$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144494.roa File: AS144494.roa (raw, json) Hash identifier: xEz+osrJ+gStMjn2aLGfDSlbPXUFP3m/K8pjFU36GC8= Subject key identifier: 97:0E:BB:09:CC:3A:20:18:17:F5:C6:09:22:E6:81:79:79:6E:E9:CF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6739382BF6380989144CA9B5A01FB505231F73AC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144494.roa Signing time: Wed 04 Mar 2026 06:13:29 +0000 ROA not before: Wed 04 Mar 2026 06:08:29 +0000 ROA not after: Wed 03 Mar 2027 06:13:29 +0000 asID: 144494 IP address blocks: 240a:a734::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:39:38:2b:f6:38:09:89:14:4c:a9:b5:a0:1f:b5:05:23:1f:73:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:29 2026 GMT Not After : Mar 3 06:13:29 2027 GMT Subject: CN=970EBB09CC3A201817F5C60922E68179796EE9CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:29:70:b8:64:e1:3a:61:c9:23:88:64:40:92: da:eb:ba:31:c7:cf:5a:6b:00:06:31:37:52:c8:d1: ec:42:74:4b:24:e6:5f:2f:35:6c:d6:91:0f:25:ce: 6c:a4:2e:8a:87:15:4f:20:ee:76:19:a5:84:c6:39: 3a:e1:50:bc:02:41:a1:6c:ec:ca:3e:be:47:a9:4f: 87:78:81:de:db:68:14:5d:b3:16:3c:93:ca:df:f8: c5:d0:8a:39:e6:91:d7:0e:e1:8e:06:85:f7:dc:9e: 03:c1:1e:bc:da:95:f8:67:1b:91:9f:c9:a8:d1:c6: 9e:1e:ac:3e:f4:0c:2c:52:fc:75:25:9c:2e:12:68: 5b:fa:07:26:be:05:ae:64:b2:53:44:d0:56:46:20: 8a:cc:92:a7:3a:aa:f6:ba:d4:99:33:bf:6e:95:5b: 88:54:c7:00:81:45:36:74:4b:86:b1:c9:1c:2b:0a: d2:29:67:f0:e3:02:89:e6:a4:a4:41:3a:1b:4b:b8: ea:76:0a:17:d1:75:a6:e9:da:34:bf:c5:89:2a:26: 60:9f:04:6a:35:5c:40:5d:19:75:e4:5c:37:86:bb: 06:dd:f9:c2:33:b8:6f:81:4e:57:57:1f:91:a6:30: 6a:70:a0:44:c3:dd:78:37:39:0d:b1:74:33:98:be: e0:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:0E:BB:09:CC:3A:20:18:17:F5:C6:09:22:E6:81:79:79:6E:E9:CF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144494.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a734::/32 Signature Algorithm: sha256WithRSAEncryption c3:4a:25:5d:70:d0:0f:c6:0e:19:08:64:01:55:95:40:86:7e: e6:af:a4:d8:5a:d7:5d:c4:4c:a8:88:99:0a:ee:4b:7f:aa:97: 1f:39:8b:41:6d:44:1d:b8:a1:35:5f:95:2a:95:2e:fa:f2:cc: bf:4f:ee:f9:0f:d5:23:06:a6:9a:f0:a5:6f:e7:21:eb:a4:ce: 6d:a5:c4:2a:99:04:12:6e:0a:34:c0:c7:dd:3f:8a:ec:85:e8: 74:ef:49:9d:bb:69:17:4c:70:42:7d:db:3b:0b:59:f1:83:57: f2:01:c3:1f:ac:77:a6:7f:58:7f:d3:98:58:ff:aa:43:67:26: d2:26:cf:0a:ac:a3:3c:87:75:12:1f:0d:23:f6:40:4c:7b:f2: 20:72:22:f5:2e:b4:90:11:e3:d3:3f:71:3b:22:fd:4a:1d:b2: a8:0d:da:7f:95:e4:f9:0b:bc:ae:96:f8:af:0f:cd:c7:30:02: ad:25:00:fd:f6:9f:3c:9f:bf:96:b5:6a:6d:6e:01:9d:01:d5: fb:73:6d:0c:9c:4c:a7:f9:84:da:30:fe:cd:d8:97:d6:eb:d5: d2:16:c3:3f:f2:25:33:0a:21:2c:b0:cc:81:b3:df:bd:07:c4: 11:0d:64:61:12:b0:d5:3c:dc:ee:f9:fc:4b:eb:54:34:d7:a9: 2b:1f:6e:e6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZzk4K/Y4CYkUTKm1oB+1BSMfc6wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyOVoX DTI3MDMwMzA2MTMyOVowMzExMC8GA1UEAxMoOTcwRUJCMDlDQzNBMjAxODE3RjVD NjA5MjJFNjgxNzk3OTZFRTlDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANUpcLhk4TphySOIZECS2uu6McfPWmsABjE3UsjR7EJ0SyTmXy81bNaRDyXO bKQuiocVTyDudhmlhMY5OuFQvAJBoWzsyj6+R6lPh3iB3ttoFF2zFjyTyt/4xdCK OeaR1w7hjgaF99yeA8EevNqV+GcbkZ/JqNHGnh6sPvQMLFL8dSWcLhJoW/oHJr4F rmSyU0TQVkYgisySpzqq9rrUmTO/bpVbiFTHAIFFNnRLhrHJHCsK0iln8OMCieak pEE6G0u46nYKF9F1punaNL/FiSomYJ8EajVcQF0ZdeRcN4a7Bt35wjO4b4FOV1cf kaYwanCgRMPdeDc5DbF0M5i+4C0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSXDrsJ zDogGBf1xgki5oF5eW7pzzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDQ5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pzQwDQYJKoZIhvcNAQELBQADggEBAMNKJV1w0A/GDhkIZAFVlUCGfuavpNha113E TKiImQruS3+qlx85i0FtRB24oTVflSqVLvryzL9P7vkP1SMGpprwpW/nIeukzm2l xCqZBBJuCjTAx90/iuyF6HTvSZ27aRdMcEJ92zsLWfGDV/IBwx+sd6Z/WH/TmFj/ qkNnJtImzwqsozyHdRIfDSP2QEx78iByIvUutJAR49M/cTsi/UodsqgN2n+V5PkL vK6W+K8PzccwAq0lAP32nzyfv5a1am1uAZ0B1ftzbQycTKf5hNow/s3Yl9br1dIW wz/yJTMKISywzIGz370HxBENZGESsNU83O75/EvrVDTXqSsfbuY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:49 2026 by rpki-client