$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144151.roa File: AS144151.roa (raw, json) Hash identifier: fV4q5vvmtSmD/lLZUm+aPem4/MxZYmwXetI3e6NB094= Subject key identifier: 35:6D:83:8D:F9:3B:18:22:A2:D3:04:02:68:A0:6C:1D:22:1C:EE:DB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6CF81D9AED6684067622B41AFE2B490CCEB3F58C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144151.roa Signing time: Wed 04 Mar 2026 06:12:47 +0000 ROA not before: Wed 04 Mar 2026 06:07:47 +0000 ROA not after: Wed 03 Mar 2027 06:12:47 +0000 asID: 144151 IP address blocks: 240a:a5dd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:f8:1d:9a:ed:66:84:06:76:22:b4:1a:fe:2b:49:0c:ce:b3:f5:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:47 2026 GMT Not After : Mar 3 06:12:47 2027 GMT Subject: CN=356D838DF93B1822A2D3040268A06C1D221CEEDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:f6:91:4f:75:45:51:47:82:c3:5d:eb:9e:c7: 16:15:1d:65:04:42:90:88:36:54:a4:ee:9d:ea:bf: 79:00:e1:32:00:13:3a:be:c7:1f:a5:8e:42:47:ee: 8b:0b:d7:a9:fd:d6:ef:e3:94:3c:02:b2:d4:a9:ca: ea:77:5d:af:3b:c0:e1:45:47:e1:54:f1:a6:0a:38: 2f:61:f3:40:14:6b:81:c7:cb:be:03:bc:d5:ec:c5: a3:12:df:85:35:45:e1:7f:99:33:59:be:bf:87:79: ce:38:13:b9:6f:f2:a8:25:19:a4:be:6f:4f:cc:1c: 2a:52:3f:40:a8:82:89:6d:97:c1:9c:7c:36:84:e0: b2:9b:e1:35:ce:fc:dc:e6:a1:40:6e:2c:a4:f3:a1: 2b:4a:7f:4c:98:93:cb:ef:bb:7b:79:bb:3f:3d:26: 94:71:fa:ea:9f:07:76:19:4a:4a:32:92:c4:7e:29: e1:5b:23:ba:11:2e:80:8d:29:77:73:62:63:bc:89: 8f:5c:33:d4:a9:88:45:4d:37:19:50:a8:ad:c4:d8: 46:3f:c2:2d:e2:90:35:a9:f3:e7:b8:16:2b:24:dd: ca:e7:e4:97:c9:17:9e:6f:b2:81:34:90:f3:99:0c: 7e:26:c6:20:91:f5:46:c7:8c:5d:e9:27:c5:ba:a9: 72:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:6D:83:8D:F9:3B:18:22:A2:D3:04:02:68:A0:6C:1D:22:1C:EE:DB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144151.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5dd::/32 Signature Algorithm: sha256WithRSAEncryption 58:a4:15:42:f3:cf:af:a6:7e:a3:6d:6f:f8:8f:80:9a:fe:96: c6:97:bb:d4:a1:6d:1c:75:4b:53:0d:65:21:13:e2:6f:44:a8: 3f:46:83:16:6e:9c:e6:fe:1b:74:2e:49:1a:91:d2:38:ac:3f: 98:01:01:9f:9c:6f:18:b4:70:91:73:a3:3a:6b:39:ca:95:97: a2:66:10:b8:81:45:8e:5a:2c:04:d2:c6:ea:b2:2f:90:c4:0b: 43:51:35:c7:a2:84:14:9f:aa:85:4a:81:9e:4b:d3:0e:9c:55: 0e:8e:fe:4c:8d:f7:34:e6:dd:d0:20:50:b5:4b:ea:eb:74:48: 9a:a4:b2:1b:ac:a8:6d:e4:e5:c1:8a:12:e3:8d:a8:fb:71:0a: f1:bc:03:53:a4:2d:5f:46:0a:7b:e3:9a:bb:d7:9f:71:d1:22: e7:a1:7d:63:8d:68:15:f0:71:0a:4c:35:f6:85:8f:93:e7:08: 4a:fe:7e:4e:1b:e6:33:f9:1c:6e:c9:2a:bb:96:59:1d:1f:19: 86:26:fb:f5:15:91:2e:7d:a1:34:f0:8b:e6:27:51:24:75:28: d5:a7:f7:36:bc:79:38:4a:d6:22:77:18:d3:ac:1c:17:fa:93: bc:86:51:a7:74:2d:36:e1:3e:a2:05:b3:cf:00:af:1b:e6:dc: 55:94:f6:18 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbPgdmu1mhAZ2IrQa/itJDM6z9YwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0N1oX DTI3MDMwMzA2MTI0N1owMzExMC8GA1UEAxMoMzU2RDgzOERGOTNCMTgyMkEyRDMw NDAyNjhBMDZDMUQyMjFDRUVEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALH2kU91RVFHgsNd657HFhUdZQRCkIg2VKTuneq/eQDhMgATOr7HH6WOQkfu iwvXqf3W7+OUPAKy1KnK6nddrzvA4UVH4VTxpgo4L2HzQBRrgcfLvgO81ezFoxLf hTVF4X+ZM1m+v4d5zjgTuW/yqCUZpL5vT8wcKlI/QKiCiW2XwZx8NoTgspvhNc78 3OahQG4spPOhK0p/TJiTy++7e3m7Pz0mlHH66p8HdhlKSjKSxH4p4VsjuhEugI0p d3NiY7yJj1wz1KmIRU03GVCorcTYRj/CLeKQNanz57gWKyTdyufkl8kXnm+ygTSQ 85kMfibGIJH1RseMXeknxbqpcq0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1bYON +TsYIqLTBAJooGwdIhzu2zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pd0wDQYJKoZIhvcNAQELBQADggEBAFikFULzz6+mfqNtb/iPgJr+lsaXu9ShbRx1 S1MNZSET4m9EqD9GgxZunOb+G3QuSRqR0jisP5gBAZ+cbxi0cJFzozprOcqVl6Jm ELiBRY5aLATSxuqyL5DEC0NRNceihBSfqoVKgZ5L0w6cVQ6O/kyN9zTm3dAgULVL 6ut0SJqkshusqG3k5cGKEuONqPtxCvG8A1OkLV9GCnvjmrvXn3HRIuehfWONaBXw cQpMNfaFj5PnCEr+fk4b5jP5HG7JKruWWR0fGYYm+/UVkS59oTTwi+YnUSR1KNWn 9za8eThK1iJ3GNOsHBf6k7yGUad0LTbhPqIFs88Arxvm3FWU9hg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:18 2026 by rpki-client