$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144621.roa File: AS144621.roa (raw, json) Hash identifier: WYEx8p630IRduRQlkQnmBZxbH+hL0ta8oehUvozojPc= Subject key identifier: E3:01:63:FF:F1:2D:E4:A7:CA:E4:87:2E:B5:C2:B8:FB:25:6A:CC:4C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 73A288AC7097304401B5F98FD6A4FA3A5A603629 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144621.roa Signing time: Wed 04 Mar 2026 06:19:18 +0000 ROA not before: Wed 04 Mar 2026 06:14:18 +0000 ROA not after: Wed 03 Mar 2027 06:19:18 +0000 asID: 144621 IP address blocks: 240a:a7b3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:a2:88:ac:70:97:30:44:01:b5:f9:8f:d6:a4:fa:3a:5a:60:36:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:18 2026 GMT Not After : Mar 3 06:19:18 2027 GMT Subject: CN=E30163FFF12DE4A7CAE4872EB5C2B8FB256ACC4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:65:09:67:b8:f5:bb:d3:9c:49:c3:71:d1:b7: d0:a6:e3:38:1c:f8:58:0c:65:4e:62:39:a7:67:60: 68:a0:c6:61:a2:6c:8d:8c:f3:c1:34:00:11:91:3a: 60:a4:85:9d:3c:90:73:4c:46:61:0f:9f:c5:9f:c2: e5:9d:37:d4:c6:0e:aa:2f:33:03:ef:9c:81:5f:4a: 01:31:bb:13:d3:fc:bc:8c:0a:a9:b7:5e:2c:c8:a4: 7e:1c:ba:83:14:2d:1b:13:f4:cf:be:2b:3f:7f:05: 25:6e:7e:11:7b:f3:f3:39:a1:31:c3:cd:49:d9:f9: fa:d4:4a:62:4a:5d:af:8f:a3:33:b0:61:c4:d7:5a: 60:03:10:ac:dd:2e:c3:3e:dd:fa:40:e7:19:e7:20: a9:8f:c8:5d:89:b1:97:10:e3:55:a3:ae:d5:e1:48: ee:01:44:1b:d2:49:61:56:0a:8f:c5:99:f2:1f:96: d1:4b:1c:fd:ca:61:f6:f4:3d:00:d0:36:94:1b:3a: 7a:a4:29:4b:98:48:83:f8:74:bf:3e:57:00:5a:d7: 9f:c8:fc:a7:80:06:dc:4e:3c:a7:31:d1:ac:90:4d: 0c:80:a9:cd:23:b3:6e:8a:0c:12:25:d6:06:72:a5: 9f:9e:02:98:79:31:eb:ad:f5:6d:3d:17:50:e8:36: ed:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:01:63:FF:F1:2D:E4:A7:CA:E4:87:2E:B5:C2:B8:FB:25:6A:CC:4C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7b3::/32 Signature Algorithm: sha256WithRSAEncryption 81:45:c9:f4:63:a4:54:01:39:b9:25:0e:64:23:63:7d:67:c0: b7:14:07:e9:0d:33:71:d4:ca:9e:18:9c:07:a6:48:13:94:8d: 15:ca:f3:ef:36:38:fd:f1:df:dc:f6:96:3e:ab:7a:d3:e4:ae: 68:75:29:9b:d2:21:c6:2e:32:9c:55:5e:10:e2:0c:a9:1e:82: d1:c1:a6:dc:34:21:49:7a:77:29:93:c0:53:7f:9f:1b:b4:78: 42:91:b3:64:ef:32:70:ad:e9:2a:02:fa:0a:b1:71:91:6f:87: 5c:65:86:75:14:c3:45:58:94:97:13:d6:5a:f3:16:98:80:ab: 12:96:32:d9:a3:d9:12:30:33:00:22:54:72:2a:dc:ed:d7:de: 1c:f1:ec:1b:91:b0:21:3b:85:b6:1f:97:6c:5d:fe:c4:e2:9d: 0f:73:5f:92:4d:90:59:cf:9f:f0:99:01:17:f6:9b:11:12:85: 25:e8:20:23:ee:e7:df:0c:33:fc:03:19:95:70:bc:69:30:3a: e0:11:2b:10:87:19:ee:f8:b5:f0:d9:c5:ad:5f:f4:9a:f0:91: d9:5b:06:23:a5:c4:38:1c:67:f9:d3:c2:3b:3f:45:d4:e2:b5: b7:e4:c7:78:10:d6:b0:ee:f6:8a:01:e2:0a:32:64:99:31:06: 28:12:0a:4b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUc6KIrHCXMEQBtfmP1qT6OlpgNikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQxOFoX DTI3MDMwMzA2MTkxOFowMzExMC8GA1UEAxMoRTMwMTYzRkZGMTJERTRBN0NBRTQ4 NzJFQjVDMkI4RkIyNTZBQ0M0QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM5lCWe49bvTnEnDcdG30KbjOBz4WAxlTmI5p2dgaKDGYaJsjYzzwTQAEZE6 YKSFnTyQc0xGYQ+fxZ/C5Z031MYOqi8zA++cgV9KATG7E9P8vIwKqbdeLMikfhy6 gxQtGxP0z74rP38FJW5+EXvz8zmhMcPNSdn5+tRKYkpdr4+jM7BhxNdaYAMQrN0u wz7d+kDnGecgqY/IXYmxlxDjVaOu1eFI7gFEG9JJYVYKj8WZ8h+W0Usc/cph9vQ9 ANA2lBs6eqQpS5hIg/h0vz5XAFrXn8j8p4AG3E48pzHRrJBNDICpzSOzbooMEiXW BnKln54CmHkx6631bT0XUOg27V8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTjAWP/ 8S3kp8rkhy61wrj7JWrMTDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDYyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p7MwDQYJKoZIhvcNAQELBQADggEBAIFFyfRjpFQBObklDmQjY31nwLcUB+kNM3HU yp4YnAemSBOUjRXK8+82OP3x39z2lj6retPkrmh1KZvSIcYuMpxVXhDiDKkegtHB ptw0IUl6dymTwFN/nxu0eEKRs2TvMnCt6SoC+gqxcZFvh1xlhnUUw0VYlJcT1lrz FpiAqxKWMtmj2RIwMwAiVHIq3O3X3hzx7BuRsCE7hbYfl2xd/sTinQ9zX5JNkFnP n/CZARf2mxEShSXoICPu598MM/wDGZVwvGkwOuARKxCHGe74tfDZxa1f9Jrwkdlb BiOlxDgcZ/nTwjs/RdTitbfkx3gQ1rDu9ooB4goyZJkxBigSCks= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:48 2026 by rpki-client