$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144169.roa File: AS144169.roa (raw, json) Hash identifier: xOz7rEdZAxNqdvkaYxGwubpL7/rfJIDZwuCgLs8wQOM= Subject key identifier: 2A:31:D7:37:2A:87:F3:8D:B8:FD:CC:52:04:32:E0:EB:C1:E1:1A:DD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4CE4E1DF7F4CEFC967BA0EBAE78F1FE51214409C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144169.roa Signing time: Wed 04 Mar 2026 06:13:12 +0000 ROA not before: Wed 04 Mar 2026 06:08:12 +0000 ROA not after: Wed 03 Mar 2027 06:13:12 +0000 asID: 144169 IP address blocks: 240a:a5ef::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:e4:e1:df:7f:4c:ef:c9:67:ba:0e:ba:e7:8f:1f:e5:12:14:40:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:12 2026 GMT Not After : Mar 3 06:13:12 2027 GMT Subject: CN=2A31D7372A87F38DB8FDCC520432E0EBC1E11ADD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cc:f1:fc:7a:59:13:2f:02:6a:1a:24:8c:80: 8e:d1:67:8d:fa:00:16:7f:59:81:ef:b4:12:12:60: 4d:f8:53:10:8b:b5:1b:f8:13:f4:31:b8:26:cb:40: 7e:49:c8:25:b4:f0:bf:c9:00:86:b6:b2:06:cd:7c: 76:90:71:04:db:64:ef:12:f4:8a:46:f4:4a:97:fc: 6a:52:46:63:ad:85:19:c2:e7:4d:3a:94:d2:e6:10: 6e:70:d3:bc:b3:c3:38:c9:8f:22:0a:15:cc:86:91: 50:e7:84:53:f0:25:e0:bf:bd:ab:78:a0:80:f9:6a: 97:25:be:77:e7:c4:f8:eb:d4:07:50:af:12:6b:03: 3d:46:d1:8d:38:89:64:9f:4c:11:c0:a3:01:3d:15: 3d:f2:f6:c2:ce:4c:09:a8:0c:b0:09:5d:d4:99:d8: 1f:4a:d1:92:54:f5:8e:77:6b:98:44:96:ce:37:57: b4:1c:a5:96:17:32:65:36:f8:37:06:d3:58:1f:22: b7:58:2b:ef:6b:c3:b7:c2:da:f4:d5:ba:a0:c1:09: 68:26:12:98:9c:0d:f0:fe:1c:de:bf:11:1a:b3:54: f7:3d:aa:95:21:66:f1:08:9c:5e:4a:d5:53:16:77: c0:aa:2b:8e:54:e8:91:a7:71:1c:a0:99:09:e1:d8: e0:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:31:D7:37:2A:87:F3:8D:B8:FD:CC:52:04:32:E0:EB:C1:E1:1A:DD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144169.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5ef::/32 Signature Algorithm: sha256WithRSAEncryption 9a:56:48:2d:be:0c:ca:52:05:c0:42:4f:0c:0c:a2:8f:ed:d7: 5b:6b:52:aa:c6:fa:49:8f:72:d3:64:60:3f:30:65:be:d2:35: 01:04:89:20:70:aa:ce:27:3a:1f:bf:21:44:bb:b4:ff:22:7d: 81:a6:7d:8d:08:f5:e0:e9:ba:25:96:82:a8:43:86:30:36:b9: e9:80:43:cb:ea:79:d6:8d:31:eb:7e:30:9e:7f:af:d1:df:96: 95:2a:85:4a:96:93:03:b7:23:59:d6:b9:27:e7:cb:c9:c9:8e: b3:9c:79:aa:49:fc:6c:26:c7:42:7f:6a:8a:1e:8d:d4:e5:67: 2a:8c:77:37:24:fd:4d:8e:8e:3f:fa:b9:c6:1a:df:37:1b:5f: c0:da:b3:29:6c:95:cc:1d:44:31:83:49:12:5a:10:09:24:c4: 8e:bb:c4:ed:d8:1e:ca:73:0e:b0:c9:0b:ed:be:1c:ab:63:b5: 0b:f1:62:da:94:38:7a:db:10:70:f1:3f:97:a7:a2:16:cf:c4: dc:9a:c5:e6:e8:ef:e9:ec:d1:31:0c:c0:88:59:bc:8b:d2:2f: 3a:df:cd:9c:21:8f:15:74:68:a4:76:bd:57:53:8a:3c:a2:90: 89:b7:2c:0e:c3:b3:ba:87:9e:0b:cf:6b:40:c1:9a:9a:59:f9: ae:b4:50:51 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTOTh339M78lnug66548f5RIUQJwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMloX DTI3MDMwMzA2MTMxMlowMzExMC8GA1UEAxMoMkEzMUQ3MzcyQTg3RjM4REI4RkRD QzUyMDQzMkUwRUJDMUUxMUFERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjM8fx6WRMvAmoaJIyAjtFnjfoAFn9Zge+0EhJgTfhTEIu1G/gT9DG4JstA fknIJbTwv8kAhrayBs18dpBxBNtk7xL0ikb0Spf8alJGY62FGcLnTTqU0uYQbnDT vLPDOMmPIgoVzIaRUOeEU/Al4L+9q3iggPlqlyW+d+fE+OvUB1CvEmsDPUbRjTiJ ZJ9MEcCjAT0VPfL2ws5MCagMsAld1JnYH0rRklT1jndrmESWzjdXtByllhcyZTb4 NwbTWB8it1gr72vDt8La9NW6oMEJaCYSmJwN8P4c3r8RGrNU9z2qlSFm8QicXkrV UxZ3wKorjlTokadxHKCZCeHY4KkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQqMdc3 Kofzjbj9zFIEMuDrweEa3TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pe8wDQYJKoZIhvcNAQELBQADggEBAJpWSC2+DMpSBcBCTwwMoo/t11trUqrG+kmP ctNkYD8wZb7SNQEEiSBwqs4nOh+/IUS7tP8ifYGmfY0I9eDpuiWWgqhDhjA2uemA Q8vqedaNMet+MJ5/r9HflpUqhUqWkwO3I1nWuSfny8nJjrOceapJ/Gwmx0J/aooe jdTlZyqMdzck/U2Ojj/6ucYa3zcbX8DasylslcwdRDGDSRJaEAkkxI67xO3YHspz DrDJC+2+HKtjtQvxYtqUOHrbEHDxP5enohbPxNyaxebo7+ns0TEMwIhZvIvSLzrf zZwhjxV0aKR2vVdTijyikIm3LA7Ds7qHngvPa0DBmppZ+a60UFE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:14 2026 by rpki-client