$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144203.roa File: AS144203.roa (raw, json) Hash identifier: URHZ0CCYPcf2xvKyZaZocqo/EZASCA1Y8FkCuVuG8u4= Subject key identifier: B5:9A:4F:EC:B4:16:19:37:E9:3F:3F:BC:6A:51:3E:7E:81:8C:6A:C6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1D3D19BB193FF91CF8DCFA3EC166CC18860AAB93 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144203.roa Signing time: Wed 04 Mar 2026 06:13:45 +0000 ROA not before: Wed 04 Mar 2026 06:08:45 +0000 ROA not after: Wed 03 Mar 2027 06:13:45 +0000 asID: 144203 IP address blocks: 240a:a611::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:3d:19:bb:19:3f:f9:1c:f8:dc:fa:3e:c1:66:cc:18:86:0a:ab:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:45 2026 GMT Not After : Mar 3 06:13:45 2027 GMT Subject: CN=B59A4FECB4161937E93F3FBC6A513E7E818C6AC6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:34:bb:1a:a0:c3:0c:1f:7f:c7:d7:fc:64:e0: 1b:a3:97:e4:2b:b1:48:d7:0a:ec:46:bd:57:54:6a: 74:a1:79:65:05:50:1e:ef:68:00:e1:c1:bb:0e:63: 94:e7:9f:cb:ba:54:7a:f0:35:28:46:b3:fc:40:d1: e3:6a:f3:ba:09:21:7c:cf:4d:74:2d:db:25:83:73: 7f:93:7a:53:f0:f1:bf:53:6f:05:86:7c:d4:9a:e3: e1:22:03:be:e1:45:f7:8e:d7:78:49:c0:0f:a8:a4: d6:ef:c7:78:a7:56:93:74:c5:ee:5f:12:d1:32:57: da:f6:28:78:c9:95:e6:3e:ce:c4:dd:61:dc:a2:aa: e4:24:b1:76:66:b9:be:0a:e4:d0:01:c9:ac:a4:f7: d9:58:88:46:1a:50:69:ed:ea:97:32:b1:f7:96:79: b7:2e:5a:cc:29:16:12:2d:c8:ee:37:b7:87:52:58: dc:fd:4f:47:cf:9d:d0:55:fc:fa:73:51:be:73:c9: b4:d6:8d:7e:49:41:6d:db:0e:f9:d2:82:3a:db:34: bb:0f:6b:1a:32:79:a7:07:d8:c9:18:42:e2:3b:a9: 08:ec:16:2a:0f:25:b6:b8:8f:f4:8d:28:b9:d9:fd: 71:c0:b0:cc:02:8c:a2:7f:03:e1:08:8d:51:16:62: 71:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:9A:4F:EC:B4:16:19:37:E9:3F:3F:BC:6A:51:3E:7E:81:8C:6A:C6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144203.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a611::/32 Signature Algorithm: sha256WithRSAEncryption 4f:dd:87:24:5e:b6:57:a4:ac:d2:69:aa:cd:dd:5b:7e:62:40: 06:45:60:4a:ea:d5:d7:82:d4:2f:89:63:e6:8d:6c:50:ca:0a: 76:21:da:10:01:5c:99:d5:e5:52:db:c4:8a:c2:05:28:ea:42: f4:f3:be:fc:2c:21:e2:23:57:9e:0d:27:f6:a7:b3:0c:96:3a: 0a:10:74:6d:d9:45:05:ec:6b:fb:d2:6b:73:e6:c8:53:11:7e: 3f:75:63:46:92:47:e9:9d:1c:dc:b9:2c:33:32:ee:29:c4:8f: 38:ea:61:30:8f:69:9f:04:cd:ca:9c:c6:87:f9:88:20:30:cf: 6e:c0:15:a1:5e:5c:86:b1:6f:3b:73:9b:72:f0:ab:7d:7b:6f: 7f:11:e0:eb:42:5f:40:df:7a:50:69:15:06:9e:c0:9e:17:15: cf:23:f9:a0:4a:c1:4a:25:ca:38:ec:fc:ec:b8:b0:5e:0f:3d: 19:ca:6e:9e:50:c6:24:83:df:29:32:6c:c1:0b:37:c0:d1:f7: 5b:e4:b8:6a:4f:37:92:ca:57:c0:68:6e:40:37:70:c1:70:ed: 30:f3:95:01:23:b3:1c:94:a3:9e:35:3b:db:b2:22:d0:16:90: 3a:b4:10:26:af:59:fb:aa:8c:12:a9:7b:b8:0b:d2:e7:87:fa: 3e:70:99:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHT0Zuxk/+Rz43Po+wWbMGIYKq5MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0NVoX DTI3MDMwMzA2MTM0NVowMzExMC8GA1UEAxMoQjU5QTRGRUNCNDE2MTkzN0U5M0Yz RkJDNkE1MTNFN0U4MThDNkFDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANA0uxqgwwwff8fX/GTgG6OX5CuxSNcK7Ea9V1RqdKF5ZQVQHu9oAOHBuw5j lOefy7pUevA1KEaz/EDR42rzugkhfM9NdC3bJYNzf5N6U/Dxv1NvBYZ81Jrj4SID vuFF947XeEnAD6ik1u/HeKdWk3TF7l8S0TJX2vYoeMmV5j7OxN1h3KKq5CSxdma5 vgrk0AHJrKT32ViIRhpQae3qlzKx95Z5ty5azCkWEi3I7je3h1JY3P1PR8+d0FX8 +nNRvnPJtNaNfklBbdsO+dKCOts0uw9rGjJ5pwfYyRhC4jupCOwWKg8ltriP9I0o udn9ccCwzAKMon8D4QiNURZicUUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS1mk/s tBYZN+k/P7xqUT5+gYxqxjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK phEwDQYJKoZIhvcNAQELBQADggEBAE/dhyRetlekrNJpqs3dW35iQAZFYErq1deC 1C+JY+aNbFDKCnYh2hABXJnV5VLbxIrCBSjqQvTzvvwsIeIjV54NJ/answyWOgoQ dG3ZRQXsa/vSa3PmyFMRfj91Y0aSR+mdHNy5LDMy7inEjzjqYTCPaZ8Ezcqcxof5 iCAwz27AFaFeXIaxbztzm3Lwq317b38R4OtCX0DfelBpFQaewJ4XFc8j+aBKwUol yjjs/Oy4sF4PPRnKbp5QxiSD3ykybMELN8DR91vkuGpPN5LKV8BobkA3cMFw7TDz lQEjsxyUo541O9uyItAWkDq0ECavWfuqjBKpe7gL0ueH+j5wme4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:50 2026 by rpki-client