$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144176.roa File: AS144176.roa (raw, json) Hash identifier: 15do0VxOHd3rDEf6VYv24RyvssfCsgdkXs281TrXcuQ= Subject key identifier: D2:BC:15:A4:04:DC:72:3A:BE:89:97:14:48:14:B7:01:8E:F1:34:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3114ED28250D18F5801AE2E268243134CBF12AA3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144176.roa Signing time: Wed 04 Mar 2026 06:14:50 +0000 ROA not before: Wed 04 Mar 2026 06:09:50 +0000 ROA not after: Wed 03 Mar 2027 06:14:50 +0000 asID: 144176 IP address blocks: 240a:a5f6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:14:ed:28:25:0d:18:f5:80:1a:e2:e2:68:24:31:34:cb:f1:2a:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:50 2026 GMT Not After : Mar 3 06:14:50 2027 GMT Subject: CN=D2BC15A404DC723ABE8997144814B7018EF13413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:54:c7:68:69:32:68:c3:81:19:e6:10:d0:a9: d1:a4:2c:86:7b:b0:ef:55:95:b4:a6:b0:32:65:4a: 8f:91:f0:c4:5f:b6:57:43:29:04:73:9a:c3:23:0f: a7:d4:5d:10:16:a3:5b:a2:93:46:87:db:f8:44:c5: 0f:12:b5:57:27:43:ec:2a:4d:89:c9:8d:e5:ee:da: 4d:d5:f6:05:88:3d:72:9a:1d:08:b1:0d:4e:24:00: fc:ca:b9:76:22:ff:32:96:f7:dc:ca:6f:9b:f8:2f: bb:f4:06:7c:e7:f7:1b:f6:bc:75:90:fc:0c:04:ba: bb:04:14:76:d2:81:dc:ea:6a:e5:a2:a6:02:fd:4d: f0:c4:92:38:76:bc:71:d9:ba:77:6d:54:1c:06:37: 53:3c:b6:ad:ee:54:b0:35:37:d5:70:3f:85:e8:a8: 2b:00:ca:e2:9f:10:5f:29:29:85:cc:dc:e3:b1:3c: eb:f6:8c:ab:9c:1c:cc:66:a9:94:d6:df:c2:90:05: 92:2f:39:39:9e:d6:68:7d:51:97:6a:bc:58:5d:45: da:23:b6:2c:85:3d:5d:1b:8c:01:e6:b1:d3:18:09: 51:c4:61:d7:ff:90:aa:c7:e0:ae:40:d6:d2:a1:91: d3:06:18:94:2c:c3:92:3b:c1:99:b4:b1:72:9b:9f: 13:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:BC:15:A4:04:DC:72:3A:BE:89:97:14:48:14:B7:01:8E:F1:34:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144176.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5f6::/32 Signature Algorithm: sha256WithRSAEncryption 2f:f1:f5:38:21:ff:ec:20:d3:43:90:88:2c:bb:f4:88:b4:b0: a4:0a:e8:86:15:6d:d8:64:db:60:5f:9e:63:84:49:da:5e:fc: 43:5d:b4:79:dd:68:43:d0:bd:0b:74:60:19:ac:78:1c:35:0d: 84:1b:a5:26:7b:11:9c:7e:73:23:66:9a:0a:63:d6:0d:a9:88: d2:ca:43:bd:17:9e:4e:62:5c:f9:8f:75:fb:c0:08:c9:38:ee: 4b:98:fc:43:6e:57:47:40:03:1f:45:99:6e:79:bf:a7:06:d8: fb:bf:00:1f:70:2a:ae:52:1c:ff:5d:5d:b3:0f:a1:eb:da:28: 1e:43:f2:ee:ba:86:7a:3a:42:53:79:61:58:ec:be:05:da:51: 3d:46:d4:d7:04:e8:7d:81:e6:34:29:1b:ca:f9:a4:d0:db:51: 95:27:4e:89:8c:96:5d:62:c6:e4:cc:97:8c:4d:20:62:3b:d4: c7:e7:69:28:07:03:9b:ad:a4:f0:63:0d:00:d6:06:f3:e3:8c: 29:43:1e:a9:16:45:40:23:75:aa:87:6c:54:58:51:18:1e:3c: 43:b0:30:5a:ea:94:8b:b8:83:66:5a:03:70:5c:d8:78:29:66: e3:48:7b:78:8a:f3:81:e6:3c:e9:1c:e8:eb:6d:21:7d:37:d2: 0c:91:d9:8c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMRTtKCUNGPWAGuLiaCQxNMvxKqMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk1MFoX DTI3MDMwMzA2MTQ1MFowMzExMC8GA1UEAxMoRDJCQzE1QTQwNERDNzIzQUJFODk5 NzE0NDgxNEI3MDE4RUYxMzQxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMhUx2hpMmjDgRnmENCp0aQshnuw71WVtKawMmVKj5HwxF+2V0MpBHOawyMP p9RdEBajW6KTRofb+ETFDxK1VydD7CpNicmN5e7aTdX2BYg9cpodCLENTiQA/Mq5 diL/Mpb33Mpvm/gvu/QGfOf3G/a8dZD8DAS6uwQUdtKB3Opq5aKmAv1N8MSSOHa8 cdm6d21UHAY3Uzy2re5UsDU31XA/heioKwDK4p8QXykphczc47E86/aMq5wczGap lNbfwpAFki85OZ7WaH1Rl2q8WF1F2iO2LIU9XRuMAeax0xgJUcRh1/+QqsfgrkDW 0qGR0wYYlCzDkjvBmbSxcpufE/ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTSvBWk BNxyOr6JlxRIFLcBjvE0EzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDE3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pfYwDQYJKoZIhvcNAQELBQADggEBAC/x9Tgh/+wg00OQiCy79Ii0sKQK6IYVbdhk 22BfnmOESdpe/ENdtHndaEPQvQt0YBmseBw1DYQbpSZ7EZx+cyNmmgpj1g2piNLK Q70Xnk5iXPmPdfvACMk47kuY/ENuV0dAAx9FmW55v6cG2Pu/AB9wKq5SHP9dXbMP oevaKB5D8u66hno6QlN5YVjsvgXaUT1G1NcE6H2B5jQpG8r5pNDbUZUnTomMll1i xuTMl4xNIGI71MfnaSgHA5utpPBjDQDWBvPjjClDHqkWRUAjdaqHbFRYURgePEOw MFrqlIu4g2ZaA3Bc2HgpZuNIe3iK84HmPOkc6OttIX030gyR2Yw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:39 2026 by rpki-client