$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144697.roa File: AS144697.roa (raw, json) Hash identifier: m5AwKkskAovydIxI9bTiYZi1Pzha3bgZ+Q6RZi3FZ8Q= Subject key identifier: 4B:21:B9:CB:56:EE:EB:C2:58:8B:03:C0:CF:F2:3A:95:8C:69:A9:4D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6241EFB1AE50F9DAEC36BC2F462E7FB5D6F1CB38 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144697.roa Signing time: Wed 04 Mar 2026 06:22:25 +0000 ROA not before: Wed 04 Mar 2026 06:17:25 +0000 ROA not after: Wed 03 Mar 2027 06:22:25 +0000 asID: 144697 IP address blocks: 240a:a7ff::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:41:ef:b1:ae:50:f9:da:ec:36:bc:2f:46:2e:7f:b5:d6:f1:cb:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:25 2026 GMT Not After : Mar 3 06:22:25 2027 GMT Subject: CN=4B21B9CB56EEEBC2588B03C0CFF23A958C69A94D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ea:77:a0:f6:3a:ca:be:05:fb:96:c2:31:25: a8:c6:6c:54:16:ac:6e:79:6c:89:5e:45:93:e5:c3: 4c:6b:62:4a:82:03:39:c3:e4:a7:c7:a2:c1:9a:fe: 74:0f:15:01:1a:73:57:81:bb:ce:62:26:86:59:0f: 58:80:4b:00:49:19:66:4d:57:2d:d2:3d:cc:dc:3e: f5:4f:64:b1:d1:54:04:56:08:17:a7:a6:17:38:96: 6e:61:d9:7a:b7:6f:3d:d6:25:17:d4:2d:78:9a:c5: 37:a6:26:2e:5f:38:e1:74:82:a8:4c:53:99:4f:ea: 1b:c5:e7:2f:a9:ec:5f:3a:db:51:b4:4d:e2:6b:0e: 06:d0:d6:2a:72:67:65:63:3e:06:84:3e:37:e7:d7: 25:87:cf:c8:e1:dc:f1:ef:a8:dc:0b:fe:95:68:43: 53:5b:2d:bd:3a:6a:bb:6b:cd:86:7c:ed:90:f5:8a: fa:1c:29:bb:19:6d:16:05:ee:a2:27:10:58:e1:fd: 64:63:ee:71:46:81:95:9a:c6:16:20:23:77:76:44: 1a:e5:ca:fa:75:59:d4:2c:09:36:8c:4c:fc:e1:89: 22:48:c7:f1:e9:0d:62:f8:b5:9d:10:2d:dc:bd:d6: 3d:d6:7c:fe:d5:28:8a:fb:3b:3b:ff:61:8b:3d:30: 60:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:21:B9:CB:56:EE:EB:C2:58:8B:03:C0:CF:F2:3A:95:8C:69:A9:4D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144697.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7ff::/32 Signature Algorithm: sha256WithRSAEncryption 2e:c8:ce:6c:ff:e2:61:02:80:9f:27:4e:a9:38:a8:e2:56:6c: f6:c3:a0:17:79:ee:c7:0e:ed:51:be:e1:8d:49:d1:09:d6:7a: 5c:98:63:e9:37:cb:d8:f5:bf:a1:db:89:78:95:b8:d8:64:70: 32:ce:85:dd:9a:eb:85:18:58:7b:17:f0:50:5b:d2:39:18:45: 44:54:b7:42:57:bc:d4:5e:a1:e3:3d:3d:3f:26:cb:49:41:be: 7b:1d:25:c3:da:d5:5b:61:98:32:ca:f0:f8:9c:ce:25:09:01: 35:a8:26:ed:53:18:d5:5b:7a:51:d4:d4:f6:8c:7b:3c:e7:7a: e3:71:d5:4e:ca:f2:fd:ec:7b:54:83:54:9e:b6:27:de:5c:c1: 4c:95:bb:97:d5:34:83:59:27:83:fe:3e:e2:a4:76:b1:02:79: 75:c6:ec:f8:a3:50:80:8a:2b:ee:db:2a:dc:9d:89:a5:fc:10: 7a:8a:bf:98:96:11:9e:c7:ea:49:bf:8d:5d:fd:3e:59:fe:22: f1:2c:e6:69:d3:4f:2c:b5:2b:87:12:12:4c:89:b4:ab:ef:8b: dd:2e:42:03:7f:92:32:e3:76:8e:e5:77:31:4f:75:b7:0f:c0: 1c:fa:1d:8f:a7:02:c2:15:2f:f7:01:9c:88:c0:fa:1a:88:9e: 09:24:95:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYkHvsa5Q+drsNrwvRi5/tdbxyzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyNVoX DTI3MDMwMzA2MjIyNVowMzExMC8GA1UEAxMoNEIyMUI5Q0I1NkVFRUJDMjU4OEIw M0MwQ0ZGMjNBOTU4QzY5QTk0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbqd6D2Osq+BfuWwjElqMZsVBasbnlsiV5Fk+XDTGtiSoIDOcPkp8eiwZr+ dA8VARpzV4G7zmImhlkPWIBLAEkZZk1XLdI9zNw+9U9ksdFUBFYIF6emFziWbmHZ erdvPdYlF9QteJrFN6YmLl844XSCqExTmU/qG8XnL6nsXzrbUbRN4msOBtDWKnJn ZWM+BoQ+N+fXJYfPyOHc8e+o3Av+lWhDU1stvTpqu2vNhnztkPWK+hwpuxltFgXu oicQWOH9ZGPucUaBlZrGFiAjd3ZEGuXK+nVZ1CwJNoxM/OGJIkjH8ekNYvi1nRAt 3L3WPdZ8/tUoivs7O/9hiz0wYJUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRLIbnL Vu7rwliLA8DP8jqVjGmpTTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p/8wDQYJKoZIhvcNAQELBQADggEBAC7Izmz/4mECgJ8nTqk4qOJWbPbDoBd57scO 7VG+4Y1J0QnWelyYY+k3y9j1v6HbiXiVuNhkcDLOhd2a64UYWHsX8FBb0jkYRURU t0JXvNReoeM9PT8my0lBvnsdJcPa1VthmDLK8PicziUJATWoJu1TGNVbelHU1PaM ezzneuNx1U7K8v3se1SDVJ62J95cwUyVu5fVNINZJ4P+PuKkdrECeXXG7PijUICK K+7bKtydiaX8EHqKv5iWEZ7H6km/jV39Pln+IvEs5mnTTyy1K4cSEkyJtKvvi90u QgN/kjLjdo7ldzFPdbcPwBz6HY+nAsIVL/cBnIjA+hqIngkklZA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:11 2026 by rpki-client