$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144594.roa File: AS144594.roa (raw, json) Hash identifier: PWPe7sT+Lp8J9o11WbUGWunjpi1T7tbySjdVLd17izw= Subject key identifier: A1:73:C0:90:4F:B0:07:87:71:C2:FE:4A:94:DE:CC:7D:81:40:3A:66 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 75DDE7396564759CB2E3F89C381E725044B74CF7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144594.roa Signing time: Wed 04 Mar 2026 06:21:40 +0000 ROA not before: Wed 04 Mar 2026 06:16:40 +0000 ROA not after: Wed 03 Mar 2027 06:21:40 +0000 asID: 144594 IP address blocks: 240a:a798::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:dd:e7:39:65:64:75:9c:b2:e3:f8:9c:38:1e:72:50:44:b7:4c:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:40 2026 GMT Not After : Mar 3 06:21:40 2027 GMT Subject: CN=A173C0904FB0078771C2FE4A94DECC7D81403A66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bd:16:e5:e2:f4:ef:9f:ca:17:e5:e3:e6:64: f0:9c:1a:09:8c:ce:e4:1a:8e:aa:2d:cf:a9:0a:04: 2d:f5:e3:90:a3:62:ab:74:18:d5:df:78:06:6a:7f: 93:43:96:ad:81:06:56:6d:ef:ac:57:c5:23:62:93: 02:37:d0:6d:3e:34:18:74:c5:3b:e3:d7:9d:7e:99: 3f:48:8b:4c:99:27:2e:35:76:3b:35:63:93:db:ed: 1e:4f:60:84:db:de:d7:1c:64:16:80:b9:96:64:1f: d7:83:e2:eb:0c:dd:a6:28:85:ed:51:61:77:03:66: 12:b0:87:87:fd:ef:84:02:71:12:ef:84:0f:46:2f: 16:15:e0:08:36:b2:ee:61:5a:2d:bb:eb:6b:02:87: 07:eb:de:e7:a9:83:e2:6f:ff:9d:09:b9:4e:79:f0: 4f:a6:2c:09:54:9e:de:91:cc:d9:c1:18:f1:f4:4a: 16:1f:5e:b8:46:86:a6:6f:7f:24:b4:0e:69:ca:9f: 4a:21:af:aa:0d:33:df:d9:f1:99:14:37:b1:c3:a7: 90:42:ad:bb:2d:be:cf:bf:d5:de:16:1b:09:fb:81: 08:85:ba:f2:5d:df:bc:a0:b5:95:52:7d:7f:c7:e4: c9:f2:e2:2c:d1:d5:94:37:0c:85:fa:51:04:61:b0: 29:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:73:C0:90:4F:B0:07:87:71:C2:FE:4A:94:DE:CC:7D:81:40:3A:66 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144594.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a798::/32 Signature Algorithm: sha256WithRSAEncryption bf:ff:55:cf:2f:f1:26:cc:d2:20:c3:87:33:35:e4:dd:5f:80: e3:8e:21:b4:17:9d:d2:4e:14:b0:4f:5e:eb:00:dc:d9:78:ca: 53:f8:36:a3:a8:7c:75:2b:1e:89:2c:a4:fc:f1:22:9b:16:5c: d4:51:e9:5a:90:ff:cf:f9:33:9d:40:c5:7b:0c:83:2b:5f:99: 85:50:7a:69:f4:61:6a:d9:8a:af:e9:66:86:5a:a8:30:a0:11: 61:42:58:aa:a6:4b:e4:d8:e8:95:dc:0b:c4:10:5a:4c:b4:66: ba:cf:6f:50:52:be:7f:55:6d:9b:a2:e1:89:10:f9:a4:a9:d5: d5:a9:a1:1a:88:20:ff:c0:99:53:48:91:42:6b:4d:86:3f:2d: a9:f7:d0:b6:91:e6:96:db:6c:1c:d2:a2:48:f3:17:e9:19:0a: 65:f1:8f:46:e8:21:be:be:cb:a3:c6:50:96:81:eb:d4:2c:25: 2b:7d:0b:0b:70:a8:b5:25:db:b0:61:ad:f2:f4:e4:67:d0:92: cf:52:07:2d:f8:45:5c:ea:fe:d0:04:60:53:a9:0a:66:b5:93: 51:e1:f2:77:fa:10:62:c2:70:a9:c7:e1:ad:41:85:91:0b:a0: f6:24:ae:ac:fa:35:bd:34:ca:a5:ea:12:09:44:81:ae:46:2c: 62:c1:06:13 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdd3nOWVkdZyy4/icOB5yUES3TPcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0MFoX DTI3MDMwMzA2MjE0MFowMzExMC8GA1UEAxMoQTE3M0MwOTA0RkIwMDc4NzcxQzJG RTRBOTRERUNDN0Q4MTQwM0E2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq9FuXi9O+fyhfl4+Zk8JwaCYzO5BqOqi3PqQoELfXjkKNiq3QY1d94Bmp/ k0OWrYEGVm3vrFfFI2KTAjfQbT40GHTFO+PXnX6ZP0iLTJknLjV2OzVjk9vtHk9g hNve1xxkFoC5lmQf14Pi6wzdpiiF7VFhdwNmErCHh/3vhAJxEu+ED0YvFhXgCDay 7mFaLbvrawKHB+ve56mD4m//nQm5TnnwT6YsCVSe3pHM2cEY8fRKFh9euEaGpm9/ JLQOacqfSiGvqg0z39nxmRQ3scOnkEKtuy2+z7/V3hYbCfuBCIW68l3fvKC1lVJ9 f8fkyfLiLNHVlDcMhfpRBGGwKUkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBShc8CQ T7AHh3HC/kqU3sx9gUA6ZjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p5gwDQYJKoZIhvcNAQELBQADggEBAL//Vc8v8SbM0iDDhzM15N1fgOOOIbQXndJO FLBPXusA3Nl4ylP4NqOofHUrHokspPzxIpsWXNRR6VqQ/8/5M51AxXsMgytfmYVQ emn0YWrZiq/pZoZaqDCgEWFCWKqmS+TY6JXcC8QQWky0ZrrPb1BSvn9VbZui4YkQ +aSp1dWpoRqIIP/AmVNIkUJrTYY/Lan30LaR5pbbbBzSokjzF+kZCmXxj0boIb6+ y6PGUJaB69QsJSt9CwtwqLUl27BhrfL05GfQks9SBy34RVzq/tAEYFOpCma1k1Hh 8nf6EGLCcKnH4a1BhZELoPYkrqz6Nb00yqXqEglEga5GLGLBBhM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:09 2026 by rpki-client