$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144519.roa File: AS144519.roa (raw, json) Hash identifier: M/yM4q29cj8yuqOxso34rEsEiRAdeFW1gmHjJfwOc/Q= Subject key identifier: A4:B3:E8:0C:64:E3:E1:7C:AE:DD:9E:F4:4C:51:E7:B0:17:32:86:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1992B7328CB6526E8264A92D9DF5CCB7D0555AD7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144519.roa Signing time: Wed 04 Mar 2026 06:22:11 +0000 ROA not before: Wed 04 Mar 2026 06:17:11 +0000 ROA not after: Wed 03 Mar 2027 06:22:11 +0000 asID: 144519 IP address blocks: 240a:a74d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:92:b7:32:8c:b6:52:6e:82:64:a9:2d:9d:f5:cc:b7:d0:55:5a:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:11 2026 GMT Not After : Mar 3 06:22:11 2027 GMT Subject: CN=A4B3E80C64E3E17CAEDD9EF44C51E7B0173286E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:c2:b4:35:74:26:9e:43:4d:91:45:34:b6:ae: 30:01:5c:4c:77:0a:d2:a9:99:8f:21:2c:f3:34:b0: 09:e7:d3:3b:81:32:c0:23:8a:8f:62:1e:8c:39:02: 4b:c7:93:8f:aa:e1:66:3b:21:3a:31:f5:4b:29:53: ef:8a:e3:44:14:eb:ee:4f:55:86:e9:94:6a:fa:5a: e9:04:af:04:6d:8a:09:af:5d:df:65:b4:a7:82:ef: e3:8b:63:b5:25:9f:52:7f:95:38:c0:37:15:dc:47: 9c:24:0b:49:8b:76:88:fe:66:1d:cd:29:b8:27:9a: 5a:06:d0:1c:05:42:41:07:cb:69:88:e5:71:b8:0e: a9:0c:65:38:b2:29:25:4f:0c:84:78:ad:a2:6c:7b: 53:f7:ce:6f:dd:60:3e:be:ec:24:e7:41:fe:d0:e0: d0:00:a1:cb:4c:b1:71:df:26:d3:8c:ce:ef:68:bf: 9f:d0:26:d4:b3:c8:e3:c8:da:ce:38:b0:fa:a3:a7: 7a:32:08:08:30:f5:ee:2f:67:1d:02:24:90:66:d8: 1b:56:44:7f:d4:64:55:4e:a4:9e:bc:c9:5c:a8:33: 45:a1:25:6e:44:e4:88:28:53:e8:7c:aa:a2:52:9f: a0:8d:51:a1:06:20:e8:32:ac:c8:00:d1:9e:ba:8e: 65:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:B3:E8:0C:64:E3:E1:7C:AE:DD:9E:F4:4C:51:E7:B0:17:32:86:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144519.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a74d::/32 Signature Algorithm: sha256WithRSAEncryption 79:94:35:06:72:b9:14:89:3c:ad:5d:a2:80:66:e4:39:ed:b4: 1c:ab:fa:6c:72:04:d2:43:45:66:b4:f1:b6:f1:7c:d9:66:5f: 94:7d:c7:f4:3a:66:8a:67:17:0a:55:25:1f:dd:e7:0e:2c:91: 71:59:28:35:97:96:ac:83:47:0c:08:35:8c:8e:bf:47:77:28: de:bc:bb:ff:2f:be:9b:0d:c7:e2:7d:a0:f2:64:71:b1:1f:e2: 60:81:e1:80:e3:e0:fc:6a:a0:e7:06:e9:30:6d:2e:15:31:df: eb:ee:32:f3:84:70:65:18:51:67:b7:45:9c:88:e7:98:04:86: ae:47:e8:28:4b:5e:35:52:40:db:62:9f:b8:00:57:4f:29:9f: d1:98:5f:37:a9:48:ab:fd:60:de:a9:c1:3a:0c:f8:37:61:36: d4:5e:17:1a:f6:bf:4f:05:2f:7e:0b:78:59:23:0b:b4:3e:a1: a1:9f:80:ca:f3:88:3c:64:d8:43:2d:21:04:ae:41:83:a6:30: 7a:5b:26:ed:06:06:05:f1:59:5d:ea:3d:58:c3:da:d9:53:dc: 11:93:3a:8f:08:06:f8:f4:7d:d0:e7:c6:5f:9d:e6:10:fd:1e: 50:58:c2:d2:12:5a:7e:24:d1:68:4b:95:c0:f2:4c:9f:f5:16: eb:28:39:af -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGZK3Moy2Um6CZKktnfXMt9BVWtcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxMVoX DTI3MDMwMzA2MjIxMVowMzExMC8GA1UEAxMoQTRCM0U4MEM2NEUzRTE3Q0FFREQ5 RUY0NEM1MUU3QjAxNzMyODZFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIPCtDV0Jp5DTZFFNLauMAFcTHcK0qmZjyEs8zSwCefTO4EywCOKj2IejDkC S8eTj6rhZjshOjH1SylT74rjRBTr7k9VhumUavpa6QSvBG2KCa9d32W0p4Lv44tj tSWfUn+VOMA3FdxHnCQLSYt2iP5mHc0puCeaWgbQHAVCQQfLaYjlcbgOqQxlOLIp JU8MhHitomx7U/fOb91gPr7sJOdB/tDg0AChy0yxcd8m04zO72i/n9Am1LPI48ja zjiw+qOnejIICDD17i9nHQIkkGbYG1ZEf9RkVU6knrzJXKgzRaElbkTkiChT6Hyq olKfoI1RoQYg6DKsyADRnrqOZa0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSks+gM ZOPhfK7dnvRMUeewFzKG4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDUxOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p00wDQYJKoZIhvcNAQELBQADggEBAHmUNQZyuRSJPK1dooBm5DnttByr+mxyBNJD RWa08bbxfNlmX5R9x/Q6ZopnFwpVJR/d5w4skXFZKDWXlqyDRwwINYyOv0d3KN68 u/8vvpsNx+J9oPJkcbEf4mCB4YDj4PxqoOcG6TBtLhUx3+vuMvOEcGUYUWe3RZyI 55gEhq5H6ChLXjVSQNtin7gAV08pn9GYXzepSKv9YN6pwToM+DdhNtReFxr2v08F L34LeFkjC7Q+oaGfgMrziDxk2EMtIQSuQYOmMHpbJu0GBgXxWV3qPVjD2tlT3BGT Oo8IBvj0fdDnxl+d5hD9HlBYwtISWn4k0WhLlcDyTJ/1FusoOa8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:48 2026 by rpki-client