$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144158.roa File: AS144158.roa (raw, json) Hash identifier: 7zPrBK+Ddd976edISQn7h0NxiOO9E/v0UMXdVMmz5Aw= Subject key identifier: 9E:58:B6:64:FE:07:DB:E5:53:FD:63:E3:06:3D:8B:E0:FB:1F:64:2C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 40F59827C37D8712A29ACE65E7FF1DA790217197 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144158.roa Signing time: Wed 04 Mar 2026 06:12:34 +0000 ROA not before: Wed 04 Mar 2026 06:07:34 +0000 ROA not after: Wed 03 Mar 2027 06:12:34 +0000 asID: 144158 IP address blocks: 240a:a5e4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:f5:98:27:c3:7d:87:12:a2:9a:ce:65:e7:ff:1d:a7:90:21:71:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:34 2026 GMT Not After : Mar 3 06:12:34 2027 GMT Subject: CN=9E58B664FE07DBE553FD63E3063D8BE0FB1F642C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:3b:49:44:e7:18:49:4c:0a:7a:01:05:ed:00: c1:07:02:d6:0d:2b:7a:7a:6d:ac:4c:41:fd:02:62: aa:7b:47:17:6e:c2:8c:59:b6:b9:47:5a:c2:fa:e3: 99:57:ec:37:c5:d2:21:42:2d:1f:cc:0d:a9:da:c8: 46:5a:fe:23:1e:da:a8:83:f8:99:24:b8:eb:3b:e6: a1:d2:04:52:91:80:ae:37:f0:14:6e:f7:d1:dc:82: a2:1a:5e:9a:00:48:75:e3:74:6c:38:ad:c4:d0:d9: 99:ba:03:0e:88:cc:38:59:97:86:c7:0a:bc:07:c2: 66:47:15:48:a3:4e:3f:05:18:6f:7e:24:bf:b2:3e: 60:f0:5b:39:42:83:46:c7:52:1d:f7:bc:3f:5e:21: 9c:9b:94:11:53:b3:dd:b3:f2:2a:49:b8:36:05:eb: 8b:73:de:2e:3e:74:7c:7e:04:e6:16:91:63:ba:af: 91:30:dd:44:f2:e9:e6:d5:93:ce:08:e0:11:f8:8c: bb:ff:f9:ac:60:21:1f:89:fb:ea:b2:d4:fc:bb:cb: 8e:60:68:bc:c4:4f:0c:2d:1f:cb:10:48:17:cb:a3: e4:99:86:a6:8c:ba:cc:87:fb:fe:ff:ac:e3:6a:8b: 43:2d:c8:0d:3a:cb:fd:b4:c4:f6:f8:dd:7b:8d:78: 88:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:58:B6:64:FE:07:DB:E5:53:FD:63:E3:06:3D:8B:E0:FB:1F:64:2C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144158.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5e4::/32 Signature Algorithm: sha256WithRSAEncryption 25:60:fd:de:74:53:51:90:68:ba:1c:05:5a:4a:08:2f:1d:f8: 48:3b:e9:d3:e9:29:77:43:e5:1c:e4:f6:74:be:a8:1a:7b:5d: 99:69:00:ee:06:f4:bd:ac:35:9c:24:ba:2c:84:15:09:d8:6e: c4:85:a0:94:f3:dd:78:ce:d4:85:03:68:45:b9:9e:1c:81:b6: 9a:bb:fc:45:57:a9:a3:bc:78:f8:f2:88:82:7d:20:9e:71:76: 1b:c8:3e:04:60:21:b3:d8:e9:76:f6:9a:e1:b5:53:08:5b:f8: de:0f:51:ae:12:5e:e6:74:50:5d:98:46:e4:25:9a:ef:3d:b5: 64:73:74:54:7d:0e:9c:fd:5c:41:62:89:3a:92:ca:a5:aa:ed: f8:93:1e:a1:ac:db:71:9d:31:ba:d5:a7:3f:0f:bf:d7:ce:33: c5:d1:c8:17:24:90:aa:da:28:65:52:db:f0:ee:eb:14:70:83: 99:c7:2b:7c:e0:82:0a:83:9e:46:88:72:ef:b6:8e:03:37:71: 2e:d0:17:1a:bd:ea:e8:f6:18:36:aa:b5:24:cb:13:f7:bc:8a: c2:86:b8:80:5c:03:e7:89:14:21:02:12:88:04:8a:46:53:38: e3:a4:cc:e4:57:e3:b9:8a:06:84:c0:8b:cb:fb:0a:a7:85:e0: c7:a7:be:cb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQPWYJ8N9hxKims5l5/8dp5AhcZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczNFoX DTI3MDMwMzA2MTIzNFowMzExMC8GA1UEAxMoOUU1OEI2NjRGRTA3REJFNTUzRkQ2 M0UzMDYzRDhCRTBGQjFGNjQyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJI7SUTnGElMCnoBBe0AwQcC1g0renptrExB/QJiqntHF27CjFm2uUdawvrj mVfsN8XSIUItH8wNqdrIRlr+Ix7aqIP4mSS46zvmodIEUpGArjfwFG730dyCohpe mgBIdeN0bDitxNDZmboDDojMOFmXhscKvAfCZkcVSKNOPwUYb34kv7I+YPBbOUKD RsdSHfe8P14hnJuUEVOz3bPyKkm4NgXri3PeLj50fH4E5haRY7qvkTDdRPLp5tWT zgjgEfiMu//5rGAhH4n76rLU/LvLjmBovMRPDC0fyxBIF8uj5JmGpoy6zIf7/v+s 42qLQy3IDTrL/bTE9vjde414iMsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSeWLZk /gfb5VP9Y+MGPYvg+x9kLDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK peQwDQYJKoZIhvcNAQELBQADggEBACVg/d50U1GQaLocBVpKCC8d+Eg76dPpKXdD 5Rzk9nS+qBp7XZlpAO4G9L2sNZwkuiyEFQnYbsSFoJTz3XjO1IUDaEW5nhyBtpq7 /EVXqaO8ePjyiIJ9IJ5xdhvIPgRgIbPY6Xb2muG1Uwhb+N4PUa4SXuZ0UF2YRuQl mu89tWRzdFR9Dpz9XEFiiTqSyqWq7fiTHqGs23GdMbrVpz8Pv9fOM8XRyBckkKra KGVS2/Du6xRwg5nHK3zgggqDnkaIcu+2jgM3cS7QFxq96uj2GDaqtSTLE/e8isKG uIBcA+eJFCECEogEikZTOOOkzORX47mKBoTAi8v7CqeF4Menvss= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:06 2026 by rpki-client