$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144654.roa File: AS144654.roa (raw, json) Hash identifier: dvzmTgV89mYqGrz0oFYAgiG5RLmOK8AWY1TdFpVSLb8= Subject key identifier: 8D:32:63:AB:0C:46:9F:A9:1D:1C:77:4E:AE:DA:01:D2:FA:11:CC:F2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 18B59DBD9D0664191631408B2F546F26DE09FCE9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144654.roa Signing time: Wed 04 Mar 2026 06:21:21 +0000 ROA not before: Wed 04 Mar 2026 06:16:21 +0000 ROA not after: Wed 03 Mar 2027 06:21:21 +0000 asID: 144654 IP address blocks: 240a:a7d4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:b5:9d:bd:9d:06:64:19:16:31:40:8b:2f:54:6f:26:de:09:fc:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:21 2026 GMT Not After : Mar 3 06:21:21 2027 GMT Subject: CN=8D3263AB0C469FA91D1C774EAEDA01D2FA11CCF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:2e:54:b5:be:d8:53:ac:76:1c:bb:98:ab:0a: 9e:ef:bd:d3:79:10:7e:d1:dd:5e:c3:f4:5e:78:f9: 88:c7:0d:e3:b2:07:40:96:ac:48:82:11:41:23:3d: 48:fc:a8:57:d3:7d:38:e4:0b:c1:ec:53:57:4b:7a: 2b:6b:f7:1c:dd:53:8d:31:c3:93:50:76:99:3a:37: ce:a1:84:61:db:58:5e:6b:6e:8c:07:a7:df:15:7f: 00:b6:47:2a:d2:39:fc:f2:37:0a:04:fb:fd:64:ee: d3:a0:34:69:a4:77:b2:2f:e4:30:27:7c:62:1f:3d: f3:a7:5f:d5:b4:f9:c6:8f:7a:27:8c:5e:a7:17:2f: bc:7d:bb:8a:f4:ea:45:5b:0c:1b:92:2d:fa:5c:60: a8:01:91:c2:a8:bb:f4:7d:49:0d:8d:49:64:f6:57: c2:08:d0:37:4a:e4:c5:47:a8:5a:e0:9d:93:17:72: 4d:22:c8:49:6d:ee:55:da:28:b4:8a:cd:4a:e7:cd: 88:5c:56:3c:bc:b4:ea:b6:66:86:00:35:3b:7b:0c: 9b:01:17:36:4d:da:8f:f5:a2:0f:09:c7:14:e3:fa: 6c:53:0f:50:a8:1a:60:7d:6a:fc:59:1c:bb:bb:3f: 78:66:fc:bd:55:13:31:a6:75:fa:62:7b:e7:33:87: 73:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:32:63:AB:0C:46:9F:A9:1D:1C:77:4E:AE:DA:01:D2:FA:11:CC:F2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144654.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7d4::/32 Signature Algorithm: sha256WithRSAEncryption 27:92:96:e9:49:d3:6b:f2:46:07:79:98:89:f3:73:db:3d:95: e6:88:55:15:aa:52:b3:c8:86:78:d1:bd:7a:bb:4f:cc:11:01: f1:78:8c:56:90:17:0b:0c:a9:22:61:4d:3c:9c:5c:04:27:0f: c9:9b:f9:ff:cd:0b:01:24:93:01:ca:db:bb:9a:24:a3:21:12: a6:66:2d:3a:73:7f:e7:fc:16:62:e3:16:11:31:66:3d:a5:90: 72:4e:f0:bc:30:ea:f0:cf:f0:3a:d6:01:a3:1a:f9:10:82:41: 47:77:84:af:59:59:ba:27:38:cf:69:f0:3d:9c:f7:c5:96:66: 6d:b3:1c:c6:2d:28:88:2e:c5:de:c2:38:54:7c:07:54:78:29: 71:25:9f:87:67:e7:97:fc:8e:c7:49:63:fb:c8:1a:0c:77:9b: 39:e3:03:e7:bc:f7:ca:15:64:ba:66:ff:73:8e:4e:49:15:2a: f4:7b:88:58:59:49:79:2a:d8:2e:a0:cd:0e:8b:a2:77:e7:c3: f3:bd:1e:51:a0:ca:2b:1b:9d:2a:47:3f:78:86:26:03:40:53: 67:95:35:5b:29:14:32:88:52:e0:b6:8f:cf:b0:f1:2b:fc:80: 4f:65:e0:dd:20:1c:29:90:e7:1f:4a:be:c7:dc:da:b4:91:68: 9b:17:8c:f1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGLWdvZ0GZBkWMUCLL1RvJt4J/OkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyMVoX DTI3MDMwMzA2MjEyMVowMzExMC8GA1UEAxMoOEQzMjYzQUIwQzQ2OUZBOTFEMUM3 NzRFQUVEQTAxRDJGQTExQ0NGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcuVLW+2FOsdhy7mKsKnu+903kQftHdXsP0Xnj5iMcN47IHQJasSIIRQSM9 SPyoV9N9OOQLwexTV0t6K2v3HN1TjTHDk1B2mTo3zqGEYdtYXmtujAen3xV/ALZH KtI5/PI3CgT7/WTu06A0aaR3si/kMCd8Yh8986df1bT5xo96J4xepxcvvH27ivTq RVsMG5It+lxgqAGRwqi79H1JDY1JZPZXwgjQN0rkxUeoWuCdkxdyTSLISW3uVdoo tIrNSufNiFxWPLy06rZmhgA1O3sMmwEXNk3aj/WiDwnHFOP6bFMPUKgaYH1q/Fkc u7s/eGb8vVUTMaZ1+mJ75zOHc6UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSNMmOr DEafqR0cd06u2gHS+hHM8jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p9QwDQYJKoZIhvcNAQELBQADggEBACeSlulJ02vyRgd5mInzc9s9leaIVRWqUrPI hnjRvXq7T8wRAfF4jFaQFwsMqSJhTTycXAQnD8mb+f/NCwEkkwHK27uaJKMhEqZm LTpzf+f8FmLjFhExZj2lkHJO8Lww6vDP8DrWAaMa+RCCQUd3hK9ZWbonOM9p8D2c 98WWZm2zHMYtKIguxd7COFR8B1R4KXEln4dn55f8jsdJY/vIGgx3mznjA+e898oV ZLpm/3OOTkkVKvR7iFhZSXkq2C6gzQ6Lonfnw/O9HlGgyisbnSpHP3iGJgNAU2eV NVspFDKIUuC2j8+w8Sv8gE9l4N0gHCmQ5x9Kvsfc2rSRaJsXjPE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:10 2026 by rpki-client