$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144748.roa File: AS144748.roa (raw, json) Hash identifier: CYb3Fs5xqIpXWCp7zUEpHlEg4AJhXvd2Oyx0WDXuK00= Subject key identifier: 34:0D:12:7E:66:5F:0F:2A:59:09:9E:F7:48:67:AB:2F:6A:30:46:C8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 71921C496DFFB0A0E5B84A0372B45B9B25EA008C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144748.roa Signing time: Wed 04 Mar 2026 06:21:57 +0000 ROA not before: Wed 04 Mar 2026 06:16:57 +0000 ROA not after: Wed 03 Mar 2027 06:21:57 +0000 asID: 144748 IP address blocks: 240a:a832::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:92:1c:49:6d:ff:b0:a0:e5:b8:4a:03:72:b4:5b:9b:25:ea:00:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:57 2026 GMT Not After : Mar 3 06:21:57 2027 GMT Subject: CN=340D127E665F0F2A59099EF74867AB2F6A3046C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:23:75:dd:d4:47:45:7b:e7:08:c5:3b:55:3b: bd:93:cc:09:80:82:e2:eb:b3:90:6c:30:7c:4d:c7: ac:71:2e:83:b1:1b:22:c4:02:a8:d9:cf:6c:3c:85: 5c:3b:dc:60:80:2b:1e:2b:ec:18:77:cf:d0:cb:37: e7:b9:6e:94:97:be:ce:ac:d6:0b:71:21:4e:8a:fe: 3f:bc:be:39:0c:3f:ba:33:dd:91:0c:16:d2:b9:49: 87:a7:39:06:e2:c1:c2:54:f9:0f:50:69:93:15:c8: 5f:1d:47:66:3a:fa:e4:29:68:d9:1b:e0:9c:02:15: 75:34:dc:d9:43:7e:c8:5c:8f:8f:d3:f8:bf:65:50: ce:62:d5:8e:29:a9:00:2e:8c:65:71:4d:d4:9c:2a: 3c:18:0e:9d:44:47:49:55:87:26:ab:cb:52:f3:ac: 0a:01:b4:b1:40:72:60:1a:86:00:7d:23:37:ee:fe: 39:ca:ff:bb:a4:a8:48:21:a2:2b:02:ee:ad:39:10: 95:c4:83:3d:d6:68:40:76:a8:f8:9f:bb:2c:17:26: b9:23:18:2f:e4:02:d8:c1:70:9d:42:85:ae:87:bf: 44:b7:58:cf:d3:cf:6b:b1:46:c2:1e:7d:a1:89:d8: 5f:e5:12:63:0a:9d:c9:1d:6d:55:6a:b6:b2:de:4f: 65:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:0D:12:7E:66:5F:0F:2A:59:09:9E:F7:48:67:AB:2F:6A:30:46:C8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144748.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a832::/32 Signature Algorithm: sha256WithRSAEncryption 23:8f:4d:d9:26:d7:d8:3e:3d:5c:8b:79:48:58:01:03:b1:fd: f2:4d:e9:26:82:7c:dd:ee:51:0b:29:07:62:66:1e:6b:31:72: 35:2a:58:b0:e0:0e:3d:4f:0e:7c:fd:fb:12:bd:c3:b2:ff:25: 98:0b:dc:f6:61:5b:6e:13:aa:1e:5e:19:02:ec:54:9d:45:8d: f4:91:f3:ab:1a:aa:20:94:98:2c:9e:ab:1d:34:de:6e:86:d0: be:97:72:7d:66:96:64:c5:66:4f:76:ee:3d:a7:43:a3:49:45: a7:4d:d0:cd:5c:2f:92:7c:ca:f1:47:34:10:e5:60:29:5d:31: ae:f7:bd:bc:b3:8e:86:a8:7f:e0:b4:2f:34:d0:4d:87:9a:f5: b8:f6:b3:f2:b7:cc:0d:9b:81:22:17:57:5e:a4:32:36:35:d8: 43:b9:d1:5f:8d:ad:ee:21:39:45:20:26:6d:08:2b:b0:74:00: 86:4e:86:0b:6a:bb:6d:5b:59:70:75:cd:6c:47:85:f0:77:ec: 2e:3c:0b:9c:d2:8e:c3:51:31:a9:e9:c0:10:1f:07:b1:f7:d0: 86:44:a9:91:5a:87:26:fa:08:59:ac:83:7a:f4:e3:fb:7b:63: 5f:5e:f7:ca:14:77:7d:f4:ee:ec:c5:ec:6d:1c:8e:5e:4d:f9: 5f:7a:ab:c4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcZIcSW3/sKDluEoDcrRbmyXqAIwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1N1oX DTI3MDMwMzA2MjE1N1owMzExMC8GA1UEAxMoMzQwRDEyN0U2NjVGMEYyQTU5MDk5 RUY3NDg2N0FCMkY2QTMwNDZDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcjdd3UR0V75wjFO1U7vZPMCYCC4uuzkGwwfE3HrHEug7EbIsQCqNnPbDyF XDvcYIArHivsGHfP0Ms357lulJe+zqzWC3EhTor+P7y+OQw/ujPdkQwW0rlJh6c5 BuLBwlT5D1BpkxXIXx1HZjr65Clo2RvgnAIVdTTc2UN+yFyPj9P4v2VQzmLVjimp AC6MZXFN1JwqPBgOnURHSVWHJqvLUvOsCgG0sUByYBqGAH0jN+7+Ocr/u6SoSCGi KwLurTkQlcSDPdZoQHao+J+7LBcmuSMYL+QC2MFwnUKFroe/RLdYz9PPa7FGwh59 oYnYX+USYwqdyR1tVWq2st5PZWcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ0DRJ+ Zl8PKlkJnvdIZ6svajBGyDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDc0OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qDIwDQYJKoZIhvcNAQELBQADggEBACOPTdkm19g+PVyLeUhYAQOx/fJN6SaCfN3u UQspB2JmHmsxcjUqWLDgDj1PDnz9+xK9w7L/JZgL3PZhW24Tqh5eGQLsVJ1FjfSR 86saqiCUmCyeqx003m6G0L6Xcn1mlmTFZk927j2nQ6NJRadN0M1cL5J8yvFHNBDl YCldMa73vbyzjoaof+C0LzTQTYea9bj2s/K3zA2bgSIXV16kMjY12EO50V+Nre4h OUUgJm0IK7B0AIZOhgtqu21bWXB1zWxHhfB37C48C5zSjsNRManpwBAfB7H30IZE qZFahyb6CFmsg3r04/t7Y19e98oUd3307uzF7G0cjl5N+V96q8Q= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:22 2026 by rpki-client