$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144156.roa File: AS144156.roa (raw, json) Hash identifier: dhHyBX2Ky/Y0Up0mj0cuxJdMVEKDfjI1qHaDbN2tECE= Subject key identifier: 20:39:D3:D0:B1:40:0F:7D:40:E6:A6:5C:4C:AE:3D:38:0D:6A:29:BB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1F6FE4C20FB3A95AFB213B31F548CF947E8B2AA6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144156.roa Signing time: Wed 04 Mar 2026 06:13:29 +0000 ROA not before: Wed 04 Mar 2026 06:08:29 +0000 ROA not after: Wed 03 Mar 2027 06:13:29 +0000 asID: 144156 IP address blocks: 240a:a5e2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:6f:e4:c2:0f:b3:a9:5a:fb:21:3b:31:f5:48:cf:94:7e:8b:2a:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:29 2026 GMT Not After : Mar 3 06:13:29 2027 GMT Subject: CN=2039D3D0B1400F7D40E6A65C4CAE3D380D6A29BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:89:9d:8a:f9:7a:a0:be:fc:ed:6a:08:90:aa: 84:7f:13:5e:1c:2a:25:88:ee:cd:47:81:6d:37:ac: ea:a5:e8:3c:89:b7:0a:ef:e8:09:2d:f0:98:83:6d: f3:53:04:4c:86:e5:28:df:b0:eb:4c:17:47:a7:81: 4d:f4:c6:33:82:09:f3:ed:c5:f8:60:70:94:8a:5b: 99:d1:02:63:2c:fe:1b:ff:aa:f0:09:24:a8:b0:44: 12:56:6f:ea:71:19:e8:f5:d3:b8:61:20:3c:67:e2: 7f:ab:f2:af:93:46:1f:0f:1c:15:db:b5:76:c1:56: e2:4b:4c:71:a6:d6:e3:b7:d3:50:d9:e9:ea:d0:cb: eb:7b:03:3c:fd:70:19:a0:62:e4:28:b9:e0:05:68: 59:17:c2:52:94:e0:75:30:c9:bc:cc:5c:e2:06:03: 0e:c6:e3:99:c6:ce:a7:0e:ac:f2:d1:5d:c3:50:29: 18:e3:2a:2a:ab:34:22:6f:49:44:db:3f:3e:cf:e7: 67:10:0a:c1:d1:0c:96:8d:39:13:32:10:2f:49:01: 61:3e:f0:13:eb:89:a8:78:19:04:0a:7f:69:d5:d7: 5d:c8:0b:44:b8:7b:3e:be:50:14:24:49:3f:2a:be: 8a:46:02:c1:90:bf:d8:fc:a8:45:d1:c4:f1:ca:10: 58:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:39:D3:D0:B1:40:0F:7D:40:E6:A6:5C:4C:AE:3D:38:0D:6A:29:BB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144156.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5e2::/32 Signature Algorithm: sha256WithRSAEncryption d3:3a:87:19:02:00:f3:fc:f1:34:48:a1:c2:17:d2:15:e9:4c: f4:e4:3a:b9:ed:87:da:92:29:80:da:b8:44:9f:f5:11:95:b0: a5:53:72:91:e6:81:e6:b9:af:bb:e7:4b:84:f1:1d:36:02:71: 04:31:aa:2f:ee:be:43:bd:ee:2f:13:37:c2:ce:35:50:7a:48: 1e:ad:5c:02:b4:e0:00:72:2f:57:04:45:f8:73:24:f1:cd:9b: 7a:ba:ee:52:0a:ed:a2:9f:ff:fe:5b:39:1f:db:d6:fe:02:f3: 88:a4:43:9d:e3:06:5b:64:74:b7:6c:db:2b:cb:36:2a:cc:ad: e8:32:4c:71:f3:31:79:ca:e7:22:fa:e1:1a:26:14:66:a5:9c: fc:98:43:52:cb:3e:89:36:fd:55:d2:bb:de:a8:6b:7d:09:3b: 42:b0:3a:05:8b:bd:ff:25:b8:1d:ea:d8:f9:21:bc:56:49:80: 63:67:88:2e:d5:a3:ba:cf:97:38:2c:0c:9b:c7:d0:0c:b5:06: 88:9a:9f:93:f7:e3:7b:59:e6:db:df:30:14:f0:e3:41:6e:8f: d3:78:fe:23:58:70:aa:c4:ec:7b:2d:23:f7:60:23:b3:b6:de: 54:2f:09:6a:66:15:71:8e:e3:6f:76:e2:24:87:ff:5e:48:58: 02:fc:41:44 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUH2/kwg+zqVr7ITsx9UjPlH6LKqYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyOVoX DTI3MDMwMzA2MTMyOVowMzExMC8GA1UEAxMoMjAzOUQzRDBCMTQwMEY3RDQwRTZB NjVDNENBRTNEMzgwRDZBMjlCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSJnYr5eqC+/O1qCJCqhH8TXhwqJYjuzUeBbTes6qXoPIm3Cu/oCS3wmINt 81METIblKN+w60wXR6eBTfTGM4IJ8+3F+GBwlIpbmdECYyz+G/+q8AkkqLBEElZv 6nEZ6PXTuGEgPGfif6vyr5NGHw8cFdu1dsFW4ktMcabW47fTUNnp6tDL63sDPP1w GaBi5Ci54AVoWRfCUpTgdTDJvMxc4gYDDsbjmcbOpw6s8tFdw1ApGOMqKqs0Im9J RNs/Ps/nZxAKwdEMlo05EzIQL0kBYT7wE+uJqHgZBAp/adXXXcgLRLh7Pr5QFCRJ Pyq+ikYCwZC/2PyoRdHE8coQWN0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQgOdPQ sUAPfUDmplxMrj04DWopuzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK peIwDQYJKoZIhvcNAQELBQADggEBANM6hxkCAPP88TRIocIX0hXpTPTkOrnth9qS KYDauESf9RGVsKVTcpHmgea5r7vnS4TxHTYCcQQxqi/uvkO97i8TN8LONVB6SB6t XAK04AByL1cERfhzJPHNm3q67lIK7aKf//5bOR/b1v4C84ikQ53jBltkdLds2yvL NirMregyTHHzMXnK5yL64RomFGalnPyYQ1LLPok2/VXSu96oa30JO0KwOgWLvf8l uB3q2PkhvFZJgGNniC7Vo7rPlzgsDJvH0Ay1Boian5P343tZ5tvfMBTw40Fuj9N4 /iNYcKrE7HstI/dgI7O23lQvCWpmFXGO42924iSH/15IWAL8QUQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:16 2026 by rpki-client