$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144820.roa File: AS144820.roa (raw, json) Hash identifier: DYt8/aeVyegyiCRRLsMRESizrkUZCBG4NixBsZXm/E4= Subject key identifier: 33:F1:18:A2:DC:4E:4E:49:2B:28:CD:13:59:B9:54:F2:39:D7:34:7E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0D775EB24C3C8169257289239028B8118222E60F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144820.roa Signing time: Wed 04 Mar 2026 06:20:15 +0000 ROA not before: Wed 04 Mar 2026 06:15:15 +0000 ROA not after: Wed 03 Mar 2027 06:20:15 +0000 asID: 144820 IP address blocks: 240a:a87a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:77:5e:b2:4c:3c:81:69:25:72:89:23:90:28:b8:11:82:22:e6:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:15 2026 GMT Not After : Mar 3 06:20:15 2027 GMT Subject: CN=33F118A2DC4E4E492B28CD1359B954F239D7347E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:47:4e:04:f4:71:57:d7:95:ba:0c:e4:14:30: 9f:3b:4e:c1:c0:cc:76:12:9f:4b:6d:82:93:62:75: 2d:6b:25:8f:9b:88:91:14:a1:73:9d:72:0c:cb:8b: 9b:2d:e7:e4:1d:0e:6c:0e:39:f3:28:ab:64:82:3b: be:2c:ba:30:3a:dc:f6:98:4e:ac:c2:1e:b6:91:af: f5:16:0d:9f:6e:72:9c:e0:c4:b4:8d:02:a4:d9:44: 90:0b:f7:b6:95:ba:f9:a8:db:6c:66:fd:d2:ec:1d: b5:31:a2:ed:d2:bb:53:c9:34:81:f2:2f:04:67:c3: 05:72:77:cb:f9:cc:ec:a7:2a:22:bf:56:33:d2:54: 3d:c3:9b:70:90:dc:d9:16:36:00:5e:c7:14:b1:66: 28:0c:4b:4b:f6:cb:3d:dc:9b:9e:12:1d:c6:d5:7a: d6:70:e9:1f:a6:f5:66:f6:fe:01:25:c0:18:b9:ef: 1f:9c:9d:83:20:c7:04:4e:41:bf:1b:c1:a0:be:98: 6e:e1:28:ef:2b:7e:ad:21:11:8d:0e:3a:60:b0:1f: 9e:b1:ef:24:d9:c1:18:d8:c2:c7:ea:a6:63:e9:a7: 3b:51:f6:f0:ad:6b:7c:73:c5:27:cc:49:db:c4:a7: 25:48:cc:23:86:e7:72:ae:35:df:d2:22:db:64:26: 6c:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:F1:18:A2:DC:4E:4E:49:2B:28:CD:13:59:B9:54:F2:39:D7:34:7E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144820.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a87a::/32 Signature Algorithm: sha256WithRSAEncryption 6a:7d:8c:d9:8b:56:c7:49:f3:d4:2f:6b:70:6e:f8:c5:20:12: 13:c8:b3:55:0d:45:68:ef:2d:9c:84:67:65:8f:ed:13:e8:5e: 52:3e:b7:a7:e2:fd:f1:5e:e6:f8:e1:b7:58:01:3d:ec:98:00: 5a:ec:76:ef:90:f8:b3:ec:5a:28:17:9e:8c:fe:0d:53:0e:0c: 7b:0f:00:e6:57:e5:09:c3:0a:f3:97:3e:6c:a8:ae:53:ae:d2: d8:62:29:f4:86:40:ad:f9:26:50:a6:8b:f9:6d:93:08:df:f8: 2b:bd:98:ca:03:34:58:1d:58:df:87:73:01:49:56:cc:a2:59: 5c:ab:27:2c:cc:15:13:7c:3d:c7:ef:81:44:ff:3b:4e:a7:8a: 72:02:2b:ac:27:56:66:83:75:c3:0d:a3:dc:c8:7b:d2:0e:d6: 2f:7c:f1:4f:71:f8:2d:62:99:8a:e8:2c:e7:93:01:bd:bc:41: 19:9f:fb:6a:71:85:44:e7:c9:6e:ef:5c:56:c3:27:f8:7d:58: 21:00:f3:25:78:50:cf:cd:54:16:92:7c:a0:53:57:bd:ac:72: 24:1e:95:26:b9:99:95:f0:24:d7:f8:ff:d2:f7:03:cb:d3:75: 79:2a:45:56:d2:76:06:fa:41:17:d9:62:4e:d6:c1:ff:fa:31: 6a:e8:89:17 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDXdeskw8gWklcokjkCi4EYIi5g8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxNVoX DTI3MDMwMzA2MjAxNVowMzExMC8GA1UEAxMoMzNGMTE4QTJEQzRFNEU0OTJCMjhD RDEzNTlCOTU0RjIzOUQ3MzQ3RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtHTgT0cVfXlboM5BQwnztOwcDMdhKfS22Ck2J1LWslj5uIkRShc51yDMuL my3n5B0ObA458yirZII7viy6MDrc9phOrMIetpGv9RYNn25ynODEtI0CpNlEkAv3 tpW6+ajbbGb90uwdtTGi7dK7U8k0gfIvBGfDBXJ3y/nM7KcqIr9WM9JUPcObcJDc 2RY2AF7HFLFmKAxLS/bLPdybnhIdxtV61nDpH6b1Zvb+ASXAGLnvH5ydgyDHBE5B vxvBoL6YbuEo7yt+rSERjQ46YLAfnrHvJNnBGNjCx+qmY+mnO1H28K1rfHPFJ8xJ 28SnJUjMI4bncq4139Ii22QmbF8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQz8Rii 3E5OSSsozRNZuVTyOdc0fjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qHowDQYJKoZIhvcNAQELBQADggEBAGp9jNmLVsdJ89Qva3Bu+MUgEhPIs1UNRWjv LZyEZ2WP7RPoXlI+t6fi/fFe5vjht1gBPeyYAFrsdu+Q+LPsWigXnoz+DVMODHsP AOZX5QnDCvOXPmyorlOu0thiKfSGQK35JlCmi/ltkwjf+Cu9mMoDNFgdWN+HcwFJ VsyiWVyrJyzMFRN8PcfvgUT/O06ninICK6wnVmaDdcMNo9zIe9IO1i988U9x+C1i mYroLOeTAb28QRmf+2pxhUTnyW7vXFbDJ/h9WCEA8yV4UM/NVBaSfKBTV72sciQe lSa5mZXwJNf4/9L3A8vTdXkqRVbSdgb6QRfZYk7Wwf/6MWroiRc= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:42 2026 by rpki-client