$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144815.roa File: AS144815.roa (raw, json) Hash identifier: dBElAlgmVjx6KIAP+T/Km/JMQqx1PJItaUSjO+a7vws= Subject key identifier: 66:21:C8:27:C6:6F:55:6B:C1:72:E0:3F:BB:70:DA:A5:7E:94:7F:4D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7583EF74E5416D145D99E02CE08AFD156DBC2692 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144815.roa Signing time: Wed 04 Mar 2026 06:21:50 +0000 ROA not before: Wed 04 Mar 2026 06:16:50 +0000 ROA not after: Wed 03 Mar 2027 06:21:50 +0000 asID: 144815 IP address blocks: 240a:a875::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:83:ef:74:e5:41:6d:14:5d:99:e0:2c:e0:8a:fd:15:6d:bc:26:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:50 2026 GMT Not After : Mar 3 06:21:50 2027 GMT Subject: CN=6621C827C66F556BC172E03FBB70DAA57E947F4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:cd:81:f1:0a:57:57:ba:f4:dc:b4:f7:a6:54: 50:d2:ac:80:26:67:1b:66:90:8d:a6:bd:4f:0f:27: a6:28:2b:fb:d8:c6:e7:b9:ea:1a:d7:a7:26:79:0b: 52:5c:e7:cd:44:35:7e:28:de:be:2f:86:1a:6a:ad: 2e:a0:9e:3f:31:4b:f3:25:3c:d4:c0:dd:82:9c:8b: 47:71:0e:65:7f:a0:0c:e2:23:84:f1:e3:b6:27:5a: 04:7a:ac:33:2c:72:9e:7b:dd:e6:7c:4e:f5:8b:22: 80:af:43:5e:5b:ea:b7:4f:09:82:20:f3:f8:ff:89: 56:29:9f:54:ef:af:06:0e:46:4b:28:90:31:f3:77: 17:1d:c1:8e:75:42:41:90:9d:3e:ad:10:ee:0e:63: 76:ac:79:a1:4a:24:e7:38:61:9b:71:b5:24:26:3f: 3e:b0:b4:97:99:a9:de:55:8b:a5:93:d2:ac:aa:49: ed:3e:46:f1:9c:63:42:7d:3a:8f:a9:d0:23:60:85: dd:fd:9e:7e:ee:54:0d:8b:77:4a:7b:2a:a0:df:03: 6e:15:d5:53:a3:45:27:23:ea:1e:ad:c0:c6:e7:f3: f7:1a:83:4f:c1:51:7f:1a:a1:58:59:56:86:63:6e: 68:20:4c:ff:36:78:74:5e:a9:a1:b1:8c:69:b1:8f: dd:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:21:C8:27:C6:6F:55:6B:C1:72:E0:3F:BB:70:DA:A5:7E:94:7F:4D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144815.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a875::/32 Signature Algorithm: sha256WithRSAEncryption 32:ae:1b:fb:ff:75:19:a2:5a:1c:be:0a:05:cd:72:8c:b8:b0: 58:54:a0:e5:e2:cf:c2:54:02:02:b3:a9:e7:7f:31:fa:a7:bc: 9f:6d:e0:19:3f:cd:b6:52:67:e9:37:1a:6e:45:a1:b3:ed:74: 06:05:67:62:ea:b2:ac:26:da:7b:e0:b3:2e:d5:81:e2:5d:b5: 02:38:c7:91:16:89:b8:68:34:5e:b6:e5:02:b1:85:82:e2:34: e0:68:ae:df:14:c3:83:39:b9:ab:5b:f7:ec:1b:c9:fa:d3:62: 4b:51:57:5c:69:47:a3:04:70:8f:3e:c3:b7:d0:9f:14:97:74: 81:c6:b4:a4:51:28:50:58:13:28:9b:73:ab:dc:ca:b1:48:19: 49:96:ac:45:b0:5c:20:c3:34:5f:6b:93:fc:c7:37:44:11:26: 0b:6a:c0:37:6a:71:43:ff:61:92:d1:28:9f:55:bb:d3:3a:46: a8:4f:f2:a0:af:98:d3:24:ab:8e:26:e7:c3:81:a4:b8:de:ee: 7e:42:bb:25:1f:0b:34:05:e2:e2:9b:e4:84:a9:fd:2b:e6:9c: ac:67:c4:64:31:e3:a8:8c:3c:08:37:57:cb:5c:91:32:2e:50: 86:a0:c3:a5:98:ff:e3:48:79:a6:67:d3:d3:43:b5:39:e6:30: 64:4a:c8:de -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdYPvdOVBbRRdmeAs4Ir9FW28JpIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1MFoX DTI3MDMwMzA2MjE1MFowMzExMC8GA1UEAxMoNjYyMUM4MjdDNjZGNTU2QkMxNzJF MDNGQkI3MERBQTU3RTk0N0Y0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3NgfEKV1e69Ny096ZUUNKsgCZnG2aQjaa9Tw8npigr+9jG57nqGtenJnkL UlznzUQ1fijevi+GGmqtLqCePzFL8yU81MDdgpyLR3EOZX+gDOIjhPHjtidaBHqs Myxynnvd5nxO9YsigK9DXlvqt08JgiDz+P+JVimfVO+vBg5GSyiQMfN3Fx3BjnVC QZCdPq0Q7g5jdqx5oUok5zhhm3G1JCY/PrC0l5mp3lWLpZPSrKpJ7T5G8ZxjQn06 j6nQI2CF3f2efu5UDYt3SnsqoN8DbhXVU6NFJyPqHq3Axufz9xqDT8FRfxqhWFlW hmNuaCBM/zZ4dF6pobGMabGP3QECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRmIcgn xm9Va8Fy4D+7cNqlfpR/TTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgxNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qHUwDQYJKoZIhvcNAQELBQADggEBADKuG/v/dRmiWhy+CgXNcoy4sFhUoOXiz8JU AgKzqed/MfqnvJ9t4Bk/zbZSZ+k3Gm5FobPtdAYFZ2Lqsqwm2nvgsy7VgeJdtQI4 x5EWibhoNF625QKxhYLiNOBort8Uw4M5uatb9+wbyfrTYktRV1xpR6MEcI8+w7fQ nxSXdIHGtKRRKFBYEyibc6vcyrFIGUmWrEWwXCDDNF9rk/zHN0QRJgtqwDdqcUP/ YZLRKJ9Vu9M6RqhP8qCvmNMkq44m58OBpLje7n5CuyUfCzQF4uKb5ISp/SvmnKxn xGQx46iMPAg3V8tckTIuUIagw6WY/+NIeaZn09NDtTnmMGRKyN4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:16 2026 by rpki-client