$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144714.roa File: AS144714.roa (raw, json) Hash identifier: GjmXHMxjI9UD5CHo411LDHqklFpea+V5h/mupkMYD9g= Subject key identifier: 52:7B:A8:93:F3:88:A4:60:17:EA:13:35:75:68:B1:15:86:3F:5C:33 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A4454DB565137EE89CBE2B52ABAFE4763443E75 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144714.roa Signing time: Wed 04 Mar 2026 06:20:30 +0000 ROA not before: Wed 04 Mar 2026 06:15:30 +0000 ROA not after: Wed 03 Mar 2027 06:20:30 +0000 asID: 144714 IP address blocks: 240a:a810::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:44:54:db:56:51:37:ee:89:cb:e2:b5:2a:ba:fe:47:63:44:3e:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:30 2026 GMT Not After : Mar 3 06:20:30 2027 GMT Subject: CN=527BA893F388A46017EA13357568B115863F5C33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:20:04:24:02:b5:3c:5c:52:7e:f4:da:e0:75: 05:32:15:69:80:7c:9f:a6:55:d0:88:50:4c:98:5c: 95:38:1c:37:72:a9:d1:74:a1:1b:79:89:89:0b:d9: a1:01:b4:af:9d:59:85:66:32:8f:b6:58:ab:f2:05: 46:d6:de:a1:9c:11:be:c7:a0:47:83:eb:a4:e8:76: d6:72:e0:ca:9c:68:32:c5:36:42:d1:15:40:a1:79: a0:2b:94:d1:65:f0:86:f1:0d:fd:5d:6e:72:f8:c4: 07:11:fc:00:ef:92:56:b6:5b:5c:68:35:0c:c0:69: ff:64:43:4a:3b:37:ea:ef:1e:f3:43:6c:0f:05:05: 1b:0a:42:7e:0c:0a:ce:0f:19:c5:e6:d8:64:d4:55: ac:9b:40:c8:2c:01:c9:1e:ed:d3:65:a3:09:a7:3c: 26:91:b8:99:bd:e4:e1:16:61:a5:1b:a4:c4:ba:ff: ca:a4:e4:18:ae:82:53:54:47:d6:28:72:46:bd:16: 55:0d:fe:e9:52:10:50:13:42:02:a8:3b:1e:86:4f: 37:5e:bf:7f:3d:e2:69:2c:2e:d2:c4:86:c9:9d:44: 90:95:9f:3a:23:a7:5f:13:51:17:f5:7a:ae:28:3c: b1:d7:24:3a:60:55:e1:a6:f8:1e:35:cb:75:39:d9: cb:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:7B:A8:93:F3:88:A4:60:17:EA:13:35:75:68:B1:15:86:3F:5C:33 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144714.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a810::/32 Signature Algorithm: sha256WithRSAEncryption b6:44:d9:29:00:6b:10:aa:a9:ab:7f:70:52:51:13:66:38:f0: 42:9c:81:66:40:19:65:70:ba:d4:17:89:b5:b9:4b:f6:c8:19: 2b:26:dc:18:04:94:4f:b7:1a:af:36:93:68:46:6a:b3:63:44: 53:de:84:39:04:56:e9:01:46:01:b5:09:31:11:7c:e7:16:cc: 5e:82:60:d9:cf:83:53:eb:f8:54:1e:e6:88:0b:10:d3:1d:f8: bc:16:5a:8b:36:45:21:ce:37:b3:dc:52:cf:79:c9:1b:51:48: 80:de:84:3e:3e:0b:2b:c1:14:4e:cb:f1:95:df:04:3f:bf:a7: 90:57:de:be:81:11:18:18:c4:d7:22:06:90:39:16:ea:4b:95: 26:da:fd:10:af:fa:1f:7b:7d:40:d9:af:8e:1d:5b:c1:27:a9: 41:64:32:94:30:cf:07:1d:00:9b:a8:ec:d2:3e:30:01:b8:42: 28:2e:1a:34:1b:d4:91:48:2a:ba:d7:bb:ca:b7:e4:c4:2c:9a: f7:98:14:97:d8:29:6d:ec:64:6b:2f:1a:32:0a:b3:e0:e8:3f: 46:72:a6:15:d2:4e:85:1f:e1:57:4c:48:a0:9c:07:af:41:db: c6:4e:1c:72:c9:1a:ce:5f:d2:f8:cc:47:99:22:69:7a:bd:fc: 36:21:c6:fd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWkRU21ZRN+6Jy+K1Krr+R2NEPnUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzMFoX DTI3MDMwMzA2MjAzMFowMzExMC8GA1UEAxMoNTI3QkE4OTNGMzg4QTQ2MDE3RUEx MzM1NzU2OEIxMTU4NjNGNUMzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOwgBCQCtTxcUn702uB1BTIVaYB8n6ZV0IhQTJhclTgcN3Kp0XShG3mJiQvZ oQG0r51ZhWYyj7ZYq/IFRtbeoZwRvsegR4PrpOh21nLgypxoMsU2QtEVQKF5oCuU 0WXwhvEN/V1ucvjEBxH8AO+SVrZbXGg1DMBp/2RDSjs36u8e80NsDwUFGwpCfgwK zg8ZxebYZNRVrJtAyCwByR7t02WjCac8JpG4mb3k4RZhpRukxLr/yqTkGK6CU1RH 1ihyRr0WVQ3+6VIQUBNCAqg7HoZPN16/fz3iaSwu0sSGyZ1EkJWfOiOnXxNRF/V6 rig8sdckOmBV4ab4HjXLdTnZy4cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRSe6iT 84ikYBfqEzV1aLEVhj9cMzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDcxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qBAwDQYJKoZIhvcNAQELBQADggEBALZE2SkAaxCqqat/cFJRE2Y48EKcgWZAGWVw utQXibW5S/bIGSsm3BgElE+3Gq82k2hGarNjRFPehDkEVukBRgG1CTERfOcWzF6C YNnPg1Pr+FQe5ogLENMd+LwWWos2RSHON7PcUs95yRtRSIDehD4+CyvBFE7L8ZXf BD+/p5BX3r6BERgYxNciBpA5FupLlSba/RCv+h97fUDZr44dW8EnqUFkMpQwzwcd AJuo7NI+MAG4QiguGjQb1JFIKrrXu8q35MQsmveYFJfYKW3sZGsvGjIKs+DoP0Zy phXSToUf4VdMSKCcB69B28ZOHHLJGs5f0vjMR5kiaXq9/DYhxv0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:10 2026 by rpki-client