$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144597.roa File: AS144597.roa (raw, json) Hash identifier: A5DDsKzie3XxU9EMsSpOZaeWt1W418AHz8nNESOLVdw= Subject key identifier: 81:E5:92:8C:08:3F:BA:91:4E:12:47:BD:49:13:B5:0A:2D:28:91:A7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D7D0A07A710A08ED1EE5926DC816616D7B2CDC7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144597.roa Signing time: Wed 04 Mar 2026 06:22:18 +0000 ROA not before: Wed 04 Mar 2026 06:17:18 +0000 ROA not after: Wed 03 Mar 2027 06:22:18 +0000 asID: 144597 IP address blocks: 240a:a79b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:7d:0a:07:a7:10:a0:8e:d1:ee:59:26:dc:81:66:16:d7:b2:cd:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:18 2026 GMT Not After : Mar 3 06:22:18 2027 GMT Subject: CN=81E5928C083FBA914E1247BD4913B50A2D2891A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:88:8c:1b:77:25:45:4b:74:f0:12:3c:c4:dc: e5:e5:6f:a0:6d:27:df:62:6a:ab:4c:8c:c6:a3:47: 90:7e:7b:d8:06:a7:af:45:93:a1:2b:e6:1c:8a:a9: f6:b0:c8:3d:35:86:cf:a3:41:f6:22:63:4e:8f:90: ca:ee:c7:a4:45:cc:21:f1:fb:c5:71:fc:45:21:9b: 29:e2:bf:62:fa:7b:7c:36:24:54:38:30:63:1e:64: 38:3b:69:f7:a2:cd:cf:1a:78:f8:7b:da:0d:be:56: f8:31:ec:27:c3:83:64:f4:ef:30:eb:cc:15:72:99: 91:1a:27:cf:70:3d:fa:99:98:ad:4e:20:ff:43:95: 0d:ec:b3:b4:c6:ed:62:23:23:49:e7:81:a1:7e:3a: 5f:54:e0:2a:7b:11:c4:f8:b6:47:e9:2a:34:b4:5c: 4d:3e:f7:ad:34:93:fd:a3:c4:44:04:4d:27:55:17: e6:a2:f6:bb:1f:ad:0c:e9:95:0e:aa:a4:2c:26:b7: fb:70:ba:0e:a9:f6:2f:c4:62:67:bd:96:54:0b:c7: a0:53:2d:42:97:5a:04:6b:4f:e8:6e:ec:4b:0a:a5: a3:f1:2a:0a:d2:3f:8d:d4:e6:4f:c2:f9:40:cd:e4: 14:f0:80:d6:53:0b:1c:7e:b1:c7:ac:4f:73:2d:1b: 2c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:E5:92:8C:08:3F:BA:91:4E:12:47:BD:49:13:B5:0A:2D:28:91:A7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144597.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a79b::/32 Signature Algorithm: sha256WithRSAEncryption c5:d7:38:c3:19:05:fc:f5:cf:6b:0d:49:a3:ae:67:f3:4d:89: 41:cc:16:f6:00:1b:86:3d:52:2e:ef:95:25:75:f8:ba:52:d7: 1a:b1:94:d7:ea:83:e3:75:28:81:63:fa:25:05:96:33:8f:b6: b0:7d:40:3f:27:02:34:0d:b1:95:be:6b:64:9a:48:92:85:0f: 12:4a:21:0b:92:06:04:8f:db:0d:e0:74:2b:d8:cc:86:be:02: 6d:83:c2:fb:ca:37:87:0f:59:0c:b4:09:96:d1:99:40:cb:a8: 68:54:15:63:0a:f7:6c:b1:e0:39:5b:07:bd:f4:d7:55:df:a0: 85:8c:10:61:32:8f:c2:44:4d:1e:6d:e6:87:64:bf:4a:15:06: 9c:ec:b8:1f:b7:23:bf:e0:22:ec:44:40:b5:fc:ea:68:23:4b: c7:36:29:e5:9e:29:2a:ae:5f:14:e8:ea:19:0f:79:96:3f:28: 10:48:0b:f2:4e:8a:b1:7b:ef:42:17:0d:0d:75:80:b8:86:3e: 89:fe:35:53:7b:bb:ed:27:f0:2a:a4:b8:b6:c2:b8:c7:7f:8b: 4e:e5:f6:6f:77:a9:51:0b:69:15:1e:5b:ac:80:24:b3:15:ee: 22:40:3d:c9:06:e5:45:df:6f:3b:9d:e7:34:47:92:77:c9:a9: 16:71:70:37 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTX0KB6cQoI7R7lkm3IFmFteyzccwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxOFoX DTI3MDMwMzA2MjIxOFowMzExMC8GA1UEAxMoODFFNTkyOEMwODNGQkE5MTRFMTI0 N0JENDkxM0I1MEEyRDI4OTFBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCIjBt3JUVLdPASPMTc5eVvoG0n32Jqq0yMxqNHkH572Aanr0WToSvmHIqp 9rDIPTWGz6NB9iJjTo+Qyu7HpEXMIfH7xXH8RSGbKeK/Yvp7fDYkVDgwYx5kODtp 96LNzxp4+HvaDb5W+DHsJ8ODZPTvMOvMFXKZkRonz3A9+pmYrU4g/0OVDeyztMbt YiMjSeeBoX46X1TgKnsRxPi2R+kqNLRcTT73rTST/aPERARNJ1UX5qL2ux+tDOmV DqqkLCa3+3C6Dqn2L8RiZ72WVAvHoFMtQpdaBGtP6G7sSwqlo/EqCtI/jdTmT8L5 QM3kFPCA1lMLHH6xx6xPcy0bLAECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSB5ZKM CD+6kU4SR71JE7UKLSiRpzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p5swDQYJKoZIhvcNAQELBQADggEBAMXXOMMZBfz1z2sNSaOuZ/NNiUHMFvYAG4Y9 Ui7vlSV1+LpS1xqxlNfqg+N1KIFj+iUFljOPtrB9QD8nAjQNsZW+a2SaSJKFDxJK IQuSBgSP2w3gdCvYzIa+Am2DwvvKN4cPWQy0CZbRmUDLqGhUFWMK92yx4DlbB730 11XfoIWMEGEyj8JETR5t5odkv0oVBpzsuB+3I7/gIuxEQLX86mgjS8c2KeWeKSqu XxTo6hkPeZY/KBBIC/JOirF770IXDQ11gLiGPon+NVN7u+0n8CqkuLbCuMd/i07l 9m93qVELaRUeW6yAJLMV7iJAPckG5UXfbzud5zRHknfJqRZxcDc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:29 2026 by rpki-client