$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144161.roa File: AS144161.roa (raw, json) Hash identifier: DDXXDX6eWFNfORK+i7qVp9enkcPTkj/hCa0+XXRdcLc= Subject key identifier: 1A:3E:33:51:D7:7B:4F:5E:A1:D2:09:E2:96:FE:2D:13:61:65:EF:0A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6625C38AC3707E2D78D93DDEE6CEC7C62DF03B98 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144161.roa Signing time: Wed 04 Mar 2026 06:15:21 +0000 ROA not before: Wed 04 Mar 2026 06:10:21 +0000 ROA not after: Wed 03 Mar 2027 06:15:21 +0000 asID: 144161 IP address blocks: 240a:a5e7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:25:c3:8a:c3:70:7e:2d:78:d9:3d:de:e6:ce:c7:c6:2d:f0:3b:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:21 2026 GMT Not After : Mar 3 06:15:21 2027 GMT Subject: CN=1A3E3351D77B4F5EA1D209E296FE2D136165EF0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:30:9f:6e:66:1e:7f:25:60:76:84:4d:7c:a7: 8c:a0:fc:e0:43:36:5d:9c:3a:63:f3:c0:31:16:c6: e6:ec:89:00:19:be:4f:fc:e6:b7:16:b4:22:8b:24: 48:ad:13:37:73:19:fc:b5:13:88:90:8d:61:b4:6d: 03:1c:b5:c2:6a:8a:a1:af:e9:c7:c5:2c:b0:d3:8e: e8:c1:8e:2d:15:b4:78:c2:92:cf:de:38:43:58:60: 16:61:8c:b3:b6:a1:df:37:6d:fd:de:2e:25:82:e0: 45:6f:1b:2d:11:44:57:26:d8:3b:fe:15:1d:e8:3e: ed:ce:a0:0b:6e:f1:41:33:1b:dc:91:b6:1e:12:c7: 8c:85:91:97:30:d3:a2:9d:e6:29:fe:5b:7e:88:37: 7f:65:77:bc:16:54:80:70:0b:61:82:4b:21:2c:c3: eb:c8:ac:33:79:37:f0:21:66:be:fb:00:96:b4:20: b9:24:af:b7:c4:c0:34:27:75:50:dd:4d:6f:04:16: d7:11:1e:e2:d1:4a:01:ec:09:c5:f3:e1:38:22:9d: 25:7c:f4:71:a8:e6:13:48:01:70:60:3a:2f:38:b0: 90:dd:8d:ec:8c:ed:1a:b3:b8:c6:cd:6f:d8:57:a4: 6a:cd:8e:54:a7:7e:99:88:9e:fd:f8:7c:4f:f6:4f: 92:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:3E:33:51:D7:7B:4F:5E:A1:D2:09:E2:96:FE:2D:13:61:65:EF:0A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144161.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5e7::/32 Signature Algorithm: sha256WithRSAEncryption 82:2a:9c:62:31:9d:36:dc:de:11:2b:13:a1:55:86:36:19:3f: cb:99:dc:08:5c:2a:bd:16:e8:50:a0:a1:88:c6:85:27:84:ff: 42:74:f9:7c:12:57:84:21:8d:0a:ed:c0:1b:de:55:d4:a4:67: bd:ef:3b:c9:fb:ec:dd:c9:30:7c:f6:7f:7f:3e:35:cd:9c:47: 1b:37:74:7e:11:0e:c5:19:14:9f:d6:03:90:5e:69:f4:87:d7: fe:53:6c:1f:66:fd:4f:b6:ad:30:66:b7:b0:65:9e:69:35:93: 1c:a4:2c:bb:77:55:3b:c9:7c:6f:22:a5:b4:10:48:76:9a:bb: 1f:9a:f9:09:7e:6e:f1:11:a8:4a:12:15:78:e3:4a:3d:a8:06: 58:80:17:96:32:a9:dc:3d:b1:e8:1e:9d:10:7e:46:df:eb:dc: 3c:53:05:17:5c:5a:cd:91:e2:f1:0a:c1:7d:fd:70:16:0b:9f: 6c:cf:05:7b:08:d7:ae:d7:d3:c9:74:48:a2:4f:c8:97:b6:8b: 09:3d:3c:a6:c5:f1:f3:0b:dc:0c:03:01:08:ac:36:b6:54:61: 01:c7:ad:9f:15:ed:5c:d2:2f:9f:ef:96:42:a8:0b:40:60:1f: cb:77:02:48:f9:04:49:70:1b:61:4f:32:7b:90:44:88:1d:ba: 1a:de:91:0e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZiXDisNwfi142T3e5s7Hxi3wO5gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyMVoX DTI3MDMwMzA2MTUyMVowMzExMC8GA1UEAxMoMUEzRTMzNTFENzdCNEY1RUExRDIw OUUyOTZGRTJEMTM2MTY1RUYwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJMwn25mHn8lYHaETXynjKD84EM2XZw6Y/PAMRbG5uyJABm+T/zmtxa0Iosk SK0TN3MZ/LUTiJCNYbRtAxy1wmqKoa/px8UssNOO6MGOLRW0eMKSz944Q1hgFmGM s7ah3zdt/d4uJYLgRW8bLRFEVybYO/4VHeg+7c6gC27xQTMb3JG2HhLHjIWRlzDT op3mKf5bfog3f2V3vBZUgHALYYJLISzD68isM3k38CFmvvsAlrQguSSvt8TANCd1 UN1NbwQW1xEe4tFKAewJxfPhOCKdJXz0cajmE0gBcGA6LziwkN2N7IztGrO4xs1v 2Fekas2OVKd+mYie/fh8T/ZPkrkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQaPjNR 13tPXqHSCeKW/i0TYWXvCjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pecwDQYJKoZIhvcNAQELBQADggEBAIIqnGIxnTbc3hErE6FVhjYZP8uZ3AhcKr0W 6FCgoYjGhSeE/0J0+XwSV4QhjQrtwBveVdSkZ73vO8n77N3JMHz2f38+Nc2cRxs3 dH4RDsUZFJ/WA5BeafSH1/5TbB9m/U+2rTBmt7Blnmk1kxykLLt3VTvJfG8ipbQQ SHaaux+a+Ql+bvERqEoSFXjjSj2oBliAF5Yyqdw9segenRB+Rt/r3DxTBRdcWs2R 4vEKwX39cBYLn2zPBXsI167X08l0SKJPyJe2iwk9PKbF8fML3AwDAQisNrZUYQHH rZ8V7VzSL5/vlkKoC0BgH8t3Akj5BElwG2FPMnuQRIgduhrekQ4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:13 2026 by rpki-client