$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144546.roa File: AS144546.roa (raw, json) Hash identifier: b+CPAfFEF7Bqvdm+s58YsJRAKnrgZqY8RFbVHN3LzMc= Subject key identifier: D6:5B:D9:0F:38:B2:C0:13:D8:90:A6:D0:16:5D:E1:86:8F:14:98:BC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7FD8B37B5EE1FA5FEC07D6F9AF4DBBEED853F72F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144546.roa Signing time: Wed 04 Mar 2026 06:20:57 +0000 ROA not before: Wed 04 Mar 2026 06:15:57 +0000 ROA not after: Wed 03 Mar 2027 06:20:57 +0000 asID: 144546 IP address blocks: 240a:a768::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:d8:b3:7b:5e:e1:fa:5f:ec:07:d6:f9:af:4d:bb:ee:d8:53:f7:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:57 2026 GMT Not After : Mar 3 06:20:57 2027 GMT Subject: CN=D65BD90F38B2C013D890A6D0165DE1868F1498BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5a:da:4f:5f:06:98:38:19:6f:66:6e:56:3e: 11:13:09:99:e8:2c:72:73:14:c7:66:ea:4a:a7:88: 87:a8:e3:1e:0c:05:f4:d6:bd:a9:14:91:bc:f3:2a: 14:77:3c:de:db:d0:6b:2b:87:41:29:56:28:71:d8: 4c:0c:43:fd:18:89:70:7b:29:e5:3e:ca:b0:c9:72: ed:c5:21:1b:3f:81:64:fb:44:f5:d6:c4:60:89:ae: a2:b3:ef:9f:d2:d5:9c:50:ca:1a:52:35:fa:03:dc: 26:8a:76:86:8c:8b:1c:2b:5f:b4:ec:2f:3b:1f:ef: ea:dc:ec:20:ee:52:a1:64:88:38:21:d2:e0:ba:37: 6b:4b:72:b7:ad:b9:ed:a0:bd:1e:e1:c9:fa:ee:79: df:2b:27:a2:80:4f:bb:c8:93:10:c1:b0:dd:70:20: dd:4a:a0:63:9a:bb:b8:6c:9e:df:09:79:31:1a:a9: 10:1f:4f:65:f6:cc:4c:94:e1:ee:b7:d1:9d:48:8e: 8a:c9:5e:bb:4a:ef:bb:2c:b6:3f:c2:30:78:78:6e: 49:ea:99:13:17:d5:d9:bf:8a:a7:be:13:cc:ec:52: 7f:ad:55:3c:63:8f:18:56:12:8c:af:de:1f:06:77: d9:6d:f8:4d:34:be:cb:36:a5:15:ed:b5:94:99:ff: 20:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:5B:D9:0F:38:B2:C0:13:D8:90:A6:D0:16:5D:E1:86:8F:14:98:BC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144546.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a768::/32 Signature Algorithm: sha256WithRSAEncryption 2c:ad:99:52:a0:dd:9a:c7:8d:60:7f:64:25:bd:bc:38:42:e9: 0a:cf:7b:8b:08:60:42:3a:f9:9f:7a:62:3a:a4:56:aa:cb:1b: 70:e8:ce:e0:2c:ad:ab:ab:14:9b:88:22:3d:95:20:70:74:02: c0:51:e7:f8:9d:a5:4a:d2:8b:0f:23:43:15:b6:b2:94:d3:b9: 7b:de:63:ef:b9:da:29:09:5f:f7:49:cd:b1:9d:38:da:0b:ef: 73:46:9f:a9:d8:d4:9f:7f:cb:62:fc:3b:0b:66:0d:d8:59:e3: 87:49:c0:34:3e:6d:3c:6a:1b:95:7f:92:15:29:47:93:12:c4: 83:f9:84:6a:50:e7:b4:35:b6:b9:2e:2c:15:56:2c:c8:58:62: 0e:4c:23:fa:10:35:c1:2c:20:fa:56:99:ac:f8:b9:d6:f6:3d: 02:b4:cb:c9:4f:51:23:f6:d5:e5:3d:c4:50:f1:aa:39:48:10: 3e:da:3c:f5:9e:a8:c9:f9:60:51:4a:86:45:bd:4a:e6:91:08: 46:37:96:f8:d8:32:f0:c8:3f:34:00:4b:90:0a:d3:e1:ce:e7: d3:95:46:78:dc:a3:c3:59:0f:75:1c:80:c6:86:87:a9:33:cf: 42:73:b2:f7:01:4c:89:44:2a:6c:15:2a:d7:1d:5e:55:cf:3d: 4d:1c:1b:3a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUf9ize17h+l/sB9b5r0277thT9y8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1N1oX DTI3MDMwMzA2MjA1N1owMzExMC8GA1UEAxMoRDY1QkQ5MEYzOEIyQzAxM0Q4OTBB NkQwMTY1REUxODY4RjE0OThCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5a2k9fBpg4GW9mblY+ERMJmegscnMUx2bqSqeIh6jjHgwF9Na9qRSRvPMq FHc83tvQayuHQSlWKHHYTAxD/RiJcHsp5T7KsMly7cUhGz+BZPtE9dbEYImuorPv n9LVnFDKGlI1+gPcJop2hoyLHCtftOwvOx/v6tzsIO5SoWSIOCHS4Lo3a0tyt625 7aC9HuHJ+u553ysnooBPu8iTEMGw3XAg3UqgY5q7uGye3wl5MRqpEB9PZfbMTJTh 7rfRnUiOisleu0rvuyy2P8IweHhuSeqZExfV2b+Kp74TzOxSf61VPGOPGFYSjK/e HwZ32W34TTS+yzalFe21lJn/IHsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTWW9kP OLLAE9iQptAWXeGGjxSYvDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p2gwDQYJKoZIhvcNAQELBQADggEBACytmVKg3ZrHjWB/ZCW9vDhC6QrPe4sIYEI6 +Z96YjqkVqrLG3DozuAsraurFJuIIj2VIHB0AsBR5/idpUrSiw8jQxW2spTTuXve Y++52ikJX/dJzbGdONoL73NGn6nY1J9/y2L8OwtmDdhZ44dJwDQ+bTxqG5V/khUp R5MSxIP5hGpQ57Q1trkuLBVWLMhYYg5MI/oQNcEsIPpWmaz4udb2PQK0y8lPUSP2 1eU9xFDxqjlIED7aPPWeqMn5YFFKhkW9SuaRCEY3lvjYMvDIPzQAS5AK0+HO59OV Rnjco8NZD3UcgMaGh6kzz0JzsvcBTIlEKmwVKtcdXlXPPU0cGzo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:03 2026 by rpki-client