$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144653.roa File: AS144653.roa (raw, json) Hash identifier: TUQV9+ts23/DBAVjmLzds5IvhH0VPKyoVamSCTvciuA= Subject key identifier: 05:92:E6:02:19:60:9B:E2:E2:49:CE:D9:92:C4:56:D8:CF:7E:D3:38 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0C497580B4B7262EDD3BE43D0626267AC3E9F424 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144653.roa Signing time: Wed 04 Mar 2026 06:19:30 +0000 ROA not before: Wed 04 Mar 2026 06:14:30 +0000 ROA not after: Wed 03 Mar 2027 06:19:30 +0000 asID: 144653 IP address blocks: 240a:a7d3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:49:75:80:b4:b7:26:2e:dd:3b:e4:3d:06:26:26:7a:c3:e9:f4:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:30 2026 GMT Not After : Mar 3 06:19:30 2027 GMT Subject: CN=0592E60219609BE2E249CED992C456D8CF7ED338 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ec:75:9d:95:5e:b0:4f:65:16:e6:91:73:f2: 1a:87:84:c9:e7:ae:d5:5c:fc:c2:3b:ab:cc:d0:d7: 0e:38:8b:eb:16:6c:ca:91:43:a2:ad:54:e2:17:bd: ba:9e:bf:2f:ef:76:24:ed:89:b0:6c:be:fe:a1:55: ec:74:1f:16:c5:3f:97:2d:28:82:09:7b:11:4f:6a: ae:60:2a:ac:0f:93:01:a6:5b:4f:9c:b1:6f:ff:ad: 68:61:06:16:b9:ef:cf:77:85:80:f1:b5:9a:7d:94: fa:9d:b4:00:ba:9d:7c:1f:eb:b0:dd:ca:bd:fd:34: 0f:11:32:62:fd:72:60:22:25:85:89:02:65:6e:bd: d9:93:5e:2c:24:51:fd:72:fd:e8:f1:b3:3d:88:ad: 59:a1:d8:cc:66:91:cc:73:e9:6b:40:84:ed:b9:d3: b3:cd:22:7c:1f:26:3a:78:5c:6d:f6:e3:d2:f3:74: 3d:47:6a:94:68:58:ff:8c:4a:db:31:61:b7:4b:5b: 15:1b:c0:eb:30:01:a4:e0:53:9e:16:8d:a4:ad:95: ef:7a:35:2b:14:e0:b5:b3:73:fa:dc:26:31:ce:86: 6b:4a:b3:71:d1:a8:df:e9:01:f6:e6:f5:c4:c2:08: cf:0c:48:b2:fd:30:0a:d3:47:a4:3e:31:43:bf:b0: d8:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:92:E6:02:19:60:9B:E2:E2:49:CE:D9:92:C4:56:D8:CF:7E:D3:38 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144653.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7d3::/32 Signature Algorithm: sha256WithRSAEncryption 69:65:bb:f4:ca:ca:c7:8f:fd:cf:dc:2b:36:91:87:9f:01:ca: 98:0f:fc:7c:49:7a:d8:ac:c4:f8:f0:b2:c4:32:eb:aa:8a:14: 08:26:af:c2:70:f6:e5:c1:8d:1d:ef:4e:68:3f:58:26:9e:50: 06:a1:f3:cd:6b:8b:52:e5:57:a5:d0:11:c0:05:f6:68:0d:f9: 8b:e9:51:67:78:c5:ec:de:c6:d3:a3:75:3e:4e:be:92:e3:91: 5d:40:a7:3f:44:2d:3c:01:e3:16:5e:c8:1a:50:75:c0:ba:43: 78:e3:80:f2:f9:4b:6b:42:87:19:19:66:5c:54:ba:69:11:de: 10:61:d1:bb:ec:19:d1:4b:09:70:7a:ef:cc:4c:d1:c1:0b:92: a8:fd:47:c7:59:79:2d:07:ff:e6:c2:81:e0:a9:95:3e:ec:71: 56:ff:44:44:9e:90:8c:c7:65:e3:7c:a7:eb:58:19:fe:db:6a: ad:c7:91:fe:f0:ee:b2:c8:56:89:f5:3c:f2:b4:b6:51:3c:a1: 0a:5c:dd:78:fb:d5:4c:c4:49:6d:2e:fa:b9:ba:d2:d8:3a:c9: 20:94:0c:81:28:08:0e:91:c0:c7:89:8a:06:8f:cd:a7:d5:c1: f8:a9:eb:4b:91:0e:b5:ea:86:32:76:e8:cc:25:a8:9e:22:66: 36:d2:00:62 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDEl1gLS3Ji7dO+Q9BiYmesPp9CQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzMFoX DTI3MDMwMzA2MTkzMFowMzExMC8GA1UEAxMoMDU5MkU2MDIxOTYwOUJFMkUyNDlD RUQ5OTJDNDU2RDhDRjdFRDMzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDsdZ2VXrBPZRbmkXPyGoeEyeeu1Vz8wjurzNDXDjiL6xZsypFDoq1U4he9 up6/L+92JO2JsGy+/qFV7HQfFsU/ly0oggl7EU9qrmAqrA+TAaZbT5yxb/+taGEG Frnvz3eFgPG1mn2U+p20ALqdfB/rsN3Kvf00DxEyYv1yYCIlhYkCZW692ZNeLCRR /XL96PGzPYitWaHYzGaRzHPpa0CE7bnTs80ifB8mOnhcbfbj0vN0PUdqlGhY/4xK 2zFht0tbFRvA6zABpOBTnhaNpK2V73o1KxTgtbNz+twmMc6Ga0qzcdGo3+kB9ub1 xMIIzwxIsv0wCtNHpD4xQ7+w2NkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQFkuYC GWCb4uJJztmSxFbYz37TODAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p9MwDQYJKoZIhvcNAQELBQADggEBAGllu/TKyseP/c/cKzaRh58BypgP/HxJetis xPjwssQy66qKFAgmr8Jw9uXBjR3vTmg/WCaeUAah881ri1LlV6XQEcAF9mgN+Yvp UWd4xezextOjdT5OvpLjkV1Apz9ELTwB4xZeyBpQdcC6Q3jjgPL5S2tChxkZZlxU umkR3hBh0bvsGdFLCXB678xM0cELkqj9R8dZeS0H/+bCgeCplT7scVb/RESekIzH ZeN8p+tYGf7baq3Hkf7w7rLIVon1PPK0tlE8oQpc3Xj71UzESW0u+rm60tg6ySCU DIEoCA6RwMeJigaPzafVwfip60uRDrXqhjJ26MwlqJ4iZjbSAGI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:03 2026 by rpki-client