$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144625.roa File: AS144625.roa (raw, json) Hash identifier: RoVReCkjrM6lZgJJ2IQ5kvYER4CZouoKUh6slREle9w= Subject key identifier: 7B:A0:0E:74:DB:84:E4:A4:F8:0A:67:2A:98:7D:AD:D7:DF:32:DE:8F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1616B2FA2914C51E52FFD6795B4E3310CBE85532 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144625.roa Signing time: Wed 04 Mar 2026 06:20:48 +0000 ROA not before: Wed 04 Mar 2026 06:15:48 +0000 ROA not after: Wed 03 Mar 2027 06:20:48 +0000 asID: 144625 IP address blocks: 240a:a7b7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:16:b2:fa:29:14:c5:1e:52:ff:d6:79:5b:4e:33:10:cb:e8:55:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:48 2026 GMT Not After : Mar 3 06:20:48 2027 GMT Subject: CN=7BA00E74DB84E4A4F80A672A987DADD7DF32DE8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d0:a1:2d:45:f8:56:2d:17:19:61:ab:f4:12: fb:29:2c:ba:75:92:2c:a5:98:29:f9:b8:9c:c2:76: e2:ea:cb:95:c5:59:f0:f7:76:df:8f:6b:8d:5d:44: f0:8f:5d:58:60:8a:a1:03:b9:6c:41:3a:c5:e1:95: 87:97:7f:95:cf:c9:a4:b0:8d:2b:04:1e:88:99:f8: ca:ff:ea:63:f2:b0:a0:20:e7:ce:10:91:c3:80:45: b6:ba:8a:6e:32:a6:f6:d3:e4:11:f3:3e:b8:74:92: df:97:80:69:b5:91:3c:34:a6:32:ad:24:fe:c6:3b: a5:87:64:7a:4e:f3:24:61:33:5f:2c:01:e5:87:25: 20:de:e3:f1:b1:98:40:7b:4d:6c:a6:1a:84:ee:f9: c0:c2:39:96:e0:c9:16:68:d6:68:42:90:b0:ff:02: 01:3d:46:40:e2:77:69:c1:88:91:fc:13:b3:dd:2f: f8:63:89:89:c3:3a:9b:e9:73:56:74:74:70:9b:ed: 25:23:f0:d0:d1:9a:ee:31:0e:14:a2:3f:d4:9f:f5: aa:76:ff:4e:30:50:7e:19:13:30:7b:c0:d5:0b:ca: 76:2f:ea:a0:09:6c:55:65:2a:44:a5:8e:79:e9:8e: 12:bc:80:d5:8c:6e:34:35:73:ff:bd:fb:b3:d2:ba: d8:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:A0:0E:74:DB:84:E4:A4:F8:0A:67:2A:98:7D:AD:D7:DF:32:DE:8F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144625.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7b7::/32 Signature Algorithm: sha256WithRSAEncryption 16:63:0e:44:25:c2:16:4b:e9:3a:96:1d:b0:0a:bc:87:ef:4b: 9a:05:d3:2e:f0:a8:9a:0f:01:26:75:07:61:c1:5b:3f:e0:3e: 14:69:d7:b4:a5:2a:cd:16:52:96:22:3a:65:d9:62:f2:0f:93: 51:4b:f8:e9:de:3b:16:1c:7c:bc:32:ff:07:de:d5:b0:cb:a7: 7b:39:ef:8a:58:8f:ca:70:38:69:57:04:20:dd:e8:98:01:64: 96:92:71:1f:82:c1:54:07:16:11:6c:96:76:c9:1b:ec:0e:8b: eb:4b:d5:78:a1:09:dc:02:a1:f7:b6:17:46:cc:5b:fc:a1:81: 01:36:87:16:32:14:61:68:a3:d2:7b:23:c6:c9:27:d2:c4:17: ba:1a:29:16:0b:82:34:ae:8e:c4:3e:6e:22:fb:95:1f:fa:26: ef:df:d0:d9:00:7d:ad:05:3d:b0:00:1e:cc:24:bf:27:21:bf: 4e:03:86:13:4c:00:98:a2:1b:60:e8:a8:43:e7:d4:ca:9a:1f: 31:d2:98:3f:33:8e:92:03:98:a1:84:96:ac:da:98:23:c8:75: 95:74:ef:62:63:eb:e5:85:55:85:ac:f7:7a:eb:83:de:1e:5d: b0:78:1e:ae:82:02:a0:ec:ad:b7:de:f3:f0:37:6a:df:4c:81: 83:d6:bd:f2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFhay+ikUxR5S/9Z5W04zEMvoVTIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0OFoX DTI3MDMwMzA2MjA0OFowMzExMC8GA1UEAxMoN0JBMDBFNzREQjg0RTRBNEY4MEE2 NzJBOTg3REFERDdERjMyREU4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDQoS1F+FYtFxlhq/QS+yksunWSLKWYKfm4nMJ24urLlcVZ8Pd2349rjV1E 8I9dWGCKoQO5bEE6xeGVh5d/lc/JpLCNKwQeiJn4yv/qY/KwoCDnzhCRw4BFtrqK bjKm9tPkEfM+uHSS35eAabWRPDSmMq0k/sY7pYdkek7zJGEzXywB5YclIN7j8bGY QHtNbKYahO75wMI5luDJFmjWaEKQsP8CAT1GQOJ3acGIkfwTs90v+GOJicM6m+lz VnR0cJvtJSPw0NGa7jEOFKI/1J/1qnb/TjBQfhkTMHvA1QvKdi/qoAlsVWUqRKWO eemOEryA1YxuNDVz/737s9K62BkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR7oA50 24TkpPgKZyqYfa3X3zLejzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDYyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p7cwDQYJKoZIhvcNAQELBQADggEBABZjDkQlwhZL6TqWHbAKvIfvS5oF0y7wqJoP ASZ1B2HBWz/gPhRp17SlKs0WUpYiOmXZYvIPk1FL+OneOxYcfLwy/wfe1bDLp3s5 74pYj8pwOGlXBCDd6JgBZJaScR+CwVQHFhFslnbJG+wOi+tL1XihCdwCofe2F0bM W/yhgQE2hxYyFGFoo9J7I8bJJ9LEF7oaKRYLgjSujsQ+biL7lR/6Ju/f0NkAfa0F PbAAHswkvychv04DhhNMAJiiG2DoqEPn1MqaHzHSmD8zjpIDmKGElqzamCPIdZV0 72Jj6+WFVYWs93rrg94eXbB4Hq6CAqDsrbfe8/A3at9MgYPWvfI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:09 2026 by rpki-client