$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144237.roa File: AS144237.roa (raw, json) Hash identifier: GPpYj3ZUPzTnDBsroj2/9jhbErd7OEsgMGvgiGCa1XM= Subject key identifier: 1F:42:59:5F:96:EB:DA:5B:5D:DF:CD:EE:1F:F0:83:4F:FD:58:D3:ED Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0EC2F4082D2DBB09CE8FA06FC652A63AF754FF00 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144237.roa Signing time: Wed 04 Mar 2026 06:14:01 +0000 ROA not before: Wed 04 Mar 2026 06:09:01 +0000 ROA not after: Wed 03 Mar 2027 06:14:01 +0000 asID: 144237 IP address blocks: 240a:a633::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:c2:f4:08:2d:2d:bb:09:ce:8f:a0:6f:c6:52:a6:3a:f7:54:ff:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:01 2026 GMT Not After : Mar 3 06:14:01 2027 GMT Subject: CN=1F42595F96EBDA5B5DDFCDEE1FF0834FFD58D3ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:cd:54:9c:dc:55:03:2f:4d:ff:17:f4:54:58: 2f:55:31:bb:ea:2c:7d:53:6c:12:cd:a5:e3:58:6f: 8d:03:e6:49:28:c3:66:13:75:7d:eb:80:c6:94:c0: ef:c6:10:35:87:16:e6:1b:8f:a1:7e:ed:bb:2d:ce: 62:7a:18:68:88:f6:0d:48:04:f1:db:6b:41:58:a6: d7:b6:7f:3e:cf:48:7a:ce:49:cd:a2:f9:c1:8f:4e: c0:75:37:c8:f0:42:52:eb:12:65:c6:9f:60:d8:c1: 18:ff:36:a0:ef:93:82:74:04:7b:4c:b2:e4:fc:c2: c6:ef:e9:4e:c5:e4:d3:ad:7d:9f:ff:4e:1f:d9:d4: ef:ad:59:2a:af:65:9d:e4:7d:85:58:ed:b7:b4:91: 53:6d:bf:a5:36:14:ee:e4:22:da:91:2a:10:a4:a6: 61:46:93:89:ae:4c:87:19:ec:7b:ed:fa:0e:8a:81: 62:f5:45:a5:b6:76:aa:f6:b7:30:1e:40:d4:75:b9: 72:cc:b7:92:82:66:70:af:2b:c2:1b:43:58:cd:1c: ae:3d:05:b1:89:f6:8b:1d:b4:73:ac:1e:c2:29:34: 96:e4:f6:8e:c0:91:a3:b9:ab:4d:af:a4:1e:2d:74: b6:2d:b7:78:96:c9:96:ff:4b:ce:f2:9a:57:15:d6: 6b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:42:59:5F:96:EB:DA:5B:5D:DF:CD:EE:1F:F0:83:4F:FD:58:D3:ED X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a633::/32 Signature Algorithm: sha256WithRSAEncryption 9a:1b:5a:18:3e:b4:26:6f:b8:14:5d:ec:05:cb:8b:63:23:17: 3c:df:a3:fd:c1:33:2a:26:a6:0d:ab:80:f0:b9:ce:af:da:03: 98:46:a2:21:9a:9c:d6:86:ce:9b:77:9c:12:44:fb:89:ab:25: 82:6c:42:90:16:00:ea:85:36:f0:8b:ba:e3:bc:ff:71:35:8a: 93:8a:de:75:4c:3b:5b:5d:ba:9a:f2:41:a0:d8:b4:d4:9b:6a: 5f:44:64:89:98:b0:fb:c8:59:d9:61:c2:82:3f:9c:28:72:84: 60:51:5f:58:a7:3c:f3:fb:7c:bb:45:8c:d7:a2:b8:a1:41:91: df:b2:b1:f4:87:06:00:bd:5d:44:98:82:fd:f1:ac:66:ff:a4: 5a:88:d0:0c:2f:a3:0d:b5:5e:5b:06:ab:e5:20:e4:4e:2a:e0: fb:6a:21:ad:a7:06:6d:1b:3e:f6:90:f9:b7:67:5f:c0:76:24: ef:df:a8:29:9a:71:86:4e:50:51:a4:e2:99:40:0b:25:5c:26: f7:3c:fc:08:ce:36:a7:cf:7c:ac:dc:17:9a:06:f4:f5:64:bd: a2:74:22:47:4a:9c:f0:2d:49:6a:19:7e:b9:a3:11:f9:1d:09: f5:9c:09:d7:d8:8e:48:5b:f3:2e:2c:6c:71:25:48:9d:27:e3: 5b:67:6f:da -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDsL0CC0tuwnOj6BvxlKmOvdU/wAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwMVoX DTI3MDMwMzA2MTQwMVowMzExMC8GA1UEAxMoMUY0MjU5NUY5NkVCREE1QjVEREZD REVFMUZGMDgzNEZGRDU4RDNFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANXNVJzcVQMvTf8X9FRYL1Uxu+osfVNsEs2l41hvjQPmSSjDZhN1feuAxpTA 78YQNYcW5huPoX7tuy3OYnoYaIj2DUgE8dtrQVim17Z/Ps9Ies5JzaL5wY9OwHU3 yPBCUusSZcafYNjBGP82oO+TgnQEe0yy5PzCxu/pTsXk0619n/9OH9nU761ZKq9l neR9hVjtt7SRU22/pTYU7uQi2pEqEKSmYUaTia5Mhxnse+36DoqBYvVFpbZ2qva3 MB5A1HW5csy3koJmcK8rwhtDWM0crj0FsYn2ix20c6wewik0luT2jsCRo7mrTa+k Hi10ti23eJbJlv9LzvKaVxXWa10CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQfQllf luvaW13fze4f8INP/VjT7TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pjMwDQYJKoZIhvcNAQELBQADggEBAJobWhg+tCZvuBRd7AXLi2MjFzzfo/3BMyom pg2rgPC5zq/aA5hGoiGanNaGzpt3nBJE+4mrJYJsQpAWAOqFNvCLuuO8/3E1ipOK 3nVMO1tdupryQaDYtNSbal9EZImYsPvIWdlhwoI/nChyhGBRX1inPPP7fLtFjNei uKFBkd+ysfSHBgC9XUSYgv3xrGb/pFqI0Awvow21XlsGq+Ug5E4q4PtqIa2nBm0b PvaQ+bdnX8B2JO/fqCmacYZOUFGk4plACyVcJvc8/AjONqfPfKzcF5oG9PVkvaJ0 IkdKnPAtSWoZfrmjEfkdCfWcCdfYjkhb8y4sbHElSJ0n41tnb9o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:12 2026 by rpki-client