc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:cc:00:8a:7d:51:d0:af:57:08:d4:a3:a4:92:1a:37:f3:aa:13:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:48 2026 GMT Not After : Mar 3 06:12:48 2027 GMT Subject: CN=0FDF43AE3313E5AC0EB6BDF58552A36CFCFBDA25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3f:74:10:6d:42:f1:87:48:d2:77:c4:83:f4: a0:f0:d1:cc:a9:cf:c7:3b:d4:a5:62:ea:ef:05:09: 6a:f4:b4:73:4e:0a:06:47:db:be:0c:e1:f8:ad:93: 32:1d:30:8b:97:3d:6b:bc:cc:75:8a:fa:52:3b:43: 10:13:19:8a:8d:03:31:d7:6e:22:5e:7f:ff:8e:00: 02:d7:5f:1b:7b:f0:a2:7d:4b:3e:a3:2e:37:65:7a: 60:d7:71:b2:1f:b7:5d:ab:2c:21:b8:29:8a:d2:30: aa:88:fa:cb:dd:0c:d8:80:4b:cf:08:f8:13:75:4c: b1:21:e9:c6:cc:2a:df:ef:1f:95:ae:3f:a9:23:b9: d3:e2:e2:eb:1a:b2:c1:2f:e2:b1:b1:6b:9c:28:29: d5:22:8d:4c:cc:f1:33:75:2a:5d:4e:40:69:2d:3c: 80:bc:fe:49:bc:64:ef:e8:24:df:e0:30:4d:b7:c2: 2c:67:90:df:9c:6e:ef:92:e0:ef:5c:9e:e6:52:bc: 52:ab:97:c9:6c:28:75:4b:e1:40:8b:2e:3a:ef:e6: 77:88:b3:42:24:f3:0d:b5:c1:d3:56:04:7a:7e:b1: 35:98:e7:59:6d:3c:5a:4f:b7:c9:33:bb:c5:09:cf: 3c:e3:ab:a7:8d:05:98:fe:1a:72:11:09:6c:a3:8e: 8b:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:DF:43:AE:33:13:E5:AC:0E:B6:BD:F5:85:52:A3:6C:FC:FB:DA:25 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144150.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5dc::/32 Signature Algorithm: sha256WithRSAEncryption 04:c4:a8:15:ee:28:23:4f:30:c0:27:94:cf:39:2e:88:62:d4: 91:7a:95:24:fd:c6:1e:08:ca:d7:2e:57:0e:e2:fb:d3:d6:69: cf:b8:a5:8b:04:69:68:83:a1:fe:47:56:af:fc:e2:fa:3c:f6: f4:84:03:c0:e8:75:2e:be:85:51:ef:fa:5a:53:c6:35:3c:6e: 8f:b1:5d:a7:ae:d3:3c:12:ce:e1:f2:2e:59:4b:8d:be:84:cf: 00:62:47:f4:06:ad:43:e4:8a:da:30:9a:71:7b:e2:cf:10:d2: b1:2b:c6:ea:d0:2a:c7:4e:59:eb:97:92:2e:7a:c5:fe:8d:e0: 71:77:08:0c:0b:2f:4e:12:8d:35:d4:d3:88:0b:bb:ea:09:25: eb:2c:8a:1d:70:c7:22:22:16:3e:50:c5:5b:ed:d2:fe:fb:84: a6:01:b7:01:28:32:dc:7d:89:79:7f:1b:27:c3:e1:3d:a0:55: 1d:51:91:a5:87:09:42:70:34:63:fe:3b:11:7e:06:4c:ea:52: f1:d1:c0:7c:86:76:66:63:ac:7b:24:3a:16:6d:bc:d6:2f:4e: 34:ab:f8:68:27:bd:2d:fd:cc:af:0c:12:10:4f:fb:5e:25:4d: 46:b3:30:9d:8a:ac:b6:a3:bd:79:b1:8d:da:78:b3:3d:96:e9: 43:4f:f7:c0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUswAin1R0K9XCNSjpJIaN/OqE9UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0OFoX DTI3MDMwMzA2MTI0OFowMzExMC8GA1UEAxMoMEZERjQzQUUzMzEzRTVBQzBFQjZC REY1ODU1MkEzNkNGQ0ZCREEyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4/dBBtQvGHSNJ3xIP0oPDRzKnPxzvUpWLq7wUJavS0c04KBkfbvgzh+K2T Mh0wi5c9a7zMdYr6UjtDEBMZio0DMdduIl5//44AAtdfG3vwon1LPqMuN2V6YNdx sh+3XassIbgpitIwqoj6y90M2IBLzwj4E3VMsSHpxswq3+8fla4/qSO50+Li6xqy wS/isbFrnCgp1SKNTMzxM3UqXU5AaS08gLz+Sbxk7+gk3+AwTbfCLGeQ35xu75Lg 71ye5lK8UquXyWwodUvhQIsuOu/md4izQiTzDbXB01YEen6xNZjnWW08Wk+3yTO7 xQnPPOOrp40FmP4achEJbKOOizkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQP30Ou MxPlrA62vfWFUqNs/PvaJTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pdwwDQYJKoZIhvcNAQELBQADggEBAATEqBXuKCNPMMAnlM85Lohi1JF6lST9xh4I ytcuVw7i+9PWac+4pYsEaWiDof5HVq/84vo89vSEA8DodS6+hVHv+lpTxjU8bo+x Xaeu0zwSzuHyLllLjb6EzwBiR/QGrUPkitowmnF74s8Q0rErxurQKsdOWeuXki56 xf6N4HF3CAwLL04SjTXU04gLu+oJJessih1wxyIiFj5QxVvt0v77hKYBtwEoMtx9 iXl/GyfD4T2gVR1RkaWHCUJwNGP+OxF+BkzqUvHRwHyGdmZjrHskOhZtvNYvTjSr +GgnvS39zK8MEhBP+14lTUazMJ2KrLajvXmxjdp4sz2W6UNP98A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:39 2026 by rpki-client