$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144825.roa File: AS144825.roa (raw, json) Hash identifier: r+xG36jOpw5N3QDc0+pE5SE7WQmsiGNVmvJE8w465zU= Subject key identifier: EE:18:64:FD:D2:DC:77:E4:C3:EF:53:BB:73:E0:F5:2F:4B:8D:78:04 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0D2F9B1294A9DD1DC39D11E81CCE83A9EF856B3A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144825.roa Signing time: Wed 04 Mar 2026 06:21:30 +0000 ROA not before: Wed 04 Mar 2026 06:16:30 +0000 ROA not after: Wed 03 Mar 2027 06:21:30 +0000 asID: 144825 IP address blocks: 240a:a87f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:2f:9b:12:94:a9:dd:1d:c3:9d:11:e8:1c:ce:83:a9:ef:85:6b:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:30 2026 GMT Not After : Mar 3 06:21:30 2027 GMT Subject: CN=EE1864FDD2DC77E4C3EF53BB73E0F52F4B8D7804 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:04:91:fb:85:6e:90:76:d6:cd:c1:92:53:69: 4e:04:a0:e7:9a:cd:b7:e9:18:c6:73:04:8d:90:f5: 57:f0:e5:0d:61:fc:3b:d3:58:98:26:09:1e:00:60: fe:27:46:6d:1f:12:05:b0:58:f0:75:e5:ab:8e:78: 99:d6:da:1e:21:e2:96:39:5c:c5:7b:48:59:bb:62: b5:4a:7c:8a:5b:06:35:07:90:da:6c:a3:c0:a1:5e: 09:8f:6c:27:ff:12:66:09:56:ec:de:f5:c3:e4:ba: f9:b1:da:d2:33:6b:a0:f8:ba:70:04:c9:5d:fa:e5: d4:71:2b:40:5f:3d:54:64:59:c5:81:a5:75:1f:2a: 81:0a:26:df:73:8e:7f:de:1d:7f:4a:11:0c:fa:4d: d7:6d:99:7d:0b:e7:bf:f6:61:ee:61:58:31:62:2c: ea:f2:1d:bb:70:51:fb:9d:32:38:be:0b:8b:17:e7: 46:2e:07:09:c6:50:e2:95:86:0c:12:45:c4:2c:c6: 98:c3:50:e3:36:f9:83:7b:7a:68:a2:c0:fc:42:ae: 31:05:43:f5:4e:cb:98:66:d1:bf:74:8b:82:fc:da: 5c:17:6e:4c:27:e5:1e:63:b5:ba:ba:5b:0b:55:5b: da:44:53:fa:ed:d4:f7:7d:58:cd:57:11:bc:fd:ee: e6:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:18:64:FD:D2:DC:77:E4:C3:EF:53:BB:73:E0:F5:2F:4B:8D:78:04 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144825.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a87f::/32 Signature Algorithm: sha256WithRSAEncryption 17:44:a8:df:52:fb:55:59:5f:1d:25:50:33:d3:4a:f6:62:34: 61:f9:b7:a5:aa:9d:d8:70:49:37:e4:7a:ac:f4:4d:57:7e:0b: d6:8f:38:20:f7:65:4a:0a:a9:d8:9a:1f:8c:6a:e0:0c:21:84: cb:f7:9b:42:f6:c2:1c:27:d3:33:ba:9c:65:0c:9b:cc:bf:1c: 9a:98:db:2d:d1:5c:82:25:fd:d7:07:04:36:2a:15:fd:8b:2a: 96:38:b4:1d:a5:15:7a:20:a0:7a:da:af:7d:0e:d7:c9:55:dd: 46:63:0e:c1:af:af:fe:7e:a4:96:19:7c:f0:3b:3d:30:f4:5b: 33:2a:28:2f:22:0b:5c:79:06:f7:59:a8:9d:65:f2:dc:e6:90: ac:2b:a7:1c:11:d9:40:02:bb:7b:bf:cd:0e:b8:91:8c:0e:c2: 6a:a3:a7:d6:a8:c5:80:a8:0e:f2:99:c3:ea:e9:13:93:88:f2: 67:27:fb:e7:60:26:e4:d1:bd:99:c6:6b:83:fd:a9:5e:19:37: 06:8b:90:7a:6c:e1:fc:a2:0a:50:42:45:66:49:97:61:d5:05: a8:ce:32:f0:f7:16:99:06:1a:0b:fc:4e:8d:a3:00:d2:ed:ce: 0f:9f:47:c2:34:98:21:80:91:4f:e2:72:15:66:69:4c:2f:d7: f3:36:12:b3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDS+bEpSp3R3DnRHoHM6Dqe+FazowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYzMFoX DTI3MDMwMzA2MjEzMFowMzExMC8GA1UEAxMoRUUxODY0RkREMkRDNzdFNEMzRUY1 M0JCNzNFMEY1MkY0QjhENzgwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0EkfuFbpB21s3BklNpTgSg55rNt+kYxnMEjZD1V/DlDWH8O9NYmCYJHgBg /idGbR8SBbBY8HXlq454mdbaHiHiljlcxXtIWbtitUp8ilsGNQeQ2myjwKFeCY9s J/8SZglW7N71w+S6+bHa0jNroPi6cATJXfrl1HErQF89VGRZxYGldR8qgQom33OO f94df0oRDPpN122ZfQvnv/Zh7mFYMWIs6vIdu3BR+50yOL4LixfnRi4HCcZQ4pWG DBJFxCzGmMNQ4zb5g3t6aKLA/EKuMQVD9U7LmGbRv3SLgvzaXBduTCflHmO1urpb C1Vb2kRT+u3U931YzVcRvP3u5qsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTuGGT9 0tx35MPvU7tz4PUvS414BDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qH8wDQYJKoZIhvcNAQELBQADggEBABdEqN9S+1VZXx0lUDPTSvZiNGH5t6Wqndhw STfkeqz0TVd+C9aPOCD3ZUoKqdiaH4xq4AwhhMv3m0L2whwn0zO6nGUMm8y/HJqY 2y3RXIIl/dcHBDYqFf2LKpY4tB2lFXogoHrar30O18lV3UZjDsGvr/5+pJYZfPA7 PTD0WzMqKC8iC1x5BvdZqJ1l8tzmkKwrpxwR2UACu3u/zQ64kYwOwmqjp9aoxYCo DvKZw+rpE5OI8mcn++dgJuTRvZnGa4P9qV4ZNwaLkHps4fyiClBCRWZJl2HVBajO MvD3FpkGGgv8To2jANLtzg+fR8I0mCGAkU/ichVmaUwv1/M2ErM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:16 2026 by rpki-client