$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144152.roa File: AS144152.roa (raw, json) Hash identifier: 0q6JvogFxHWVVtN9bJyvJoGJoKjq/StUM51BXJxJHt8= Subject key identifier: CD:0F:2C:FB:DF:BC:AC:55:4F:24:78:23:74:C6:0A:31:A6:E5:A6:37 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 087CB8831D2103E39223030562BB214A2F550C4A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144152.roa Signing time: Wed 04 Mar 2026 06:14:09 +0000 ROA not before: Wed 04 Mar 2026 06:09:09 +0000 ROA not after: Wed 03 Mar 2027 06:14:09 +0000 asID: 144152 IP address blocks: 240a:a5de::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:7c:b8:83:1d:21:03:e3:92:23:03:05:62:bb:21:4a:2f:55:0c:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:09 2026 GMT Not After : Mar 3 06:14:09 2027 GMT Subject: CN=CD0F2CFBDFBCAC554F24782374C60A31A6E5A637 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7a:02:f3:91:e5:0d:ef:3a:d8:44:35:18:2a: cd:d4:d6:71:2d:c3:50:40:60:24:31:d2:31:dc:6b: 97:c0:e4:d0:d8:92:6d:52:6c:5c:38:1b:9c:bf:8b: da:81:cc:75:86:16:48:09:38:c6:eb:cf:5b:a4:c9: 2a:60:02:f9:c8:13:07:0a:38:32:0f:cc:2b:1f:8f: 5a:27:51:91:f2:5a:88:d7:41:ba:7e:f7:f7:9c:c6: c0:d9:cd:dd:a5:29:16:df:3b:63:55:22:6d:30:fa: d9:82:1c:14:bf:6e:76:e1:ce:01:45:47:07:28:9e: a7:60:84:8f:06:59:8d:f5:73:3a:2a:6d:57:c8:67: dc:bb:f9:5f:3f:4c:cd:08:77:57:2d:48:eb:21:5d: 6f:c4:df:73:da:7f:df:fa:a6:14:d4:90:88:64:89: 7f:6e:75:a2:b5:01:03:0e:02:f1:02:c5:5a:de:0c: f5:0b:7c:79:47:dd:a8:a1:a8:8d:bc:96:3a:8c:82: 47:a7:28:07:f4:c9:54:38:a7:a9:29:bb:4d:ea:ed: 0b:54:d2:81:87:d9:8c:1d:a2:59:d7:fc:81:2c:ab: 94:69:12:f7:c1:a6:fa:f0:32:c1:77:cc:40:c6:06: e1:85:6e:ea:5f:ad:5f:d6:a8:94:9b:f5:01:42:ec: 19:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:0F:2C:FB:DF:BC:AC:55:4F:24:78:23:74:C6:0A:31:A6:E5:A6:37 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5de::/32 Signature Algorithm: sha256WithRSAEncryption 10:90:b7:b7:4e:41:67:94:84:9e:0e:98:1b:14:af:55:f7:db: c2:fe:b2:6b:37:04:fa:ca:a9:da:4b:59:13:f5:71:7e:0a:3a: 73:9a:85:97:e9:14:ec:e5:4e:d1:3e:de:9c:a0:d2:39:63:61: 45:51:45:2d:2e:d6:07:b2:14:b0:70:6c:c0:90:40:2e:cd:61: dc:5d:d5:3c:4f:7f:20:41:bc:ca:52:13:df:2e:3a:82:60:88: 3b:2c:50:63:d6:16:31:fb:9f:b5:cc:63:2d:09:2e:cb:c6:57: 95:48:33:36:d6:86:f2:a6:05:a9:83:36:81:d2:90:ba:5c:0e: 3e:eb:80:5c:d7:46:d7:23:c6:a7:fe:43:07:6d:97:f5:f3:8a: 36:df:30:ed:14:85:ca:f0:58:73:8b:cb:86:dc:f2:7f:9a:0d: 44:3f:e3:74:59:d8:84:5d:b6:62:d4:5f:c8:8b:59:60:2d:1f: bb:63:3d:63:59:bb:cc:2d:61:a8:cf:60:ef:5c:8a:56:ca:60: c5:c6:1f:74:0f:d9:bf:81:9c:b0:f5:d2:10:c3:13:26:bb:ce: 2d:e6:2d:90:f6:12:db:de:dd:60:ae:fd:ab:f6:9b:b3:31:cb: b0:c5:55:ec:18:7e:17:b3:dc:33:89:d3:63:94:15:77:fb:aa: 11:fe:8f:7f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCHy4gx0hA+OSIwMFYrshSi9VDEowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwOVoX DTI3MDMwMzA2MTQwOVowMzExMC8GA1UEAxMoQ0QwRjJDRkJERkJDQUM1NTRGMjQ3 ODIzNzRDNjBBMzFBNkU1QTYzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL96AvOR5Q3vOthENRgqzdTWcS3DUEBgJDHSMdxrl8Dk0NiSbVJsXDgbnL+L 2oHMdYYWSAk4xuvPW6TJKmAC+cgTBwo4Mg/MKx+PWidRkfJaiNdBun7395zGwNnN 3aUpFt87Y1UibTD62YIcFL9uduHOAUVHByiep2CEjwZZjfVzOiptV8hn3Lv5Xz9M zQh3Vy1I6yFdb8Tfc9p/3/qmFNSQiGSJf251orUBAw4C8QLFWt4M9Qt8eUfdqKGo jbyWOoyCR6coB/TJVDinqSm7TertC1TSgYfZjB2iWdf8gSyrlGkS98Gm+vAywXfM QMYG4YVu6l+tX9aolJv1AULsGfUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNDyz7 37ysVU8keCN0xgoxpuWmNzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pd4wDQYJKoZIhvcNAQELBQADggEBABCQt7dOQWeUhJ4OmBsUr1X328L+sms3BPrK qdpLWRP1cX4KOnOahZfpFOzlTtE+3pyg0jljYUVRRS0u1geyFLBwbMCQQC7NYdxd 1TxPfyBBvMpSE98uOoJgiDssUGPWFjH7n7XMYy0JLsvGV5VIMzbWhvKmBamDNoHS kLpcDj7rgFzXRtcjxqf+Qwdtl/XzijbfMO0UhcrwWHOLy4bc8n+aDUQ/43RZ2IRd tmLUX8iLWWAtH7tjPWNZu8wtYajPYO9cilbKYMXGH3QP2b+BnLD10hDDEya7zi3m LZD2Etve3WCu/av2m7Mxy7DFVewYfhez3DOJ02OUFXf7qhH+j38= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:24 2026 by rpki-client