$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144787.roa File: AS144787.roa (raw, json) Hash identifier: Sim3BKRYYgdMzNmJTsMbQmz+nzc6m7nQQ8n1p2Rz0ao= Subject key identifier: E5:B9:0A:C3:3F:80:BE:64:74:94:A3:A5:27:28:D6:EF:6B:C8:C6:E6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 52A1C621570E1BF174AE6D9962653D8BB40104EB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144787.roa Signing time: Wed 04 Mar 2026 06:19:30 +0000 ROA not before: Wed 04 Mar 2026 06:14:30 +0000 ROA not after: Wed 03 Mar 2027 06:19:30 +0000 asID: 144787 IP address blocks: 240a:a859::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:a1:c6:21:57:0e:1b:f1:74:ae:6d:99:62:65:3d:8b:b4:01:04:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:30 2026 GMT Not After : Mar 3 06:19:30 2027 GMT Subject: CN=E5B90AC33F80BE647494A3A52728D6EF6BC8C6E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:92:c5:61:3d:8f:c7:1b:1b:52:34:b7:c9:3b: 17:bd:e0:b2:ef:0c:f0:17:8c:28:9c:95:71:db:e3: 86:60:2c:ff:9b:e0:9e:05:fe:8e:c7:78:a3:ca:bf: c4:9d:4e:e5:3c:4f:d3:98:1f:d1:d9:5d:b4:56:c9: b4:7e:7e:06:5f:75:0a:31:e2:f3:6c:e0:bb:a7:cf: 73:4c:f9:81:33:c3:0a:88:30:71:fa:5f:ac:76:d2: 77:23:81:aa:be:85:06:f8:87:26:f8:26:bb:9f:36: 08:fb:eb:5f:d3:cd:1d:62:e9:0b:de:a5:d5:12:6f: 42:05:da:26:ff:c7:1a:be:1d:2c:70:29:0e:49:65: 4d:94:2c:59:96:28:19:b5:37:f0:45:e5:6d:e3:f6: ab:00:43:22:8a:db:be:9a:bb:98:85:ad:17:b1:c0: 01:12:6d:3e:e2:f6:18:00:c0:9b:f2:53:03:34:07: 6f:fa:e8:fd:e0:86:3e:ac:f3:e8:d8:73:e6:a2:38: 4a:c6:74:34:8d:2f:c4:c4:7c:0b:10:06:f9:34:a7: c4:1a:86:ce:2f:92:c1:93:3a:29:a6:15:4b:a9:86: 9d:7d:17:78:c9:18:2c:eb:6b:47:69:65:ce:fa:2a: 86:19:3c:af:35:c9:d0:8d:9f:a4:bd:5a:ef:ae:63: 8d:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:B9:0A:C3:3F:80:BE:64:74:94:A3:A5:27:28:D6:EF:6B:C8:C6:E6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144787.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a859::/32 Signature Algorithm: sha256WithRSAEncryption 13:02:1a:8a:d6:ab:70:a1:ec:5e:96:3e:78:79:12:84:3a:bd: f6:e7:51:dc:b2:75:1c:ee:ca:1f:99:e1:6c:1a:ee:34:15:31: 66:fe:b8:2c:87:85:1b:ef:ee:07:83:5e:66:c6:e8:72:38:68: a7:e6:12:d5:94:96:84:e9:c0:d7:ca:58:f3:a1:45:67:12:49: 2d:ec:68:fb:f7:f7:f2:61:ee:3f:e9:0c:78:86:21:f0:0c:84: 4e:75:7e:77:d8:84:88:d5:5a:91:12:0b:ff:1d:b3:45:12:e9: 00:ba:73:49:1e:f5:7e:45:d9:5d:39:58:1c:5a:18:0f:5f:3d: bf:0e:3e:5f:30:77:ad:61:ff:1d:40:30:07:11:ce:09:71:48: 84:11:45:39:b1:41:d5:df:bb:fd:aa:0c:77:4b:66:f2:7c:50: 21:bf:b2:61:97:1b:ef:c7:e2:c1:9a:db:2b:af:f9:de:95:49: 0e:6a:99:11:00:69:74:57:26:84:d1:4a:c3:6a:ab:0b:99:bd: 45:81:82:8f:3b:6b:3e:2b:95:81:24:aa:73:9a:41:1e:79:c1: 86:44:5d:79:fb:ef:19:be:1b:a3:1e:82:87:9f:3a:72:5f:c9: 2b:32:e2:da:82:a1:31:49:1b:8f:2a:02:7e:ad:01:c2:5f:bd: 0e:1d:be:c3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUqHGIVcOG/F0rm2ZYmU9i7QBBOswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzMFoX DTI3MDMwMzA2MTkzMFowMzExMC8GA1UEAxMoRTVCOTBBQzMzRjgwQkU2NDc0OTRB M0E1MjcyOEQ2RUY2QkM4QzZFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKaSxWE9j8cbG1I0t8k7F73gsu8M8BeMKJyVcdvjhmAs/5vgngX+jsd4o8q/ xJ1O5TxP05gf0dldtFbJtH5+Bl91CjHi82zgu6fPc0z5gTPDCogwcfpfrHbSdyOB qr6FBviHJvgmu582CPvrX9PNHWLpC96l1RJvQgXaJv/HGr4dLHApDkllTZQsWZYo GbU38EXlbeP2qwBDIorbvpq7mIWtF7HAARJtPuL2GADAm/JTAzQHb/ro/eCGPqzz 6Nhz5qI4SsZ0NI0vxMR8CxAG+TSnxBqGzi+SwZM6KaYVS6mGnX0XeMkYLOtrR2ll zvoqhhk8rzXJ0I2fpL1a765jjVMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTluQrD P4C+ZHSUo6UnKNbva8jG5jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDc4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qFkwDQYJKoZIhvcNAQELBQADggEBABMCGorWq3Ch7F6WPnh5EoQ6vfbnUdyydRzu yh+Z4Wwa7jQVMWb+uCyHhRvv7geDXmbG6HI4aKfmEtWUloTpwNfKWPOhRWcSSS3s aPv39/Jh7j/pDHiGIfAMhE51fnfYhIjVWpESC/8ds0US6QC6c0ke9X5F2V05WBxa GA9fPb8OPl8wd61h/x1AMAcRzglxSIQRRTmxQdXfu/2qDHdLZvJ8UCG/smGXG+/H 4sGa2yuv+d6VSQ5qmREAaXRXJoTRSsNqqwuZvUWBgo87az4rlYEkqnOaQR55wYZE XXn77xm+G6MegoefOnJfySsy4tqCoTFJG48qAn6tAcJfvQ4dvsM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:55 2026 by rpki-client