$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144629.roa File: AS144629.roa (raw, json) Hash identifier: D+RfWELdxxVm/toIxJ3YfJv7YvdF2j8CooNdXsOvCm8= Subject key identifier: 9D:44:C1:D9:08:79:3D:43:68:5F:EE:C4:E3:7D:0E:BE:15:7F:44:A6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 427499A1185C6A88D2D719101E76AA4CBEAFFB8A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144629.roa Signing time: Wed 04 Mar 2026 06:19:43 +0000 ROA not before: Wed 04 Mar 2026 06:14:43 +0000 ROA not after: Wed 03 Mar 2027 06:19:43 +0000 asID: 144629 IP address blocks: 240a:a7bb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:74:99:a1:18:5c:6a:88:d2:d7:19:10:1e:76:aa:4c:be:af:fb:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:43 2026 GMT Not After : Mar 3 06:19:43 2027 GMT Subject: CN=9D44C1D908793D43685FEEC4E37D0EBE157F44A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:be:2b:9a:af:91:75:ee:55:71:8c:73:a3:ca: 3a:cd:ae:68:25:7b:36:7d:9b:f0:7b:3c:67:e9:45: ec:52:50:a1:bf:12:59:74:8a:e1:06:5e:90:7a:50: c7:d4:97:14:1b:1c:85:e4:68:4a:19:b2:1c:54:13: a6:73:79:60:a2:37:90:89:7f:7e:b0:e3:dd:48:92: 4e:b3:1c:d8:ff:8c:b6:1f:eb:d0:ec:7f:1b:b3:d1: 75:d1:27:52:bb:03:ae:75:21:30:35:22:cb:48:4e: 69:79:c5:59:90:68:6e:1c:26:dd:35:b1:49:54:70: 4d:a7:b5:27:23:44:0d:10:0c:a2:a0:8b:87:63:59: 7b:79:12:5b:5b:57:55:69:2f:e7:84:d6:5c:55:ec: 27:2f:f4:3a:83:15:6d:52:b3:09:18:4f:7d:44:70: 9a:7a:45:e1:d1:bd:8b:a1:9f:e0:b5:c2:99:ca:01: ce:f9:1b:1f:ae:33:4b:e0:f2:5d:67:ac:e9:39:5d: 8c:9f:a7:18:f5:67:58:1f:34:65:2f:02:5c:fb:1f: 86:10:c2:4f:ab:c2:d1:92:57:ba:eb:c5:97:a1:64: f9:7f:62:b1:e3:5b:3b:8b:c2:17:4b:02:37:57:de: d5:c1:ac:1d:36:ef:01:b6:d2:d1:2a:c0:f2:ba:28: 9c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:44:C1:D9:08:79:3D:43:68:5F:EE:C4:E3:7D:0E:BE:15:7F:44:A6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144629.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7bb::/32 Signature Algorithm: sha256WithRSAEncryption 35:1f:56:04:6b:0a:d8:37:41:13:18:20:66:c6:8a:d3:54:85: e0:c4:89:f1:89:62:5b:d1:09:e8:22:4f:21:d1:37:d2:96:b9: de:30:3b:66:1b:1f:ac:b8:be:d1:89:95:6c:f1:5d:57:82:62: a3:6e:00:39:a0:c2:92:64:e1:25:99:e5:75:f3:0c:db:d0:de: eb:64:bc:84:13:8e:92:5c:6e:ec:14:c9:ac:81:52:44:67:a5: 80:87:c0:39:93:c2:37:fd:d0:7e:d1:a3:be:5b:ff:69:a3:ec: 1c:34:3c:35:41:e0:aa:0e:fa:72:50:e3:48:c1:41:32:f8:9b: a8:a7:31:13:50:b6:0c:9d:b8:f2:ee:72:3f:8b:c6:44:f7:44: a6:dd:6d:77:bc:69:fc:8f:ae:84:e9:5b:00:52:be:a1:78:1a: 22:b2:05:5e:4a:f8:fd:7f:18:d3:2e:38:fd:3d:4d:eb:28:e0: fb:cd:2a:73:90:e4:b6:b5:18:fd:17:0e:f1:41:d4:27:05:30: 28:5a:bd:e6:69:5b:9b:95:c0:e5:d7:49:41:7e:8c:a8:ce:3b: 29:bf:bc:7d:d8:0c:e0:d3:63:5c:d9:88:b3:4b:5c:8c:85:a4: 25:90:3f:3a:ef:be:66:3c:0b:a9:37:d5:eb:4a:74:73:e6:d9: 03:4b:d0:a9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQnSZoRhcaojS1xkQHnaqTL6v+4owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0M1oX DTI3MDMwMzA2MTk0M1owMzExMC8GA1UEAxMoOUQ0NEMxRDkwODc5M0Q0MzY4NUZF RUM0RTM3RDBFQkUxNTdGNDRBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL++K5qvkXXuVXGMc6PKOs2uaCV7Nn2b8Hs8Z+lF7FJQob8SWXSK4QZekHpQ x9SXFBscheRoShmyHFQTpnN5YKI3kIl/frDj3UiSTrMc2P+Mth/r0Ox/G7PRddEn UrsDrnUhMDUiy0hOaXnFWZBobhwm3TWxSVRwTae1JyNEDRAMoqCLh2NZe3kSW1tX VWkv54TWXFXsJy/0OoMVbVKzCRhPfURwmnpF4dG9i6Gf4LXCmcoBzvkbH64zS+Dy XWes6TldjJ+nGPVnWB80ZS8CXPsfhhDCT6vC0ZJXuuvFl6Fk+X9iseNbO4vCF0sC N1fe1cGsHTbvAbbS0SrA8roonF0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSdRMHZ CHk9Q2hf7sTjfQ6+FX9EpjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDYyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p7swDQYJKoZIhvcNAQELBQADggEBADUfVgRrCtg3QRMYIGbGitNUheDEifGJYlvR CegiTyHRN9KWud4wO2YbH6y4vtGJlWzxXVeCYqNuADmgwpJk4SWZ5XXzDNvQ3utk vIQTjpJcbuwUyayBUkRnpYCHwDmTwjf90H7Ro75b/2mj7Bw0PDVB4KoO+nJQ40jB QTL4m6inMRNQtgyduPLucj+LxkT3RKbdbXe8afyProTpWwBSvqF4GiKyBV5K+P1/ GNMuOP09Teso4PvNKnOQ5La1GP0XDvFB1CcFMChaveZpW5uVwOXXSUF+jKjOOym/ vH3YDODTY1zZiLNLXIyFpCWQPzrvvmY8C6k31etKdHPm2QNL0Kk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:19 2026 by rpki-client