$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144396.roa File: AS144396.roa (raw, json) Hash identifier: 18GnXbV7VbS3WoCrTs0Z0jaPfEBy4/CvjJ4TUaC0Yrc= Subject key identifier: 1D:AB:5A:DA:E1:36:43:E1:FE:25:42:82:31:DE:2A:0C:67:83:FE:F9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7CF96B743B2BEF4066A2B887FA80CFC0DB71DDA3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144396.roa Signing time: Wed 04 Mar 2026 06:15:17 +0000 ROA not before: Wed 04 Mar 2026 06:10:17 +0000 ROA not after: Wed 03 Mar 2027 06:15:17 +0000 asID: 144396 IP address blocks: 240a:a6d2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:f9:6b:74:3b:2b:ef:40:66:a2:b8:87:fa:80:cf:c0:db:71:dd:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:17 2026 GMT Not After : Mar 3 06:15:17 2027 GMT Subject: CN=1DAB5ADAE13643E1FE25428231DE2A0C6783FEF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:74:62:91:4d:79:eb:8d:db:ae:ae:06:01:02: 15:63:8d:0f:39:01:7d:66:8f:0e:cf:6b:e8:02:fa: 22:91:0b:ba:3c:b4:1c:b3:01:62:c3:6f:76:c5:d8: e9:75:51:24:00:52:8a:95:6e:36:a5:12:ec:57:d8: dd:01:4b:1b:a8:bf:83:f8:66:d0:b8:4d:cf:c8:ab: a2:f5:d9:d6:ef:f1:d8:d1:ee:cc:c1:2c:dc:17:e1: 67:8a:24:4f:cc:63:e3:ee:e1:df:fe:b5:70:76:46: 28:99:0e:ef:b8:21:35:40:ac:ee:d6:a4:82:5c:7e: 8d:3a:b9:71:d2:b3:da:c5:ea:78:49:7e:66:2c:ed: 5a:bc:86:79:4d:75:13:e2:2d:29:69:57:54:c5:9b: 63:22:32:5d:d7:8a:cc:21:95:49:5b:44:85:f1:41: bb:d4:ef:c3:9f:ae:d6:f5:47:b7:4e:b8:33:64:22: db:72:ac:1c:b2:81:cf:be:e2:37:69:bb:7c:b4:34: f5:38:ef:e3:18:74:32:81:94:3d:20:62:f1:2f:5c: 6f:53:65:00:3b:f1:f5:fa:1d:2a:88:8b:44:7f:d1: d1:43:85:b9:d9:6f:f3:72:25:29:9a:93:db:dc:91: 4b:c4:57:95:8d:6b:21:fc:b9:49:08:ef:72:c2:8a: 23:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:AB:5A:DA:E1:36:43:E1:FE:25:42:82:31:DE:2A:0C:67:83:FE:F9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144396.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a6d2::/32 Signature Algorithm: sha256WithRSAEncryption c0:0d:6c:6d:eb:52:8a:4f:ed:fd:43:35:0a:8b:df:ec:9c:09: 85:dc:80:81:8e:47:22:bc:5c:f1:e1:5e:49:67:17:1f:6c:80: de:e5:01:e4:1c:d2:8e:a6:da:16:4a:63:a8:20:1a:d7:ba:a4: 48:49:c8:99:db:72:07:0c:35:4b:98:24:bb:6f:d3:04:aa:a9: 01:8f:7e:cc:ee:2c:a0:99:6d:ca:ad:8b:48:03:30:25:98:c5: 64:1e:05:3e:70:fa:84:1d:3b:68:3d:15:44:58:8a:8b:39:ca: c2:7b:3b:a7:a2:2b:f7:cf:ab:1e:bf:89:f7:9e:c3:fa:80:53: 26:af:e1:f8:72:ba:35:d6:29:d7:3e:dc:df:ec:d2:90:8b:f2: f2:1d:92:3c:22:84:b4:05:52:51:f2:c2:d4:3b:02:e4:a3:1f: b8:50:18:91:a9:92:4e:cf:3e:06:e8:20:c7:25:3e:74:b0:46: 79:b1:fa:fc:17:51:81:e9:ba:76:b9:a1:46:93:34:6b:2d:84: 37:8e:9f:db:0a:0b:c8:4f:31:bc:30:85:80:5d:5c:9d:52:d4: 5e:26:d1:40:49:3e:b0:10:bd:ab:29:fa:6e:da:98:d6:6c:45: 59:78:6a:c7:d3:71:96:73:12:62:6d:6d:af:20:c2:97:ec:8d: 09:ee:38:c7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfPlrdDsr70BmoriH+oDPwNtx3aMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxN1oX DTI3MDMwMzA2MTUxN1owMzExMC8GA1UEAxMoMURBQjVBREFFMTM2NDNFMUZFMjU0 MjgyMzFERTJBMEM2NzgzRkVGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJh0YpFNeeuN266uBgECFWONDzkBfWaPDs9r6AL6IpELujy0HLMBYsNvdsXY 6XVRJABSipVuNqUS7FfY3QFLG6i/g/hm0LhNz8irovXZ1u/x2NHuzMEs3BfhZ4ok T8xj4+7h3/61cHZGKJkO77ghNUCs7takglx+jTq5cdKz2sXqeEl+ZiztWryGeU11 E+ItKWlXVMWbYyIyXdeKzCGVSVtEhfFBu9Tvw5+u1vVHt064M2Qi23KsHLKBz77i N2m7fLQ09Tjv4xh0MoGUPSBi8S9cb1NlADvx9fodKoiLRH/R0UOFudlv83IlKZqT 29yRS8RXlY1rIfy5SQjvcsKKI7sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQdq1ra 4TZD4f4lQoIx3ioMZ4P++TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDM5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ptIwDQYJKoZIhvcNAQELBQADggEBAMANbG3rUopP7f1DNQqL3+ycCYXcgIGORyK8 XPHhXklnFx9sgN7lAeQc0o6m2hZKY6ggGte6pEhJyJnbcgcMNUuYJLtv0wSqqQGP fszuLKCZbcqti0gDMCWYxWQeBT5w+oQdO2g9FURYios5ysJ7O6eiK/fPqx6/ifee w/qAUyav4fhyujXWKdc+3N/s0pCL8vIdkjwihLQFUlHywtQ7AuSjH7hQGJGpkk7P PgboIMclPnSwRnmx+vwXUYHpuna5oUaTNGsthDeOn9sKC8hPMbwwhYBdXJ1S1F4m 0UBJPrAQvasp+m7amNZsRVl4asfTcZZzEmJtba8gwpfsjQnuOMc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:22 2026 by rpki-client