$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144540.roa File: AS144540.roa (raw, json) Hash identifier: IH0swPRPACB0YUkrv135QgueJ1V4yhsCnNYO0cnkzdM= Subject key identifier: 7B:E0:34:FB:38:0E:49:D5:F4:E7:2C:F7:78:8F:61:EF:7F:65:41:B3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0DC2FF3F46AC451DAEAB7C808333594852667533 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144540.roa Signing time: Wed 04 Mar 2026 06:20:46 +0000 ROA not before: Wed 04 Mar 2026 06:15:46 +0000 ROA not after: Wed 03 Mar 2027 06:20:46 +0000 asID: 144540 IP address blocks: 240a:a762::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:c2:ff:3f:46:ac:45:1d:ae:ab:7c:80:83:33:59:48:52:66:75:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:46 2026 GMT Not After : Mar 3 06:20:46 2027 GMT Subject: CN=7BE034FB380E49D5F4E72CF7788F61EF7F6541B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3e:2c:8b:0f:de:e1:b2:e0:c2:a4:e0:32:23: 45:f4:79:60:9a:56:53:8f:01:91:f9:c5:9f:52:73: 3a:ae:26:c6:38:5f:df:7a:74:ac:ac:10:ae:54:67: 15:74:ee:6c:00:eb:c7:77:6f:f7:2f:c3:f4:72:5b: 1a:09:aa:cc:55:3d:42:2e:e8:50:40:82:9d:e0:7c: 1c:08:e7:a6:62:29:31:c3:6c:5f:78:1f:9b:7f:8e: f9:f6:dc:0d:78:85:12:0a:d9:20:27:d1:1a:c7:e8: 05:8b:b8:32:7a:c9:db:38:70:6a:f6:e2:2d:4f:a9: 61:40:3b:dc:23:4c:7f:b7:6e:c3:c7:43:a7:cb:f7: a1:a3:f4:c3:55:ac:38:d2:44:b0:e9:09:df:d0:49: 2d:3a:58:78:73:3f:95:51:73:2a:a6:52:24:6a:4e: e6:c3:27:c8:05:e4:0b:9c:38:53:f4:8e:7d:3a:79: 27:99:b2:5c:67:67:fc:1b:9a:31:7e:b4:3f:f2:d1: 30:b4:47:c7:de:bf:5a:69:24:97:83:b6:2b:a6:af: 58:73:2a:d8:fe:d6:89:3a:15:10:24:da:40:73:12: e6:51:e0:a7:ea:7f:6b:94:b4:76:30:59:b8:0b:f2: c9:05:96:78:e9:55:d4:87:9e:ed:49:c9:e5:b3:e7: f2:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:E0:34:FB:38:0E:49:D5:F4:E7:2C:F7:78:8F:61:EF:7F:65:41:B3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144540.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a762::/32 Signature Algorithm: sha256WithRSAEncryption 5c:ac:c1:c9:c1:bd:58:af:a4:93:6b:f0:74:97:e4:60:fc:3a: ee:9f:a9:d3:bd:e7:01:6d:de:d0:1c:8b:c6:77:16:c1:87:3c: 98:9c:5f:e9:af:db:2b:7b:e2:2c:eb:34:63:11:1c:d7:11:d6: 3e:fb:02:f0:67:ea:97:6d:85:16:93:a7:c1:b7:1b:cb:f4:70: 68:04:06:c8:a5:4b:ca:98:a0:52:bb:f4:00:ef:a1:65:0d:cb: d6:a3:7b:02:f7:5a:11:b1:5e:8d:34:20:a3:ba:6d:4c:c0:1e: e7:cc:21:e2:3f:17:d2:3b:42:6c:0a:71:84:c2:9a:98:e7:11: 64:33:7f:4a:2f:0f:84:1a:e7:e7:ba:31:42:c2:2b:f7:a5:67: 09:49:e8:ec:e0:23:22:19:f6:ba:f5:da:5c:ed:63:b9:98:fb: 70:96:a1:b2:52:f8:3b:67:5b:27:d3:c2:6b:53:c4:d0:9c:dd: 4c:af:9b:44:0f:cc:d5:60:78:6e:d4:93:7e:f7:1d:ab:7e:0d: f4:94:3e:06:bf:7c:54:2d:dc:88:b4:f9:03:68:40:b6:e3:bf: a0:05:e9:ef:64:34:54:8c:2a:0f:e7:eb:5c:18:e7:90:67:8c: 98:72:2b:75:5a:d1:10:fc:55:15:3b:9a:fc:8d:fe:d2:59:1e: 29:ac:c0:e7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDcL/P0asRR2uq3yAgzNZSFJmdTMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0NloX DTI3MDMwMzA2MjA0NlowMzExMC8GA1UEAxMoN0JFMDM0RkIzODBFNDlENUY0RTcy Q0Y3Nzg4RjYxRUY3RjY1NDFCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0+LIsP3uGy4MKk4DIjRfR5YJpWU48BkfnFn1JzOq4mxjhf33p0rKwQrlRn FXTubADrx3dv9y/D9HJbGgmqzFU9Qi7oUECCneB8HAjnpmIpMcNsX3gfm3+O+fbc DXiFEgrZICfRGsfoBYu4MnrJ2zhwavbiLU+pYUA73CNMf7duw8dDp8v3oaP0w1Ws ONJEsOkJ39BJLTpYeHM/lVFzKqZSJGpO5sMnyAXkC5w4U/SOfTp5J5myXGdn/Bua MX60P/LRMLRHx96/Wmkkl4O2K6avWHMq2P7WiToVECTaQHMS5lHgp+p/a5S0djBZ uAvyyQWWeOlV1Iee7UnJ5bPn8jcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR74DT7 OA5J1fTnLPd4j2Hvf2VBszAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p2IwDQYJKoZIhvcNAQELBQADggEBAFyswcnBvVivpJNr8HSX5GD8Ou6fqdO95wFt 3tAci8Z3FsGHPJicX+mv2yt74izrNGMRHNcR1j77AvBn6pdthRaTp8G3G8v0cGgE BsilS8qYoFK79ADvoWUNy9ajewL3WhGxXo00IKO6bUzAHufMIeI/F9I7QmwKcYTC mpjnEWQzf0ovD4Qa5+e6MULCK/elZwlJ6OzgIyIZ9rr12lztY7mY+3CWobJS+Dtn WyfTwmtTxNCc3Uyvm0QPzNVgeG7Uk373Hat+DfSUPga/fFQt3Ii0+QNoQLbjv6AF 6e9kNFSMKg/n61wY55BnjJhyK3Va0RD8VRU7mvyN/tJZHimswOc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:36 2026 by rpki-client