$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144593.roa File: AS144593.roa (raw, json) Hash identifier: atFlx5IOtAEHnMsuce0g7nac25HknGXxfeoZ3MEzPXU= Subject key identifier: B8:8A:29:5E:77:30:15:E9:5C:CC:0D:0A:0E:5B:6B:84:F8:F4:D9:F1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0EA720F18C51C69F7928D6AFDE6118BBA5A834EF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144593.roa Signing time: Wed 04 Mar 2026 06:19:43 +0000 ROA not before: Wed 04 Mar 2026 06:14:43 +0000 ROA not after: Wed 03 Mar 2027 06:19:43 +0000 asID: 144593 IP address blocks: 240a:a797::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:a7:20:f1:8c:51:c6:9f:79:28:d6:af:de:61:18:bb:a5:a8:34:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:43 2026 GMT Not After : Mar 3 06:19:43 2027 GMT Subject: CN=B88A295E773015E95CCC0D0A0E5B6B84F8F4D9F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6b:a9:af:da:ed:6c:bb:72:af:78:33:78:f1: 1d:01:68:6a:8e:1a:51:c5:eb:d1:44:98:46:78:2b: 72:6b:e3:bf:a0:1a:85:17:29:6b:e3:bf:f4:17:e1: 95:ad:b6:9b:ad:ba:b9:a9:49:f6:e5:c3:8b:23:43: 68:17:29:74:15:9c:de:52:4f:af:fb:de:5f:7d:a8: 5c:56:8d:bc:e5:77:83:b0:c3:f5:c6:65:8f:9e:1d: df:7e:ea:74:9b:a3:cc:97:9c:0d:51:4f:0b:81:1d: 73:73:1e:36:d5:97:b0:6b:2c:07:b0:c7:98:45:b1: b1:0f:20:a3:7b:4f:15:a9:f2:68:a2:86:93:55:24: 12:51:e9:6d:7d:0f:3e:89:41:c8:6c:e4:53:f6:8d: 8a:41:05:ad:f7:57:49:43:2a:e8:d8:8d:df:dd:1b: 12:8a:6d:b1:30:56:47:97:93:37:8b:0c:8f:56:0c: 79:b5:a1:15:89:70:ba:0e:56:62:17:7a:dd:6d:48: 32:25:e8:f9:3f:95:4c:c5:a8:34:7e:64:30:be:32: 4d:ee:4e:36:79:5d:c9:cf:29:9f:77:be:f1:10:bf: 8c:1d:af:7f:43:a7:95:55:ce:04:f9:9e:47:49:98: 4f:b5:2b:ba:24:ca:e8:89:72:f1:86:6a:b3:34:b3: 72:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:8A:29:5E:77:30:15:E9:5C:CC:0D:0A:0E:5B:6B:84:F8:F4:D9:F1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144593.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a797::/32 Signature Algorithm: sha256WithRSAEncryption 40:31:9e:cc:01:cd:ac:51:b6:3e:a7:75:d9:f2:b2:e6:74:50: 8a:11:93:03:3b:36:69:5c:c2:09:ff:55:67:4f:85:fc:01:47: 00:54:00:08:79:86:da:b1:b6:d5:be:cf:74:b1:1b:ac:ff:78: 70:4d:76:fa:d5:27:51:0c:49:77:92:82:62:ee:0b:55:7b:ab: ad:9f:d2:0f:a6:fa:ad:fa:8e:e6:67:15:cb:92:0f:8e:a4:09: a7:83:4f:c8:78:76:10:20:ff:76:41:8c:c1:df:96:85:aa:30: a6:26:3b:4b:cc:d1:b5:f1:28:53:ff:18:78:58:3e:60:40:34: e5:1d:46:43:5d:ab:8c:cc:53:93:ce:eb:bb:a7:ba:c5:b4:5e: e9:8d:1d:bc:30:17:1d:4e:1f:1b:24:a2:10:90:5f:5d:dc:3c: 00:0d:2a:41:e5:b1:5b:e0:36:34:d1:26:7f:05:9d:5a:2f:42: 81:df:d6:db:f9:fa:75:ec:87:a2:3b:92:58:64:0a:31:47:4d: 91:16:7b:c0:dc:2a:68:ab:48:8f:3a:09:b9:37:4b:94:16:45: 33:9b:e1:8a:f9:c7:fe:19:7a:aa:7c:52:2a:4f:e7:65:53:b9: 60:21:fb:8a:a0:06:5e:33:37:db:9a:36:88:60:a6:7d:44:57: c4:16:39:93 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDqcg8YxRxp95KNav3mEYu6WoNO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0M1oX DTI3MDMwMzA2MTk0M1owMzExMC8GA1UEAxMoQjg4QTI5NUU3NzMwMTVFOTVDQ0Mw RDBBMEU1QjZCODRGOEY0RDlGMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFrqa/a7Wy7cq94M3jxHQFoao4aUcXr0USYRngrcmvjv6AahRcpa+O/9Bfh la22m626ualJ9uXDiyNDaBcpdBWc3lJPr/veX32oXFaNvOV3g7DD9cZlj54d337q dJujzJecDVFPC4Edc3MeNtWXsGssB7DHmEWxsQ8go3tPFanyaKKGk1UkElHpbX0P PolByGzkU/aNikEFrfdXSUMq6NiN390bEoptsTBWR5eTN4sMj1YMebWhFYlwug5W Yhd63W1IMiXo+T+VTMWoNH5kML4yTe5ONnldyc8pn3e+8RC/jB2vf0OnlVXOBPme R0mYT7UruiTK6Ily8YZqszSzcu0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS4iile dzAV6VzMDQoOW2uE+PTZ8TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU5My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p5cwDQYJKoZIhvcNAQELBQADggEBAEAxnswBzaxRtj6nddnysuZ0UIoRkwM7Nmlc wgn/VWdPhfwBRwBUAAh5htqxttW+z3SxG6z/eHBNdvrVJ1EMSXeSgmLuC1V7q62f 0g+m+q36juZnFcuSD46kCaeDT8h4dhAg/3ZBjMHfloWqMKYmO0vM0bXxKFP/GHhY PmBANOUdRkNdq4zMU5PO67unusW0XumNHbwwFx1OHxskohCQX13cPAANKkHlsVvg NjTRJn8FnVovQoHf1tv5+nXsh6I7klhkCjFHTZEWe8DcKmirSI86Cbk3S5QWRTOb 4Yr5x/4Zeqp8UipP52VTuWAh+4qgBl4zN9uaNohgpn1EV8QWOZM= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:03 2026 by rpki-client