$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144521.roa File: AS144521.roa (raw, json) Hash identifier: NyxV5KxfW/r/JBsNLb+qbbnAUR4tNCiWXQQxDTXZpgI= Subject key identifier: E7:70:0D:95:BA:B9:96:31:52:85:73:95:A0:8C:7F:17:6B:4D:62:84 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 36EDDB2E9819FBD1329996B24F74F18BE9E44178 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144521.roa Signing time: Wed 04 Mar 2026 06:20:24 +0000 ROA not before: Wed 04 Mar 2026 06:15:24 +0000 ROA not after: Wed 03 Mar 2027 06:20:24 +0000 asID: 144521 IP address blocks: 240a:a74f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:ed:db:2e:98:19:fb:d1:32:99:96:b2:4f:74:f1:8b:e9:e4:41:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:24 2026 GMT Not After : Mar 3 06:20:24 2027 GMT Subject: CN=E7700D95BAB9963152857395A08C7F176B4D6284 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f8:e4:e7:f1:66:32:93:03:ad:63:8c:35:4f: f0:00:41:9e:26:d3:35:e9:9e:c0:07:ca:8e:9b:b7: bf:97:7e:1a:a0:e9:9b:41:8a:c6:2e:44:55:4d:24: 55:49:1f:8e:d5:d8:6b:49:06:80:6f:18:f2:94:63: f1:6f:6c:70:11:22:3f:8d:16:c0:1b:50:e2:72:d3: 4b:8b:f9:5e:40:ad:0d:c4:02:e4:80:cf:5a:a6:3c: d4:0b:08:77:da:e0:e5:a5:f6:e7:05:26:e9:f4:af: d7:2e:85:68:f2:43:85:2d:d4:3d:30:7c:de:0d:5c: 42:44:3d:02:32:60:75:24:48:22:b5:03:0b:d5:25: f4:d8:98:4c:93:c0:85:3d:2d:dd:c8:d0:03:f6:4c: cd:a9:75:34:db:30:41:12:a2:b4:d3:ac:d9:e0:db: 9b:10:d2:09:70:d5:d5:ff:3d:a7:77:86:e3:5b:df: 30:e2:89:8b:81:55:94:4d:d1:78:c7:72:d4:90:c5: 58:ea:01:3d:44:ce:f9:3d:d9:fc:2f:de:23:a3:37: ea:d3:f8:99:9c:46:06:5f:95:90:a6:7b:df:87:97: fd:fb:d2:ac:47:88:32:a4:ba:df:9e:9a:7e:66:f8: 0d:7c:45:9e:83:ec:d4:e0:b0:09:d1:af:25:31:8b: 94:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:70:0D:95:BA:B9:96:31:52:85:73:95:A0:8C:7F:17:6B:4D:62:84 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a74f::/32 Signature Algorithm: sha256WithRSAEncryption 9a:13:ee:c5:c8:fb:6b:24:41:a0:8c:b3:07:5e:10:1a:a8:1f: 85:d1:a6:10:88:75:c4:da:16:b5:e2:9c:69:be:e7:6a:e2:36: 73:9e:12:82:a7:e6:2a:a0:fb:aa:54:35:6d:90:6f:00:a1:12: f6:33:ac:ce:19:2c:3d:19:83:f6:a4:0f:a7:17:d8:dd:00:d1: e0:39:78:4e:8a:23:92:25:d4:28:ca:53:af:42:22:21:ae:8d: b8:0a:97:14:ee:69:d4:86:52:82:f4:55:4e:16:7f:64:9f:f2: 42:9d:a5:ab:8e:7c:ce:e6:0b:8e:b6:dc:65:22:0d:54:10:6d: 9d:f0:be:4b:52:be:04:c7:16:d1:ad:aa:01:2c:bb:c1:fd:1f: ed:4f:9b:37:47:ab:48:a7:52:ca:89:9e:91:76:72:1f:d7:98: 3a:59:97:a0:c7:06:c7:97:bf:f7:6f:ae:6c:3c:8c:d4:dd:80: b1:82:07:8e:d2:b0:49:c0:bf:63:5d:d0:37:f2:e7:2c:ab:c0: 9b:3b:8d:83:0a:72:6c:db:37:d5:71:d1:e9:f0:ec:82:fc:ce: 09:64:df:e9:b9:f4:7f:4d:6f:f3:f9:86:30:a0:16:59:ce:3f: 26:86:36:db:8e:4b:05:c4:b8:d4:c8:a8:a1:44:d0:aa:73:d6: c8:27:4d:ed -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNu3bLpgZ+9EymZayT3Txi+nkQXgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyNFoX DTI3MDMwMzA2MjAyNFowMzExMC8GA1UEAxMoRTc3MDBEOTVCQUI5OTYzMTUyODU3 Mzk1QTA4QzdGMTc2QjRENjI4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALv45OfxZjKTA61jjDVP8ABBnibTNemewAfKjpu3v5d+GqDpm0GKxi5EVU0k VUkfjtXYa0kGgG8Y8pRj8W9scBEiP40WwBtQ4nLTS4v5XkCtDcQC5IDPWqY81AsI d9rg5aX25wUm6fSv1y6FaPJDhS3UPTB83g1cQkQ9AjJgdSRIIrUDC9Ul9NiYTJPA hT0t3cjQA/ZMzal1NNswQRKitNOs2eDbmxDSCXDV1f89p3eG41vfMOKJi4FVlE3R eMdy1JDFWOoBPUTO+T3Z/C/eI6M36tP4mZxGBl+VkKZ734eX/fvSrEeIMqS6356a fmb4DXxFnoPs1OCwCdGvJTGLlIkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTncA2V urmWMVKFc5WgjH8Xa01ihDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDUyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p08wDQYJKoZIhvcNAQELBQADggEBAJoT7sXI+2skQaCMswdeEBqoH4XRphCIdcTa FrXinGm+52riNnOeEoKn5iqg+6pUNW2QbwChEvYzrM4ZLD0Zg/akD6cX2N0A0eA5 eE6KI5Il1CjKU69CIiGujbgKlxTuadSGUoL0VU4Wf2Sf8kKdpauOfM7mC4623GUi DVQQbZ3wvktSvgTHFtGtqgEsu8H9H+1PmzdHq0inUsqJnpF2ch/XmDpZl6DHBseX v/dvrmw8jNTdgLGCB47SsEnAv2Nd0Dfy5yyrwJs7jYMKcmzbN9Vx0enw7IL8zglk 3+m59H9Nb/P5hjCgFlnOPyaGNtuOSwXEuNTIqKFE0Kpz1sgnTe0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:29 2026 by rpki-client