$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144560.roa File: AS144560.roa (raw, json) Hash identifier: qjc4JyhZ6MeBQX8NbZ5jv7UuZyYG33BeYJt85bA+3tk= Subject key identifier: 8D:AD:71:6F:B3:2E:A3:7A:FA:AB:7E:9C:3A:0C:FB:10:0F:5D:0E:A6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 37E0E1E5B7B6DA3CBF9286633A40B94279D7567B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144560.roa Signing time: Wed 04 Mar 2026 06:19:58 +0000 ROA not before: Wed 04 Mar 2026 06:14:58 +0000 ROA not after: Wed 03 Mar 2027 06:19:58 +0000 asID: 144560 IP address blocks: 240a:a776::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:e0:e1:e5:b7:b6:da:3c:bf:92:86:63:3a:40:b9:42:79:d7:56:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:58 2026 GMT Not After : Mar 3 06:19:58 2027 GMT Subject: CN=8DAD716FB32EA37AFAAB7E9C3A0CFB100F5D0EA6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2d:17:a5:ee:a6:a9:b3:79:8b:05:be:f4:62: de:1a:41:9c:a6:80:fb:8d:d7:56:19:52:70:c1:cf: e2:c3:26:b9:3f:55:7d:5d:93:d2:be:75:b1:7e:f1: 25:30:be:8e:4c:e7:25:39:11:d4:40:f8:9b:02:30: 2a:8c:36:96:2b:0e:85:e8:73:75:9f:02:c3:21:74: f0:31:d8:ad:b2:37:47:c1:0f:fc:30:d5:ca:7f:4f: 11:d5:fa:c9:00:48:8d:1c:9f:ec:26:c7:1b:c5:99: 71:e4:0f:7b:bc:9a:14:bb:10:ab:30:9f:8d:b4:3c: d8:0d:2b:e4:8c:8b:62:c3:aa:14:7a:69:02:f3:d0: 57:48:5e:15:af:af:0e:c7:ed:c8:f4:d7:99:dc:07: 28:bb:e8:23:54:8b:dd:6c:72:bc:b0:95:0e:a0:08: 3c:3a:44:70:0c:3f:fa:0b:c6:ef:cc:9a:d6:f4:b8: 69:95:0b:04:33:cb:f1:71:84:1c:cd:71:9b:23:73: 00:2c:f2:94:9d:47:66:79:42:fd:8c:72:de:c3:1b: 75:ba:d1:1e:2f:09:97:2d:48:cf:58:d6:8d:c9:fb: e0:89:92:0a:16:0c:46:09:f4:af:18:6c:e3:2f:a5: 7f:cc:98:b9:34:5f:23:d2:f2:e6:5e:e0:49:03:43: c6:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:AD:71:6F:B3:2E:A3:7A:FA:AB:7E:9C:3A:0C:FB:10:0F:5D:0E:A6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144560.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a776::/32 Signature Algorithm: sha256WithRSAEncryption 91:b2:dc:39:11:24:8e:68:21:05:e4:a7:d1:5a:68:93:49:aa: 03:64:41:d4:b6:52:56:88:f7:a2:67:d5:57:69:93:7d:d9:b1: fe:f4:b7:57:67:9d:c5:19:57:bc:c4:7e:95:38:29:fc:ba:c8: 3a:88:44:b6:d1:61:ef:1c:a5:b0:36:9c:47:bb:bc:57:8a:64: e7:86:b5:4a:e7:5e:9d:c3:f3:78:44:d3:44:04:8b:02:23:72: 6d:07:dd:2b:a9:44:bb:52:05:48:cb:7d:15:57:a2:99:60:8f: 44:ca:03:95:cd:47:b6:97:1e:01:e3:86:8a:06:c6:bd:32:ec: dd:96:94:d5:78:fb:0f:14:36:66:25:dc:42:32:22:89:b3:07: c2:0c:95:22:da:b0:f2:79:74:ee:94:49:6b:d4:d5:93:69:3c: 28:65:4a:7e:9d:a7:c2:99:84:f3:21:f9:64:0a:60:fe:d2:58: a6:c8:70:2d:9e:2c:22:2f:cc:9d:cf:37:29:bd:00:d0:fe:c7: 23:84:f0:5b:11:0e:b1:d9:11:67:e0:bb:11:f0:74:2a:69:e0: d8:64:70:3c:a3:0e:51:50:59:05:1b:8d:10:b5:5d:e9:b3:9f: db:53:ce:0b:b6:2c:eb:f9:fe:ce:3f:21:a7:f3:a8:5b:be:bd: 94:47:47:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUN+Dh5be22jy/koZjOkC5QnnXVnswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1OFoX DTI3MDMwMzA2MTk1OFowMzExMC8GA1UEAxMoOERBRDcxNkZCMzJFQTM3QUZBQUI3 RTlDM0EwQ0ZCMTAwRjVEMEVBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMItF6XupqmzeYsFvvRi3hpBnKaA+43XVhlScMHP4sMmuT9VfV2T0r51sX7x JTC+jkznJTkR1ED4mwIwKow2lisOhehzdZ8CwyF08DHYrbI3R8EP/DDVyn9PEdX6 yQBIjRyf7CbHG8WZceQPe7yaFLsQqzCfjbQ82A0r5IyLYsOqFHppAvPQV0heFa+v DsftyPTXmdwHKLvoI1SL3WxyvLCVDqAIPDpEcAw/+gvG78ya1vS4aZULBDPL8XGE HM1xmyNzACzylJ1HZnlC/Yxy3sMbdbrRHi8Jly1Iz1jWjcn74ImSChYMRgn0rxhs 4y+lf8yYuTRfI9Ly5l7gSQNDxmMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSNrXFv sy6jevqrfpw6DPsQD10OpjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p3YwDQYJKoZIhvcNAQELBQADggEBAJGy3DkRJI5oIQXkp9FaaJNJqgNkQdS2UlaI 96Jn1Vdpk33Zsf70t1dnncUZV7zEfpU4Kfy6yDqIRLbRYe8cpbA2nEe7vFeKZOeG tUrnXp3D83hE00QEiwIjcm0H3SupRLtSBUjLfRVXoplgj0TKA5XNR7aXHgHjhooG xr0y7N2WlNV4+w8UNmYl3EIyIomzB8IMlSLasPJ5dO6USWvU1ZNpPChlSn6dp8KZ hPMh+WQKYP7SWKbIcC2eLCIvzJ3PNym9AND+xyOE8FsRDrHZEWfguxHwdCpp4Nhk cDyjDlFQWQUbjRC1Xemzn9tTzgu2LOv5/s4/IafzqFu+vZRHR9Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:23 2026 by rpki-client