$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144685.roa File: AS144685.roa (raw, json) Hash identifier: WUvqlLI2bSI9jlf0uyv24EeFDfelkmFBSWLhC7JR4hY= Subject key identifier: EA:8D:3E:07:D5:3D:0B:C6:CA:E3:60:48:37:4F:F7:A7:52:0A:2E:A2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 62941FBA169A62BDE5341AEB5DB31ED6789AD6DA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144685.roa Signing time: Wed 04 Mar 2026 06:19:54 +0000 ROA not before: Wed 04 Mar 2026 06:14:54 +0000 ROA not after: Wed 03 Mar 2027 06:19:54 +0000 asID: 144685 IP address blocks: 240a:a7f3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:94:1f:ba:16:9a:62:bd:e5:34:1a:eb:5d:b3:1e:d6:78:9a:d6:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:54 2026 GMT Not After : Mar 3 06:19:54 2027 GMT Subject: CN=EA8D3E07D53D0BC6CAE36048374FF7A7520A2EA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:c2:5f:cd:bf:ab:2e:94:ec:ba:01:8a:36:c1: a5:c2:d3:44:d7:2e:03:83:45:12:df:12:df:67:50: 68:25:37:92:d8:3c:3c:d5:e0:e4:66:de:fe:c2:63: f9:9e:84:20:04:d1:21:fd:ce:65:55:43:fa:59:46: 94:12:28:15:22:49:e7:12:94:bd:70:95:10:72:13: 52:9b:93:bd:43:ea:e0:ab:9e:e5:bb:a0:83:1b:2d: 1f:3b:52:fc:12:e0:ef:03:75:60:dc:5e:53:cd:07: 67:2c:88:63:06:11:2f:e7:9c:41:a5:68:0b:61:83: b7:6d:db:60:62:2f:1c:1c:bb:e5:8a:a1:a0:2d:66: ac:95:38:57:e0:a4:3c:3c:69:98:fc:37:93:d6:39: a8:f9:56:cb:2d:5a:26:0e:5a:c7:33:c1:31:18:11: 97:d4:dd:19:82:f1:94:e3:5f:a9:8c:f4:06:3b:f7: c3:71:82:8b:c4:30:a3:88:27:5f:b9:63:d0:6f:00: 79:02:69:a0:ce:c0:55:c5:06:a6:5d:52:cd:b6:16: 2a:a9:24:84:e6:49:57:ed:05:e2:f9:33:84:86:79: 41:6d:82:b3:9f:34:0e:f2:71:bd:c5:20:97:34:fc: 25:4a:9c:18:df:39:f4:ae:1a:34:64:bb:72:b7:21: 28:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:8D:3E:07:D5:3D:0B:C6:CA:E3:60:48:37:4F:F7:A7:52:0A:2E:A2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144685.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7f3::/32 Signature Algorithm: sha256WithRSAEncryption 03:fb:74:63:25:72:58:05:8d:64:5a:25:a1:bb:10:9c:a8:6d: 5b:b7:29:e3:5f:84:c5:25:60:9b:81:5f:d2:05:99:69:21:13: bf:53:51:7a:1f:f2:cc:37:1c:33:0f:68:d9:7c:b6:cb:31:31: fe:e0:46:ec:90:40:c1:69:2f:7f:28:7d:db:98:ef:c0:bc:76: 00:d9:41:96:11:f7:c5:24:d1:51:12:d7:3d:bd:29:33:e5:20: 7a:c1:dd:44:f6:98:db:ec:11:38:91:12:26:f4:88:e2:f7:7b: c8:09:8e:b6:31:0f:25:71:82:50:e8:c8:1b:2c:c6:b7:9a:3a: 43:4e:39:44:c3:04:d9:a7:44:ad:76:b0:c9:9b:0b:ac:64:97: c9:ad:a3:46:46:07:fd:0f:e7:39:a3:7f:7a:ad:37:fb:88:f0: ae:f0:ca:e8:8a:b8:ac:ab:7d:c1:a7:14:d4:fb:24:99:85:03: 90:e7:6b:57:0a:1f:51:ce:04:96:de:0c:d2:d2:1d:41:03:32: e6:37:f5:88:4f:4b:03:2b:ff:52:1d:48:ff:02:f7:52:f1:79: 61:2e:67:3c:d1:65:77:94:22:18:13:d0:6a:6d:0a:52:93:81: 9a:a7:16:eb:bb:f3:0f:78:01:ad:05:00:ce:49:fe:21:1f:6b: 47:00:bc:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYpQfuhaaYr3lNBrrXbMe1nia1towDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1NFoX DTI3MDMwMzA2MTk1NFowMzExMC8GA1UEAxMoRUE4RDNFMDdENTNEMEJDNkNBRTM2 MDQ4Mzc0RkY3QTc1MjBBMkVBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPnCX82/qy6U7LoBijbBpcLTRNcuA4NFEt8S32dQaCU3ktg8PNXg5Gbe/sJj +Z6EIATRIf3OZVVD+llGlBIoFSJJ5xKUvXCVEHITUpuTvUPq4Kue5buggxstHztS /BLg7wN1YNxeU80HZyyIYwYRL+ecQaVoC2GDt23bYGIvHBy75YqhoC1mrJU4V+Ck PDxpmPw3k9Y5qPlWyy1aJg5axzPBMRgRl9TdGYLxlONfqYz0Bjv3w3GCi8Qwo4gn X7lj0G8AeQJpoM7AVcUGpl1SzbYWKqkkhOZJV+0F4vkzhIZ5QW2Cs580DvJxvcUg lzT8JUqcGN859K4aNGS7crchKKMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTqjT4H 1T0LxsrjYEg3T/enUgouojAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p/MwDQYJKoZIhvcNAQELBQADggEBAAP7dGMlclgFjWRaJaG7EJyobVu3KeNfhMUl YJuBX9IFmWkhE79TUXof8sw3HDMPaNl8tssxMf7gRuyQQMFpL38ofduY78C8dgDZ QZYR98Uk0VES1z29KTPlIHrB3UT2mNvsETiREib0iOL3e8gJjrYxDyVxglDoyBss xreaOkNOOUTDBNmnRK12sMmbC6xkl8mto0ZGB/0P5zmjf3qtN/uI8K7wyuiKuKyr fcGnFNT7JJmFA5Dna1cKH1HOBJbeDNLSHUEDMuY39YhPSwMr/1IdSP8C91LxeWEu ZzzRZXeUIhgT0GptClKTgZqnFuu78w94Aa0FAM5J/iEfa0cAvDI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:50 2026 by rpki-client