$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144592.roa File: AS144592.roa (raw, json) Hash identifier: 8zfgceUMrvNFy6VSbSjCz1U3lAwRMbZt7kO37aQbdvA= Subject key identifier: DF:7A:9F:C8:DC:EB:C4:76:82:B7:88:D2:ED:3F:87:C9:2B:E7:6F:1B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 54E4AB7908314ACE7B62E6539BC98DB8BD80AD5E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144592.roa Signing time: Wed 04 Mar 2026 06:20:19 +0000 ROA not before: Wed 04 Mar 2026 06:15:19 +0000 ROA not after: Wed 03 Mar 2027 06:20:19 +0000 asID: 144592 IP address blocks: 240a:a796::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:e4:ab:79:08:31:4a:ce:7b:62:e6:53:9b:c9:8d:b8:bd:80:ad:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:19 2026 GMT Not After : Mar 3 06:20:19 2027 GMT Subject: CN=DF7A9FC8DCEBC47682B788D2ED3F87C92BE76F1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:dd:ea:de:ef:c4:f1:63:6a:3f:aa:42:49:6f: 8a:32:10:d9:91:da:5e:f3:31:27:02:be:b7:45:f3: 58:10:e2:8a:80:1a:f5:43:be:ca:ae:f9:d3:41:2b: e8:a8:e6:2b:13:53:17:63:0d:93:d3:eb:b8:19:3d: e5:64:12:14:7a:d2:1b:8f:30:16:04:af:db:0d:62: 96:74:58:8a:e5:ba:98:4f:7b:05:20:08:99:6a:82: b1:99:23:8f:b3:4f:ff:b9:88:de:35:14:db:3a:e3: 9a:58:82:97:09:2c:5d:67:b0:ec:dd:f0:01:9e:8c: 30:5b:77:90:b8:a5:54:c2:91:67:7e:b1:ce:7b:5e: 3e:a7:48:7a:27:e4:98:b0:89:8e:d4:8f:3c:eb:d1: 55:3f:8d:4e:fa:b8:eb:8b:ba:7e:c9:ed:5a:d4:84: 1d:ac:44:53:ba:c4:95:66:f8:c1:9e:4e:19:a7:42: ff:a4:4b:09:2d:b7:15:97:f1:e1:22:91:62:4b:a5: fe:25:43:aa:11:ea:d8:9d:f6:6b:42:be:85:ea:40: df:45:72:32:8e:80:59:f3:c8:b5:a2:f3:a9:c5:e3: 1f:f4:d0:e8:2e:81:74:9e:b4:6f:6e:97:58:c4:d8: 11:8d:38:ef:30:50:db:83:a3:a4:b8:12:5d:a1:a1: a0:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:7A:9F:C8:DC:EB:C4:76:82:B7:88:D2:ED:3F:87:C9:2B:E7:6F:1B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144592.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a796::/32 Signature Algorithm: sha256WithRSAEncryption a0:97:1c:72:17:8b:6c:20:09:36:14:52:78:27:fd:5a:37:e2: ab:fe:27:14:16:3e:e8:96:19:97:d4:4d:d6:0d:ac:99:a4:91: 16:80:3c:51:95:1a:d6:51:53:c5:9a:cf:0d:cf:14:77:34:11: 17:ee:c9:91:6a:03:20:40:63:af:07:b1:5a:ab:6a:be:cf:ac: a1:0a:c1:4b:03:da:c0:bd:08:34:fc:39:6a:af:08:cb:1b:23: 51:76:d2:98:f7:5f:b3:ed:71:11:03:b9:cf:d3:6c:55:ae:5c: df:71:4b:98:6c:b5:e9:78:cb:a2:95:33:ed:a4:a8:40:2f:4e: 53:4e:98:89:a3:7c:9c:b3:d0:f7:a9:29:8f:35:17:12:78:9c: 9d:02:c1:0f:1a:7e:71:bb:6f:c6:7f:72:5e:06:42:e6:76:92: 51:5d:c0:e3:33:bb:66:a6:d6:54:32:28:7d:f1:57:01:8b:b1: cc:aa:5f:e5:3d:73:ef:64:77:49:e1:cd:a6:0e:ee:3d:dc:22: 47:9d:23:43:30:4d:7a:fc:a3:eb:e6:b0:94:7b:66:17:3c:66: 46:b9:7c:33:9c:da:e8:32:15:53:3c:bc:0f:40:58:69:f2:f1: 88:4f:92:ed:ed:ca:9b:72:71:fb:b0:4d:c4:f6:86:a2:98:7c: 05:f7:6b:eb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVOSreQgxSs57YuZTm8mNuL2ArV4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxOVoX DTI3MDMwMzA2MjAxOVowMzExMC8GA1UEAxMoREY3QTlGQzhEQ0VCQzQ3NjgyQjc4 OEQyRUQzRjg3QzkyQkU3NkYxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/d6t7vxPFjaj+qQklvijIQ2ZHaXvMxJwK+t0XzWBDiioAa9UO+yq7500Er 6KjmKxNTF2MNk9PruBk95WQSFHrSG48wFgSv2w1ilnRYiuW6mE97BSAImWqCsZkj j7NP/7mI3jUU2zrjmliClwksXWew7N3wAZ6MMFt3kLilVMKRZ36xzntePqdIeifk mLCJjtSPPOvRVT+NTvq464u6fsntWtSEHaxEU7rElWb4wZ5OGadC/6RLCS23FZfx 4SKRYkul/iVDqhHq2J32a0K+hepA30VyMo6AWfPItaLzqcXjH/TQ6C6BdJ60b26X WMTYEY047zBQ24OjpLgSXaGhoN8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTfep/I 3OvEdoK3iNLtP4fJK+dvGzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU5Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p5YwDQYJKoZIhvcNAQELBQADggEBAKCXHHIXi2wgCTYUUngn/Vo34qv+JxQWPuiW GZfUTdYNrJmkkRaAPFGVGtZRU8Wazw3PFHc0ERfuyZFqAyBAY68HsVqrar7PrKEK wUsD2sC9CDT8OWqvCMsbI1F20pj3X7PtcREDuc/TbFWuXN9xS5hstel4y6KVM+2k qEAvTlNOmImjfJyz0PepKY81FxJ4nJ0CwQ8afnG7b8Z/cl4GQuZ2klFdwOMzu2am 1lQyKH3xVwGLscyqX+U9c+9kd0nhzaYO7j3cIkedI0MwTXr8o+vmsJR7Zhc8Zka5 fDOc2ugyFVM8vA9AWGny8YhPku3typtycfuwTcT2hqKYfAX3a+s= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:47 2026 by rpki-client