$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144744.roa File: AS144744.roa (raw, json) Hash identifier: 6mntnEL/Lyw4O8XBCx0RTyDeQJimWfQyVKDyUqxz2y0= Subject key identifier: 2C:60:77:7C:AA:1C:B2:B9:6E:03:DA:C1:16:6C:1F:D9:50:A2:BE:22 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 48DD2029CB0C618C7DF3E4315047CE5D8473C591 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144744.roa Signing time: Wed 04 Mar 2026 06:22:30 +0000 ROA not before: Wed 04 Mar 2026 06:17:30 +0000 ROA not after: Wed 03 Mar 2027 06:22:30 +0000 asID: 144744 IP address blocks: 240a:a82e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:dd:20:29:cb:0c:61:8c:7d:f3:e4:31:50:47:ce:5d:84:73:c5:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:30 2026 GMT Not After : Mar 3 06:22:30 2027 GMT Subject: CN=2C60777CAA1CB2B96E03DAC1166C1FD950A2BE22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:06:a5:21:3a:b6:63:f2:5b:7c:6a:90:ad:63: b2:63:96:9d:34:7b:9b:26:e5:10:65:c6:5e:dc:f1: e8:69:39:76:e4:22:3f:f4:c8:62:26:9f:ba:70:08: 99:59:3b:08:22:95:5c:c8:a6:a4:ff:24:68:c5:d7: b2:c3:6c:e3:f0:3b:0a:f8:bd:5c:e2:8e:3d:7f:c9: 07:1b:d8:eb:87:bb:dd:86:ae:e2:b1:68:1f:16:8b: 09:d5:02:4a:20:4b:9d:53:3d:e5:64:5e:a6:de:9e: d0:92:cc:d5:43:a3:43:94:d7:fb:c2:79:08:f4:63: 1e:91:9d:6b:24:d7:e1:48:bf:d1:08:be:18:c2:33: 96:42:35:8a:92:d9:e4:4f:98:43:0e:31:3f:e8:5b: a6:db:28:17:f6:95:0c:3f:e6:91:e9:2f:eb:01:f3: be:0d:b1:20:5a:c6:da:32:e7:35:08:18:43:06:61: 1c:4f:1e:ee:63:2b:53:a5:f2:3f:c9:7b:f7:23:14: d9:e9:e2:53:e4:58:5b:f7:62:05:94:9c:e9:cd:63: b7:a1:a6:67:db:72:a4:11:df:35:42:95:1e:ff:bb: 39:cd:ed:02:db:b5:4a:c2:e4:33:98:0b:35:0b:8c: c3:a2:2e:4c:ca:2b:26:4f:a3:84:f9:0a:82:dc:2e: 2a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:60:77:7C:AA:1C:B2:B9:6E:03:DA:C1:16:6C:1F:D9:50:A2:BE:22 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144744.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a82e::/32 Signature Algorithm: sha256WithRSAEncryption 16:3c:ef:cc:2c:36:c7:9e:b2:27:9a:e8:dd:58:c1:1e:4e:dd: f1:36:89:b9:c9:e1:4d:dc:59:7a:da:1e:d0:70:c3:b3:eb:af: ef:68:86:ad:c4:44:1a:2f:ec:c0:d0:eb:a2:f1:b6:ff:29:d1: 23:f1:fd:b8:d2:66:e9:ed:ad:84:e0:f5:92:eb:af:14:fc:a5: a8:fc:0c:46:76:d0:46:41:db:d7:62:17:dc:7f:a2:41:8b:a8: 6c:d0:5f:f1:36:cb:b9:20:73:90:70:0b:23:d0:bd:86:b7:fd: 3f:3b:41:5e:49:2f:4e:8b:dd:69:97:83:5b:38:0f:8b:cd:bd: 32:bc:a8:7a:05:4a:ef:4b:e9:1e:57:84:02:ac:72:ab:1c:d2: 5d:64:ba:96:cb:79:b3:f1:13:ad:c9:f4:53:20:a4:0e:9f:46: b6:9a:ef:72:c8:1a:7b:0d:f4:c1:a7:73:28:81:fc:73:35:37: 1a:62:23:9d:e8:40:d5:40:d5:1c:bc:58:50:a1:40:f2:60:f3: 16:60:6f:df:6e:23:9a:64:c7:80:e2:4b:b1:4c:b1:9b:df:2c: 8d:16:2a:7e:14:89:3a:6b:23:20:b2:d8:46:9e:c4:47:8b:df: 01:10:2b:fd:53:8e:26:b0:0f:76:4f:d3:06:55:57:5a:8a:27: 43:e1:0c:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSN0gKcsMYYx98+QxUEfOXYRzxZEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczMFoX DTI3MDMwMzA2MjIzMFowMzExMC8GA1UEAxMoMkM2MDc3N0NBQTFDQjJCOTZFMDNE QUMxMTY2QzFGRDk1MEEyQkUyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQGpSE6tmPyW3xqkK1jsmOWnTR7myblEGXGXtzx6Gk5duQiP/TIYiafunAI mVk7CCKVXMimpP8kaMXXssNs4/A7Cvi9XOKOPX/JBxvY64e73Yau4rFoHxaLCdUC SiBLnVM95WRept6e0JLM1UOjQ5TX+8J5CPRjHpGdayTX4Ui/0Qi+GMIzlkI1ipLZ 5E+YQw4xP+hbptsoF/aVDD/mkekv6wHzvg2xIFrG2jLnNQgYQwZhHE8e7mMrU6Xy P8l79yMU2eniU+RYW/diBZSc6c1jt6GmZ9typBHfNUKVHv+7Oc3tAtu1SsLkM5gL NQuMw6IuTMorJk+jhPkKgtwuKo0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQsYHd8 qhyyuW4D2sEWbB/ZUKK+IjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDc0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qC4wDQYJKoZIhvcNAQELBQADggEBABY878wsNseesiea6N1YwR5O3fE2ibnJ4U3c WXraHtBww7Prr+9ohq3ERBov7MDQ66Lxtv8p0SPx/bjSZuntrYTg9ZLrrxT8paj8 DEZ20EZB29diF9x/okGLqGzQX/E2y7kgc5BwCyPQvYa3/T87QV5JL06L3WmXg1s4 D4vNvTK8qHoFSu9L6R5XhAKscqsc0l1kupbLebPxE63J9FMgpA6fRraa73LIGnsN 9MGncyiB/HM1NxpiI53oQNVA1Ry8WFChQPJg8xZgb99uI5pkx4DiS7FMsZvfLI0W Kn4UiTprIyCy2EaexEeL3wEQK/1TjiawD3ZP0wZVV1qKJ0PhDAg= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:37 2026 by rpki-client