$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144656.roa File: AS144656.roa (raw, json) Hash identifier: 3MTYa6nYrEApAyUYVoEW5D3Sfo+9kH3hsgwl4L+v0IE= Subject key identifier: 85:DB:5A:61:C2:F0:E6:07:65:DD:4A:75:C7:DC:74:C1:A4:8E:A6:D1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C4824EEFF7CDCCB85F4720A0C3A7E4F4670FE5A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144656.roa Signing time: Wed 04 Mar 2026 06:21:28 +0000 ROA not before: Wed 04 Mar 2026 06:16:28 +0000 ROA not after: Wed 03 Mar 2027 06:21:28 +0000 asID: 144656 IP address blocks: 240a:a7d6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:48:24:ee:ff:7c:dc:cb:85:f4:72:0a:0c:3a:7e:4f:46:70:fe:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:28 2026 GMT Not After : Mar 3 06:21:28 2027 GMT Subject: CN=85DB5A61C2F0E60765DD4A75C7DC74C1A48EA6D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:1f:18:9c:09:3e:98:d5:ee:05:14:8a:4d:ae: 63:07:14:a7:75:42:f2:49:c1:d1:67:06:6c:70:a3: d4:13:41:39:58:23:e3:53:cc:4d:cf:7b:df:e3:c6: 43:73:5c:eb:07:1a:78:4a:eb:a4:12:3f:68:44:36: 92:0c:7f:1e:e2:fc:c9:93:30:91:24:77:38:44:13: bc:be:85:00:20:80:0d:b7:d0:3a:2c:48:27:33:48: 82:68:98:46:d4:9b:b0:9b:14:ef:77:84:a4:dd:c3: a2:16:db:a8:d8:52:9e:d6:9a:f0:3e:e6:e1:f8:3e: 37:3e:1e:18:65:73:9e:99:12:dd:74:cb:9f:59:5b: 48:2a:06:c1:05:d9:b8:a4:58:b7:84:8e:13:18:2b: 0c:e7:b4:f6:5a:d4:17:ee:e8:14:36:df:a6:5c:f7: 06:3d:dd:d2:22:63:f6:ed:db:fb:fd:03:78:b2:bb: 69:c1:5c:20:c0:5d:55:28:03:1e:3b:5b:7e:d5:9d: e7:97:83:2e:16:13:b3:34:b9:b2:e3:57:3a:8e:44: 12:c6:f3:97:98:84:7e:df:96:42:fb:af:f3:ef:92: 35:d6:c4:1b:14:a3:03:4b:51:0e:91:04:df:da:c5: fb:9f:65:18:45:cc:34:a1:a1:18:77:45:15:b9:9b: 09:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:DB:5A:61:C2:F0:E6:07:65:DD:4A:75:C7:DC:74:C1:A4:8E:A6:D1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144656.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7d6::/32 Signature Algorithm: sha256WithRSAEncryption 9b:de:98:3a:53:68:03:7d:42:a4:87:41:e3:ec:83:26:89:66: 39:76:e8:eb:2f:09:19:15:e5:57:b7:f7:39:c5:2a:2b:dc:31: f8:ae:b4:d3:ff:bb:bf:78:35:c8:cb:16:d1:ee:f6:7e:1b:85: 64:1c:ab:ec:28:47:e0:f2:31:15:23:bd:4a:79:28:57:da:1f: 22:09:7c:5b:a9:66:68:d7:43:00:1e:a7:1b:c8:e9:d2:ed:44: 17:c5:ec:27:ff:39:7d:aa:4e:c5:e1:42:af:8f:e2:43:12:58: fe:2d:7a:dc:8d:b7:7e:ab:d8:63:79:62:da:5a:d8:c2:3b:3a: d8:5a:ac:24:9d:40:10:8c:e1:3f:87:a4:11:82:5a:76:09:8c: 6e:4f:3e:2a:78:08:48:b2:9f:08:0e:f4:ae:ce:ea:ad:bf:79: 6d:d9:2f:62:1f:2f:a7:df:c9:25:2b:f3:a5:0e:24:4e:82:e8: a1:d5:4d:dd:68:37:0a:fb:77:4f:aa:0b:08:ef:7c:c2:c5:42: 6f:31:a7:4b:83:9d:51:a5:cd:da:29:f5:e1:94:97:0c:24:57: 93:2b:d1:76:ed:0b:8d:dc:68:1e:db:82:c6:40:dc:0a:0b:66: 7b:43:a2:51:6c:26:27:c0:a3:13:8b:aa:76:cd:21:b8:2f:4e: 3e:2c:f9:b9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfEgk7v983MuF9HIKDDp+T0Zw/lowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyOFoX DTI3MDMwMzA2MjEyOFowMzExMC8GA1UEAxMoODVEQjVBNjFDMkYwRTYwNzY1REQ0 QTc1QzdEQzc0QzFBNDhFQTZEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO8fGJwJPpjV7gUUik2uYwcUp3VC8knB0WcGbHCj1BNBOVgj41PMTc973+PG Q3Nc6wcaeErrpBI/aEQ2kgx/HuL8yZMwkSR3OEQTvL6FACCADbfQOixIJzNIgmiY RtSbsJsU73eEpN3DohbbqNhSntaa8D7m4fg+Nz4eGGVznpkS3XTLn1lbSCoGwQXZ uKRYt4SOExgrDOe09lrUF+7oFDbfplz3Bj3d0iJj9u3b+/0DeLK7acFcIMBdVSgD HjtbftWd55eDLhYTszS5suNXOo5EEsbzl5iEft+WQvuv8++SNdbEGxSjA0tRDpEE 39rF+59lGEXMNKGhGHdFFbmbCfUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSF21ph wvDmB2XdSnXH3HTBpI6m0TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p9YwDQYJKoZIhvcNAQELBQADggEBAJvemDpTaAN9QqSHQePsgyaJZjl26OsvCRkV 5Ve39znFKivcMfiutNP/u794NcjLFtHu9n4bhWQcq+woR+DyMRUjvUp5KFfaHyIJ fFupZmjXQwAepxvI6dLtRBfF7Cf/OX2qTsXhQq+P4kMSWP4tetyNt36r2GN5Ytpa 2MI7OtharCSdQBCM4T+HpBGCWnYJjG5PPip4CEiynwgO9K7O6q2/eW3ZL2IfL6ff ySUr86UOJE6C6KHVTd1oNwr7d0+qCwjvfMLFQm8xp0uDnVGlzdop9eGUlwwkV5Mr 0XbtC43caB7bgsZA3AoLZntDolFsJifAoxOLqnbNIbgvTj4s+bk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:41 2026 by rpki-client