$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144557.roa File: AS144557.roa (raw, json) Hash identifier: Vl3uQYXCYsb3z6hAelOwQ3QNfVCHr6oyAVuE0vHKKT8= Subject key identifier: 35:89:97:9B:B5:57:8C:40:6E:37:1E:45:ED:6C:94:6F:28:50:0A:82 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0AA40707DAF0DEBFEADB8E4E31C1BB77955E3763 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144557.roa Signing time: Wed 04 Mar 2026 06:20:05 +0000 ROA not before: Wed 04 Mar 2026 06:15:05 +0000 ROA not after: Wed 03 Mar 2027 06:20:05 +0000 asID: 144557 IP address blocks: 240a:a773::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:a4:07:07:da:f0:de:bf:ea:db:8e:4e:31:c1:bb:77:95:5e:37:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:05 2026 GMT Not After : Mar 3 06:20:05 2027 GMT Subject: CN=3589979BB5578C406E371E45ED6C946F28500A82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:4a:30:4f:31:6e:e5:30:99:e1:5a:64:97:b8: 2c:3d:87:7f:44:80:a7:dc:dc:6f:8b:0f:50:84:c1: 9c:dc:c0:42:62:8f:fa:cd:73:98:3f:bf:4c:66:fd: 1d:95:4b:aa:d7:67:3c:68:68:d0:7d:c0:2c:81:35: 77:e9:4e:88:31:49:b9:44:44:18:7a:cd:5e:25:54: 15:5d:50:ea:5b:a6:28:11:ed:09:d9:26:89:41:ff: a5:a3:54:5c:73:a1:fa:8e:a3:8b:39:08:3c:13:48: 2c:8d:4d:a6:27:1e:6c:3a:7d:55:7f:1e:5f:59:6b: 32:85:84:49:db:e7:9f:ad:3a:54:36:f8:48:30:fd: 7d:41:c6:8c:ee:b0:4c:78:80:c5:b7:31:d3:d7:d1: df:dd:c7:cd:53:44:dd:d5:8a:da:6e:ce:06:f7:57: f3:75:19:58:1a:43:9c:a5:09:3e:20:ff:1d:2d:1a: ba:04:b1:5e:dc:cb:d3:43:a1:2b:41:2d:9f:42:f1: 1e:38:f2:32:af:99:ef:e2:43:fc:66:5f:e2:53:11: 2e:d0:48:13:82:b5:e8:50:32:13:3e:89:66:4f:3e: 9b:ac:7b:f4:72:d1:9f:d6:fb:6c:7a:36:8e:22:ba: 0f:fd:6c:18:47:a6:b4:23:25:63:67:cc:62:c0:3b: bd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:89:97:9B:B5:57:8C:40:6E:37:1E:45:ED:6C:94:6F:28:50:0A:82 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144557.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a773::/32 Signature Algorithm: sha256WithRSAEncryption 31:26:3a:9f:54:b3:63:0a:ff:f3:0a:3d:69:ae:0f:6f:4f:8b: ae:1d:e1:63:9d:f2:96:d0:2c:4e:a2:07:62:3e:33:d7:3c:5d: ea:d5:ba:6d:e9:ea:db:1f:83:96:d4:a5:19:57:d8:ae:3d:4c: d3:92:f1:29:96:cc:8b:68:fe:a1:c5:54:d1:75:60:19:d7:0a: b1:b9:be:26:e3:4a:ac:3d:4b:bc:08:5f:aa:50:d9:f6:56:a7: 12:79:90:1c:9d:fc:48:07:ba:c3:14:9e:6f:fe:25:c3:55:77: 72:c1:69:9a:6f:2f:aa:60:32:77:26:c9:5c:84:4d:c7:65:1a: a7:9c:a8:e2:89:ea:11:b1:07:48:89:57:10:55:ab:86:ed:e6: 94:79:e6:ad:af:1d:e1:ef:da:cc:c4:2e:8e:dd:91:4e:9c:7d: ca:ee:64:a5:4b:51:b0:14:25:d2:c5:da:84:e2:ca:a8:3b:9e: 0d:fe:eb:3d:05:d6:ec:fc:6b:a0:ad:c3:07:38:4e:61:b8:d4: ef:02:8c:6e:6f:b8:6d:c5:cc:70:9f:58:fc:93:bc:e6:cc:52: 0a:b5:3b:4c:ff:31:3a:af:5c:45:23:9d:0a:88:70:90:24:5c: e6:46:44:1f:c0:d4:75:59:c5:ad:0b:e7:43:cd:79:e6:1c:1b: 80:74:15:86 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCqQHB9rw3r/q245OMcG7d5VeN2MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwNVoX DTI3MDMwMzA2MjAwNVowMzExMC8GA1UEAxMoMzU4OTk3OUJCNTU3OEM0MDZFMzcx RTQ1RUQ2Qzk0NkYyODUwMEE4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANBKME8xbuUwmeFaZJe4LD2Hf0SAp9zcb4sPUITBnNzAQmKP+s1zmD+/TGb9 HZVLqtdnPGho0H3ALIE1d+lOiDFJuUREGHrNXiVUFV1Q6lumKBHtCdkmiUH/paNU XHOh+o6jizkIPBNILI1NpicebDp9VX8eX1lrMoWESdvnn606VDb4SDD9fUHGjO6w THiAxbcx09fR393HzVNE3dWK2m7OBvdX83UZWBpDnKUJPiD/HS0augSxXtzL00Oh K0Etn0LxHjjyMq+Z7+JD/GZf4lMRLtBIE4K16FAyEz6JZk8+m6x79HLRn9b7bHo2 jiK6D/1sGEemtCMlY2fMYsA7vdECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1iZeb tVeMQG43HkXtbJRvKFAKgjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p3MwDQYJKoZIhvcNAQELBQADggEBADEmOp9Us2MK//MKPWmuD29Pi64d4WOd8pbQ LE6iB2I+M9c8XerVum3p6tsfg5bUpRlX2K49TNOS8SmWzIto/qHFVNF1YBnXCrG5 vibjSqw9S7wIX6pQ2fZWpxJ5kByd/EgHusMUnm/+JcNVd3LBaZpvL6pgMncmyVyE TcdlGqecqOKJ6hGxB0iJVxBVq4bt5pR55q2vHeHv2szELo7dkU6cfcruZKVLUbAU JdLF2oTiyqg7ng3+6z0F1uz8a6Ctwwc4TmG41O8CjG5vuG3FzHCfWPyTvObMUgq1 O0z/MTqvXEUjnQqIcJAkXOZGRB/A1HVZxa0L50PNeeYcG4B0FYY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:39 2026 by rpki-client