$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144736.roa File: AS144736.roa (raw, json) Hash identifier: 0V88ujWJXQQtgJjjC8wBekvN8HWWVn87brGLG4fT+Lk= Subject key identifier: D0:38:79:E2:80:12:C8:BB:30:67:9B:C9:50:2A:89:24:34:69:D6:AA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15AF4F0CD8F113CA004EC0221C9E50C79624DF58 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144736.roa Signing time: Wed 04 Mar 2026 06:21:14 +0000 ROA not before: Wed 04 Mar 2026 06:16:14 +0000 ROA not after: Wed 03 Mar 2027 06:21:14 +0000 asID: 144736 IP address blocks: 240a:a826::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:af:4f:0c:d8:f1:13:ca:00:4e:c0:22:1c:9e:50:c7:96:24:df:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:14 2026 GMT Not After : Mar 3 06:21:14 2027 GMT Subject: CN=D03879E28012C8BB30679BC9502A89243469D6AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:1b:6c:64:2f:c5:6a:98:17:c2:4a:6d:9e:64: 71:16:46:9e:ef:0e:75:d8:dc:e1:78:70:6c:ec:9f: b5:b2:4b:f5:0e:cf:7e:ea:37:76:a5:b7:f0:52:a7: f9:e9:b4:78:86:93:d7:a2:22:96:26:54:b7:a2:e1: 1b:b0:6e:e9:a9:0a:77:f9:ae:75:8c:cf:78:aa:66: 85:bd:9c:a6:10:82:32:f5:30:6f:6e:51:73:64:51: 22:73:b7:da:f0:8a:ef:ef:d0:82:9e:29:b5:df:44: b1:2a:dd:fb:82:9a:db:ad:15:ba:dc:d7:24:8f:89: a6:83:ed:05:95:e6:8f:a8:fd:35:6d:14:2d:9c:b7: 31:c4:5c:95:7f:e6:5e:24:08:90:dd:8b:8a:5a:7f: d0:1f:f6:44:8c:49:f2:54:2e:ee:13:f5:98:27:79: a6:45:73:63:a6:89:08:ed:f2:ed:a0:97:1b:81:14: 73:c1:c9:ce:98:39:62:70:13:ae:74:5f:06:86:27: 99:c3:e8:a3:80:dc:b3:47:28:c1:93:53:6f:50:93: 10:9a:0b:58:67:90:74:b4:a2:03:20:3e:ec:00:4f: b8:6d:39:93:52:78:62:c4:be:40:bc:c3:fe:ea:e7: b7:4e:12:56:91:0c:06:0c:6d:d4:8a:d5:10:cc:7e: ec:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:38:79:E2:80:12:C8:BB:30:67:9B:C9:50:2A:89:24:34:69:D6:AA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144736.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a826::/32 Signature Algorithm: sha256WithRSAEncryption b1:d3:43:1d:b9:7e:31:13:6a:39:23:77:ba:ec:44:b9:fc:dd: 3a:af:3c:e1:cc:ff:87:52:44:0d:15:08:3a:8b:e7:a6:8b:05: 5d:7d:da:9c:f9:25:76:77:79:c8:2c:29:8c:68:94:27:33:66: 3a:cf:d6:f4:c3:8e:df:cb:41:e6:c5:d2:dd:ed:99:98:55:91: ef:8f:f0:34:1c:8a:50:d7:e3:79:d6:dc:cd:fb:6e:b0:04:3f: 85:12:da:84:61:33:ee:68:92:8b:c6:11:96:07:12:d7:e6:c6: b1:0c:1e:b3:a6:e5:7f:39:59:dc:ff:01:07:e5:77:44:32:97: 92:5a:71:eb:bb:39:85:47:7a:d1:3a:d6:a3:67:a4:f8:21:20: c6:45:92:6d:8c:61:4c:7d:b2:3e:63:ee:9b:01:d7:d9:72:2f: d0:c8:0e:31:ff:0b:1f:e8:a0:74:cc:da:07:36:59:0f:ff:20: f6:82:60:13:4d:f8:eb:04:64:9a:8c:13:f4:e3:c2:25:9a:22: ab:0d:f5:5c:e3:35:1e:71:48:cc:02:42:02:9a:1a:55:7b:78: 6d:c8:f6:c4:5e:c9:2a:47:fa:79:76:99:46:f2:05:9c:a2:59: ce:4e:81:c8:bc:6c:f2:62:ff:ee:ca:3c:09:be:5a:72:44:b6: 19:a1:2d:26 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFa9PDNjxE8oATsAiHJ5Qx5Yk31gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxNFoX DTI3MDMwMzA2MjExNFowMzExMC8GA1UEAxMoRDAzODc5RTI4MDEyQzhCQjMwNjc5 QkM5NTAyQTg5MjQzNDY5RDZBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQbbGQvxWqYF8JKbZ5kcRZGnu8Oddjc4XhwbOyftbJL9Q7Pfuo3dqW38FKn +em0eIaT16IiliZUt6LhG7Bu6akKd/mudYzPeKpmhb2cphCCMvUwb25Rc2RRInO3 2vCK7+/Qgp4ptd9EsSrd+4Ka260VutzXJI+JpoPtBZXmj6j9NW0ULZy3McRclX/m XiQIkN2Lilp/0B/2RIxJ8lQu7hP1mCd5pkVzY6aJCO3y7aCXG4EUc8HJzpg5YnAT rnRfBoYnmcPoo4Dcs0cowZNTb1CTEJoLWGeQdLSiAyA+7ABPuG05k1J4YsS+QLzD /urnt04SVpEMBgxt1IrVEMx+7BkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQOHni gBLIuzBnm8lQKokkNGnWqjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDczNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qCYwDQYJKoZIhvcNAQELBQADggEBALHTQx25fjETajkjd7rsRLn83TqvPOHM/4dS RA0VCDqL56aLBV192pz5JXZ3ecgsKYxolCczZjrP1vTDjt/LQebF0t3tmZhVke+P 8DQcilDX43nW3M37brAEP4US2oRhM+5okovGEZYHEtfmxrEMHrOm5X85Wdz/AQfl d0Qyl5Jaceu7OYVHetE61qNnpPghIMZFkm2MYUx9sj5j7psB19lyL9DIDjH/Cx/o oHTM2gc2WQ//IPaCYBNN+OsEZJqME/TjwiWaIqsN9VzjNR5xSMwCQgKaGlV7eG3I 9sReySpH+nl2mUbyBZyiWc5Ogci8bPJi/+7KPAm+WnJEthmhLSY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:05 2026 by rpki-client