$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144536.roa File: AS144536.roa (raw, json) Hash identifier: W5nEWMZXdb9xsAMYGEz/8e/Y0/E1FqCsT51FzeCTIpw= Subject key identifier: D4:49:BF:CC:44:DB:8C:9D:CD:E1:DE:95:E1:0F:EE:53:73:38:41:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 17BFB3897305DEF421ABEB2E3B66FB563F9BEAD1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144536.roa Signing time: Wed 04 Mar 2026 06:22:06 +0000 ROA not before: Wed 04 Mar 2026 06:17:06 +0000 ROA not after: Wed 03 Mar 2027 06:22:06 +0000 asID: 144536 IP address blocks: 240a:a75e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:bf:b3:89:73:05:de:f4:21:ab:eb:2e:3b:66:fb:56:3f:9b:ea:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:06 2026 GMT Not After : Mar 3 06:22:06 2027 GMT Subject: CN=D449BFCC44DB8C9DCDE1DE95E10FEE5373384197 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1c:88:3d:36:6f:eb:fe:7c:38:7e:fc:f1:dc: c3:7a:7e:62:b7:75:0c:1a:ff:da:03:09:59:99:c1: cf:02:c3:5b:19:e1:fb:b9:e3:dd:b4:67:77:cc:9b: 59:09:92:f8:e8:01:fd:1d:d9:ec:e3:af:46:8d:52: c4:5f:5b:3b:d6:95:1a:b5:4d:1b:c4:8b:1f:93:f4: 51:04:6c:00:ca:5c:1b:4b:94:1a:1e:90:7a:ed:64: 67:32:81:9e:98:a0:14:5e:5a:74:40:61:61:29:75: 92:95:2f:74:53:ae:96:3d:06:47:5f:85:ab:4e:4b: 3b:05:1c:15:6f:e5:f5:07:0d:c1:3c:b2:49:2f:78: 18:2c:29:e8:e6:51:bb:66:68:b1:8a:ae:5d:24:7e: 52:ae:8d:d6:cc:d0:8c:79:e1:75:b4:c4:f6:56:d7: eb:f2:5f:d3:5f:f1:4a:16:31:00:53:7c:f4:28:73: 94:a5:a3:10:a5:ef:bf:ae:74:cc:66:e1:5c:6c:4a: 34:bf:52:6a:37:d9:7f:ef:ca:c7:df:c1:78:c5:65: f2:a7:2a:76:55:db:11:52:52:c8:42:71:e5:a9:99: 3d:fd:6e:ae:70:96:31:9a:61:5a:f3:d8:fa:09:34: 0f:9e:68:71:73:cc:18:ff:27:85:41:5c:24:01:7e: 48:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:49:BF:CC:44:DB:8C:9D:CD:E1:DE:95:E1:0F:EE:53:73:38:41:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144536.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a75e::/32 Signature Algorithm: sha256WithRSAEncryption 76:94:22:4f:d0:3f:30:b9:ea:54:3d:36:87:9b:68:90:88:58: 97:1e:3e:80:67:93:b6:4f:b8:25:23:ad:af:26:f3:26:fe:3e: 85:df:4d:26:e4:ed:cb:7b:33:70:08:62:5c:e9:81:38:8e:21: f9:1e:ff:c9:c5:ff:c5:2f:90:b4:c8:1c:9b:ab:00:69:e7:01: 14:a7:91:10:bc:3f:4f:22:12:a7:5a:d2:56:d9:1b:9b:42:07: 79:0e:65:1f:7c:b1:c3:fc:cb:40:43:dc:4a:66:aa:59:1f:79: 97:40:70:7e:01:d2:14:61:4e:e8:68:21:74:ed:70:0d:c4:a6: f0:dc:29:74:65:90:12:4c:48:e8:82:16:ec:76:e4:7c:34:c4: 22:75:6c:90:69:ab:0d:b3:ac:60:47:1e:ff:16:76:00:15:31: 4c:b0:8f:fa:f5:f6:a5:f6:f8:ba:b4:27:06:1c:56:2d:ab:16: 0b:94:c6:87:ad:bf:8c:7f:75:02:bc:07:b4:5f:e5:11:eb:33: ce:ef:60:46:cd:91:b4:a3:27:8c:ad:fb:7e:7c:e6:5f:6c:ac: ff:e2:f5:13:90:7c:bb:a2:95:b8:2a:9d:8f:64:71:f6:1b:76: e6:5b:2b:dd:dc:f9:23:b9:12:70:68:c1:3e:da:64:4f:d3:8e: 2e:7a:9c:e7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUF7+ziXMF3vQhq+suO2b7Vj+b6tEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwNloX DTI3MDMwMzA2MjIwNlowMzExMC8GA1UEAxMoRDQ0OUJGQ0M0NERCOEM5RENERTFE RTk1RTEwRkVFNTM3MzM4NDE5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMociD02b+v+fDh+/PHcw3p+Yrd1DBr/2gMJWZnBzwLDWxnh+7nj3bRnd8yb WQmS+OgB/R3Z7OOvRo1SxF9bO9aVGrVNG8SLH5P0UQRsAMpcG0uUGh6Qeu1kZzKB npigFF5adEBhYSl1kpUvdFOulj0GR1+Fq05LOwUcFW/l9QcNwTyySS94GCwp6OZR u2ZosYquXSR+Uq6N1szQjHnhdbTE9lbX6/Jf01/xShYxAFN89ChzlKWjEKXvv650 zGbhXGxKNL9SajfZf+/Kx9/BeMVl8qcqdlXbEVJSyEJx5amZPf1urnCWMZphWvPY +gk0D55ocXPMGP8nhUFcJAF+SF8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTUSb/M RNuMnc3h3pXhD+5TczhBlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDUzNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p14wDQYJKoZIhvcNAQELBQADggEBAHaUIk/QPzC56lQ9NoebaJCIWJcePoBnk7ZP uCUjra8m8yb+PoXfTSbk7ct7M3AIYlzpgTiOIfke/8nF/8UvkLTIHJurAGnnARSn kRC8P08iEqda0lbZG5tCB3kOZR98scP8y0BD3EpmqlkfeZdAcH4B0hRhTuhoIXTt cA3EpvDcKXRlkBJMSOiCFux25Hw0xCJ1bJBpqw2zrGBHHv8WdgAVMUywj/r19qX2 +Lq0JwYcVi2rFguUxoetv4x/dQK8B7Rf5RHrM87vYEbNkbSjJ4yt+3585l9srP/i 9ROQfLuilbgqnY9kcfYbduZbK93c+SO5EnBowT7aZE/Tji56nOc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:25 2026 by rpki-client