$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144622.roa File: AS144622.roa (raw, json) Hash identifier: dHV4FcQvLBCypyrYz23GUo8zlHG9Rg3IcZ3ZAV1lv+M= Subject key identifier: 73:48:05:AF:1A:66:2E:9E:9C:6C:D2:8F:DC:06:C5:CF:93:99:A9:4B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6AFECC8BA978E1D7FC0E361C23BDF5AC2C74E5BB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144622.roa Signing time: Wed 04 Mar 2026 06:22:07 +0000 ROA not before: Wed 04 Mar 2026 06:17:07 +0000 ROA not after: Wed 03 Mar 2027 06:22:07 +0000 asID: 144622 IP address blocks: 240a:a7b4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:fe:cc:8b:a9:78:e1:d7:fc:0e:36:1c:23:bd:f5:ac:2c:74:e5:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:07 2026 GMT Not After : Mar 3 06:22:07 2027 GMT Subject: CN=734805AF1A662E9E9C6CD28FDC06C5CF9399A94B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:55:8d:a8:21:9f:0c:0b:d1:c7:7d:68:e7:71: f5:95:7b:65:27:6f:cb:e0:36:35:28:50:56:64:98: f6:b6:c8:e1:52:c1:85:2e:81:71:5b:de:26:ea:88: d7:bc:b5:35:bf:86:47:39:78:46:29:ea:ec:11:da: 65:6d:0d:54:62:1c:3d:43:c9:ed:7b:52:49:29:67: 82:bf:80:5d:f5:f9:48:48:72:92:72:9a:a2:27:b4: 7e:8e:34:58:0f:e6:0a:fd:97:90:2d:9d:af:1a:2e: 8e:67:6f:d9:7d:9d:9c:24:de:d4:ea:bb:22:77:36: 05:0e:58:5a:16:f8:b4:da:74:4a:8f:b6:2c:df:d2: 1f:60:25:21:5a:68:8b:f7:9a:b3:63:7a:b3:b4:29: 34:47:e6:f6:14:7b:69:d9:65:e4:26:15:07:01:80: 82:43:71:22:35:45:e1:94:ae:57:e8:29:aa:2f:b9: fc:6d:ec:7f:48:c4:fb:aa:3f:5a:0d:0c:b6:9e:50: ba:8d:f1:8a:42:00:b5:9f:4c:fe:ba:02:b0:cf:09: 1f:ab:97:db:79:31:db:f9:b7:3a:9a:94:16:6a:be: eb:f2:69:2a:d1:88:f9:03:53:19:7d:20:cd:e4:07: 6d:e0:cf:4b:02:d9:a7:de:c2:15:1b:b9:ae:48:b4: aa:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:48:05:AF:1A:66:2E:9E:9C:6C:D2:8F:DC:06:C5:CF:93:99:A9:4B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144622.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7b4::/32 Signature Algorithm: sha256WithRSAEncryption 17:56:95:58:6b:7c:87:a6:b3:a7:d8:d6:bc:f5:0e:e2:25:7c: 94:2e:b5:74:54:70:df:88:8d:a6:00:f0:2e:cd:e1:8b:d5:13: f5:9e:14:39:57:4d:9e:f9:8e:06:45:4f:ca:3d:a5:07:25:7f: 81:e8:a0:c0:50:b4:7b:8b:6b:ad:5f:b4:68:ee:ea:05:16:8c: 71:d5:41:9c:51:8e:a4:10:39:a8:f0:7d:f5:c8:0f:20:cd:82: 32:25:5a:d6:91:a5:2f:88:27:99:ca:72:c5:fd:78:f5:cb:3d: 2c:ef:c1:02:e4:10:0a:d7:0f:06:62:f7:e4:fa:ee:16:aa:92: 9c:96:bf:39:63:80:37:aa:a7:14:55:ac:e5:15:0a:74:8a:cd: 1e:f4:cf:48:a9:89:9c:b1:9a:6e:a5:76:6f:42:ee:13:4a:82: 77:d1:51:51:1d:e5:06:1c:e4:91:f0:23:fc:b9:ef:23:8c:dd: 7e:bf:23:5b:32:b0:18:7d:2f:26:f6:71:f6:85:15:e8:10:0d: 8b:7d:4d:f4:a7:87:91:87:a3:49:be:3a:d0:fe:e2:1d:41:78: 8c:5c:db:e2:e9:00:c9:44:81:a9:00:10:2c:be:2a:ae:1e:02: d4:0b:d4:4c:7e:f3:4a:2a:6a:89:9e:25:49:08:7e:07:71:c7: 45:d5:c3:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUav7Mi6l44df8DjYcI731rCx05bswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwN1oX DTI3MDMwMzA2MjIwN1owMzExMC8GA1UEAxMoNzM0ODA1QUYxQTY2MkU5RTlDNkNE MjhGREMwNkM1Q0Y5Mzk5QTk0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI5VjaghnwwL0cd9aOdx9ZV7ZSdvy+A2NShQVmSY9rbI4VLBhS6BcVveJuqI 17y1Nb+GRzl4Rinq7BHaZW0NVGIcPUPJ7XtSSSlngr+AXfX5SEhyknKaoie0fo40 WA/mCv2XkC2drxoujmdv2X2dnCTe1Oq7Inc2BQ5YWhb4tNp0So+2LN/SH2AlIVpo i/eas2N6s7QpNEfm9hR7adll5CYVBwGAgkNxIjVF4ZSuV+gpqi+5/G3sf0jE+6o/ Wg0Mtp5Quo3xikIAtZ9M/roCsM8JH6uX23kx2/m3OpqUFmq+6/JpKtGI+QNTGX0g zeQHbeDPSwLZp97CFRu5rki0qs8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRzSAWv GmYunpxs0o/cBsXPk5mpSzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDYyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p7QwDQYJKoZIhvcNAQELBQADggEBABdWlVhrfIems6fY1rz1DuIlfJQutXRUcN+I jaYA8C7N4YvVE/WeFDlXTZ75jgZFT8o9pQclf4HooMBQtHuLa61ftGju6gUWjHHV QZxRjqQQOajwffXIDyDNgjIlWtaRpS+IJ5nKcsX9ePXLPSzvwQLkEArXDwZi9+T6 7haqkpyWvzljgDeqpxRVrOUVCnSKzR70z0ipiZyxmm6ldm9C7hNKgnfRUVEd5QYc 5JHwI/y57yOM3X6/I1sysBh9Lyb2cfaFFegQDYt9TfSnh5GHo0m+OtD+4h1BeIxc 2+LpAMlEgakAECy+Kq4eAtQL1Ex+80oqaomeJUkIfgdxx0XVwzI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:34 2026 by rpki-client