$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144235.roa File: AS144235.roa (raw, json) Hash identifier: XzUQxFx5rGdPK4ALtU/QRtVfTUDGCbuKNi0cmyUM9pw= Subject key identifier: CC:5C:EB:98:9E:F8:AB:83:F0:19:E2:2A:E4:50:77:8C:B0:FD:61:65 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 04DCE2B395983C8285D401DB5CD368DD35B92BF2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144235.roa Signing time: Wed 04 Mar 2026 06:15:38 +0000 ROA not before: Wed 04 Mar 2026 06:10:38 +0000 ROA not after: Wed 03 Mar 2027 06:15:38 +0000 asID: 144235 IP address blocks: 240a:a631::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:dc:e2:b3:95:98:3c:82:85:d4:01:db:5c:d3:68:dd:35:b9:2b:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:38 2026 GMT Not After : Mar 3 06:15:38 2027 GMT Subject: CN=CC5CEB989EF8AB83F019E22AE450778CB0FD6165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ca:88:9c:65:a5:e5:05:25:2c:5f:05:15:b6: d4:0f:a1:58:cd:7d:7b:11:a6:c3:db:17:91:e4:9d: 88:2d:1d:2c:53:ad:03:71:a9:e7:72:4f:9a:8a:69: 3e:7b:5c:e5:e1:61:cc:59:a5:5d:2a:31:05:a2:4f: 6c:23:42:00:8f:7c:79:9e:f0:6b:ac:09:87:9c:02: 63:09:6e:9c:30:ad:ab:a0:e6:9c:92:1b:f1:f2:09: 1f:80:4a:10:66:af:62:9c:58:3c:ef:7e:2f:d6:d5: 93:31:9a:1c:fd:e6:3d:42:84:a9:d1:11:c1:44:e4: 2f:df:cc:ea:fa:9d:04:0b:7c:b6:65:ac:47:0d:05: b5:d8:bd:69:e8:b6:90:99:af:c1:a3:06:17:96:4c: 5e:61:5f:c8:0c:c7:f7:34:52:e3:55:20:4b:b3:35: 3f:3c:15:62:aa:b6:26:ad:66:e3:e5:50:aa:d1:5e: d4:5a:26:91:30:9c:3f:86:84:e2:79:b4:7f:25:85: c6:20:08:6a:72:f1:c6:2c:9a:be:c9:7c:0c:b7:49: 83:68:b5:35:c7:08:b6:cb:22:8e:1a:5f:24:54:23: 0d:52:08:17:e6:d5:3f:3d:88:4e:11:0f:69:17:91: 1c:06:2e:87:c0:19:cc:80:15:79:a0:7c:8a:fc:b9: 7f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:5C:EB:98:9E:F8:AB:83:F0:19:E2:2A:E4:50:77:8C:B0:FD:61:65 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a631::/32 Signature Algorithm: sha256WithRSAEncryption 47:a5:20:f3:58:a8:5a:b0:4a:cd:92:1b:a1:b9:70:52:fe:09: 92:fc:b1:44:a0:4e:94:85:1f:1e:70:0f:b3:22:f5:3b:69:89: e1:b8:e1:a1:f6:d5:d1:98:70:1c:80:b4:3b:fb:0c:82:29:62: 5c:f1:4a:11:22:fe:a3:4e:e8:70:14:d5:42:34:d6:84:ca:77: 66:90:a5:32:15:ca:3d:79:ba:1f:0f:ab:65:3c:39:a6:b3:65: 84:ef:a6:a8:4c:10:3e:82:d9:06:15:ec:25:6b:f0:3d:6d:50: d3:fa:af:5e:e2:e4:ae:55:60:ba:cc:59:c0:16:bf:49:fd:ae: a4:b2:5c:d1:f0:c6:16:7a:5e:b9:87:0b:c8:c8:0a:03:6b:3e: 13:ae:76:45:ad:05:86:56:f6:22:d4:fa:dc:b3:f8:27:d5:0d: 86:6c:56:08:bc:bc:39:41:85:2e:a3:a8:b7:e3:4e:2c:9e:44: f7:7c:38:cd:88:19:6d:f2:f8:98:74:7d:5d:60:a0:f4:0b:23: 07:07:c2:c0:d9:06:cc:94:83:d2:2a:14:9d:fa:3f:9a:ce:32: 89:90:f7:72:f0:a3:8e:73:f4:ea:04:9a:d6:e8:5c:c9:14:48: 83:64:82:04:21:55:2f:1b:41:ff:20:6d:de:cf:64:90:53:6b: 18:31:15:97 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBNzis5WYPIKF1AHbXNNo3TW5K/IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzOFoX DTI3MDMwMzA2MTUzOFowMzExMC8GA1UEAxMoQ0M1Q0VCOTg5RUY4QUI4M0YwMTlF MjJBRTQ1MDc3OENCMEZENjE2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALvKiJxlpeUFJSxfBRW21A+hWM19exGmw9sXkeSdiC0dLFOtA3Gp53JPmopp Pntc5eFhzFmlXSoxBaJPbCNCAI98eZ7wa6wJh5wCYwlunDCtq6DmnJIb8fIJH4BK EGavYpxYPO9+L9bVkzGaHP3mPUKEqdERwUTkL9/M6vqdBAt8tmWsRw0Ftdi9aei2 kJmvwaMGF5ZMXmFfyAzH9zRS41UgS7M1PzwVYqq2Jq1m4+VQqtFe1FomkTCcP4aE 4nm0fyWFxiAIanLxxiyavsl8DLdJg2i1NccItssijhpfJFQjDVIIF+bVPz2IThEP aReRHAYuh8AZzIAVeaB8ivy5f68CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTMXOuY nvirg/AZ4irkUHeMsP1hZTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIzNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pjEwDQYJKoZIhvcNAQELBQADggEBAEelIPNYqFqwSs2SG6G5cFL+CZL8sUSgTpSF Hx5wD7Mi9TtpieG44aH21dGYcByAtDv7DIIpYlzxShEi/qNO6HAU1UI01oTKd2aQ pTIVyj15uh8Pq2U8OaazZYTvpqhMED6C2QYV7CVr8D1tUNP6r17i5K5VYLrMWcAW v0n9rqSyXNHwxhZ6XrmHC8jICgNrPhOudkWtBYZW9iLU+tyz+CfVDYZsVgi8vDlB hS6jqLfjTiyeRPd8OM2IGW3y+Jh0fV1goPQLIwcHwsDZBsyUg9IqFJ36P5rOMomQ 93Lwo45z9OoEmtboXMkUSINkggQhVS8bQf8gbd7PZJBTaxgxFZc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:05 2026 by rpki-client