$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144711.roa File: AS144711.roa (raw, json) Hash identifier: cwiEdh8ekujXe0UoZvUy92hZksK5jUiD+RM3jLHnd28= Subject key identifier: 2C:9C:6A:73:F4:F8:4B:FE:3B:A2:AA:CA:CD:A6:1A:38:2C:CA:EA:D6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6EF6BE9930500F76AA6B453218B8493572FDAD07 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144711.roa Signing time: Wed 04 Mar 2026 06:22:05 +0000 ROA not before: Wed 04 Mar 2026 06:17:05 +0000 ROA not after: Wed 03 Mar 2027 06:22:05 +0000 asID: 144711 IP address blocks: 240a:a80d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:f6:be:99:30:50:0f:76:aa:6b:45:32:18:b8:49:35:72:fd:ad:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:05 2026 GMT Not After : Mar 3 06:22:05 2027 GMT Subject: CN=2C9C6A73F4F84BFE3BA2AACACDA61A382CCAEAD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:9d:05:e3:67:1a:a1:75:18:33:66:ca:8d:5e: 96:8f:b5:ab:93:64:86:42:1a:13:14:d2:6c:c3:63: f5:05:04:6e:4e:5b:65:27:68:c9:4b:53:eb:9d:c6: cb:dd:d8:88:67:fd:48:d7:bd:18:02:53:4d:76:e7: 8c:08:03:99:de:35:5d:fa:73:b8:a0:be:30:cb:28: 5e:9f:09:8c:4f:a4:8d:65:24:6c:1d:e5:b9:21:13: 19:ec:26:06:93:0f:01:35:ff:44:74:a1:57:f7:52: 63:a9:25:91:58:19:bf:4e:3d:7a:fa:fc:14:4d:2b: eb:ff:5f:29:ba:01:ba:86:3c:0c:9f:c7:35:30:6c: 9c:60:54:a4:13:d2:d0:88:ea:7a:c9:02:c9:9f:63: 9a:4f:02:c0:c9:a2:66:55:26:a7:d1:fc:47:d3:81: 92:de:a6:37:b4:4c:1a:14:c5:d7:99:f1:0f:ea:6c: 15:24:5e:a0:67:68:b5:db:5e:b5:d8:70:1f:86:cb: 6a:6a:98:a8:c4:8f:6b:82:ef:02:0b:a3:7d:9e:ec: 93:df:6e:a6:a5:72:74:e3:54:09:b6:54:47:c2:ee: 92:26:e2:a7:8a:5a:b1:c3:af:e2:76:ad:da:e4:f4: 23:4f:06:7b:af:0d:38:11:7f:9f:22:03:9e:35:83: a7:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:9C:6A:73:F4:F8:4B:FE:3B:A2:AA:CA:CD:A6:1A:38:2C:CA:EA:D6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144711.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a80d::/32 Signature Algorithm: sha256WithRSAEncryption 15:c0:31:c6:eb:f7:20:9a:12:4e:7b:9d:ed:3b:26:f1:c5:d1: 8e:d2:53:1d:8a:11:af:71:d8:9b:93:3a:3a:5e:26:0f:a2:c4: e2:c8:a2:ce:7f:d5:3f:41:e6:28:70:8f:85:a4:90:9d:41:f4: 06:68:0a:c1:f2:ab:0e:08:e0:61:8d:eb:42:d9:c3:15:92:ea: ed:a4:bb:a6:86:95:57:2e:40:90:ee:d7:9a:11:57:c7:e8:30: 47:84:44:72:00:2c:a0:33:f1:9f:5a:06:a4:a7:43:ca:fa:c2: 92:cc:78:f7:16:45:e3:ed:96:9c:85:db:c6:bf:0b:50:df:0d: c9:e6:90:a2:c0:e0:e8:6d:ee:69:0e:4a:db:d3:84:43:95:b8: bf:54:47:5c:5e:4b:c1:13:4c:93:f7:89:bd:1f:78:f4:03:7a: c3:db:5e:0e:bd:5d:af:65:5e:1f:8d:0d:9b:80:8f:70:25:61: 4e:b4:a6:4d:0d:d3:ba:de:a0:16:c0:be:47:c2:dd:ff:ba:6e: f5:e3:fa:71:dd:94:6d:f0:1d:73:dd:39:93:0b:4d:0e:c6:f3: aa:70:c5:50:60:3d:99:04:55:4b:f0:3d:b8:6c:eb:ec:55:1c: 1f:4a:63:9d:6c:6d:d8:00:ec:87:8f:00:01:ff:dc:5d:1b:59: ef:ce:e0:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbva+mTBQD3aqa0UyGLhJNXL9rQcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwNVoX DTI3MDMwMzA2MjIwNVowMzExMC8GA1UEAxMoMkM5QzZBNzNGNEY4NEJGRTNCQTJB QUNBQ0RBNjFBMzgyQ0NBRUFENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANCdBeNnGqF1GDNmyo1elo+1q5NkhkIaExTSbMNj9QUEbk5bZSdoyUtT653G y93YiGf9SNe9GAJTTXbnjAgDmd41XfpzuKC+MMsoXp8JjE+kjWUkbB3luSETGewm BpMPATX/RHShV/dSY6klkVgZv049evr8FE0r6/9fKboBuoY8DJ/HNTBsnGBUpBPS 0IjqeskCyZ9jmk8CwMmiZlUmp9H8R9OBkt6mN7RMGhTF15nxD+psFSReoGdotdte tdhwH4bLamqYqMSPa4LvAgujfZ7sk99upqVydONUCbZUR8Lukibip4pascOv4nat 2uT0I08Ge68NOBF/nyIDnjWDpwMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQsnGpz 9PhL/juiqsrNpho4LMrq1jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDcxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qA0wDQYJKoZIhvcNAQELBQADggEBABXAMcbr9yCaEk57ne07JvHF0Y7SUx2KEa9x 2JuTOjpeJg+ixOLIos5/1T9B5ihwj4WkkJ1B9AZoCsHyqw4I4GGN60LZwxWS6u2k u6aGlVcuQJDu15oRV8foMEeERHIALKAz8Z9aBqSnQ8r6wpLMePcWRePtlpyF28a/ C1DfDcnmkKLA4Oht7mkOStvThEOVuL9UR1xeS8ETTJP3ib0fePQDesPbXg69Xa9l Xh+NDZuAj3AlYU60pk0N07reoBbAvkfC3f+6bvXj+nHdlG3wHXPdOZMLTQ7G86pw xVBgPZkEVUvwPbhs6+xVHB9KY51sbdgA7IePAAH/3F0bWe/O4NY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:57 2026 by rpki-client