$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144928.roa File: AS144928.roa (raw, json) Hash identifier: ANwdRHHVJ00iV5PHVkTuO9I1hjCGoziZ5YqNzrwbkFE= Subject key identifier: D7:6B:B4:E0:7C:C3:94:E6:9E:87:43:AA:E3:CF:2E:8E:05:29:11:0B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6EC812DBF9AF6FFFC5A08A3AA7645A088547F64C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144928.roa Signing time: Wed 04 Mar 2026 06:22:22 +0000 ROA not before: Wed 04 Mar 2026 06:17:22 +0000 ROA not after: Wed 03 Mar 2027 06:22:22 +0000 asID: 144928 IP address blocks: 240a:a8e6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:c8:12:db:f9:af:6f:ff:c5:a0:8a:3a:a7:64:5a:08:85:47:f6:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:22 2026 GMT Not After : Mar 3 06:22:22 2027 GMT Subject: CN=D76BB4E07CC394E69E8743AAE3CF2E8E0529110B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:1c:2f:23:4e:96:a2:0e:17:32:bf:50:39:e0: 3d:28:7f:c5:1a:48:0f:f8:e8:c0:0d:eb:18:87:95: 8c:c2:8e:0b:19:11:b4:e7:c2:7c:99:aa:9c:93:a4: 39:cc:1f:46:40:b1:7c:0d:f1:71:f1:55:9b:f2:da: c7:5c:b6:06:cf:84:7a:24:81:a2:07:1e:4e:32:15: 87:21:49:9d:25:e7:87:5f:b4:ec:1a:03:77:41:19: 97:57:e4:95:e2:1c:3e:15:be:dc:17:e1:05:40:9d: 5b:45:1a:4f:6d:30:71:d3:64:85:43:cc:cd:c7:4c: e0:5a:28:a5:34:53:73:17:09:c6:a9:44:a1:05:78: 4f:fc:c5:48:34:6e:e7:96:98:cf:56:e9:62:1d:12: 84:c7:76:b4:26:d4:cf:62:60:86:b6:a0:71:c1:df: 6d:5c:58:2b:3e:d4:f8:45:e9:e1:5c:07:5f:06:ce: 46:01:f6:0c:1d:05:ab:42:1c:d7:b1:b1:f3:85:25: 17:ca:81:0d:dc:4d:bc:1e:0f:aa:4e:66:df:05:d8: 40:3b:42:ba:ff:41:24:61:0b:3a:76:bd:d9:f0:5b: 2a:fc:4f:2c:f0:94:26:7c:05:bb:55:9f:79:94:59: 12:94:62:22:00:14:7e:12:61:e4:c8:1d:e3:9c:09: 4a:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:6B:B4:E0:7C:C3:94:E6:9E:87:43:AA:E3:CF:2E:8E:05:29:11:0B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144928.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8e6::/32 Signature Algorithm: sha256WithRSAEncryption 36:1c:00:e1:6f:51:cb:47:8e:8b:ca:1c:47:f7:2e:fd:21:d3: 7a:51:c4:0b:3f:71:37:1d:2a:91:79:f5:dc:33:0c:eb:29:a7: ae:26:7f:c4:ff:f8:69:95:72:85:d8:fb:0c:b5:04:ac:28:bc: ab:b9:be:4a:d2:90:53:52:38:9b:24:a9:d4:6b:a7:52:1c:99: 38:27:30:f0:1e:fb:d3:ac:a5:9a:2d:15:c5:f7:68:74:a6:88: 12:73:e5:b6:2e:6b:dc:44:13:0c:e8:70:76:36:da:2c:d9:43: 1e:1e:4f:bc:b2:c0:55:c3:7f:5f:72:c8:36:64:19:bf:66:b5: 4a:29:e8:04:97:8f:f0:5a:e8:41:2f:c4:d1:78:42:49:2e:5b: 60:a8:4c:78:44:f5:c9:60:6f:87:27:d9:94:24:b9:f7:ec:af: bc:b2:5a:f8:b1:7e:0f:35:20:84:af:c2:df:12:ce:ec:4b:d6: 41:c8:c1:41:b5:2e:f0:ff:69:e4:c2:bf:32:85:49:36:80:ab: 69:1d:ac:55:f3:17:0f:dc:d1:a2:29:3f:f8:7a:2f:01:fe:78: c5:2d:9f:b4:14:83:c4:e6:0b:24:41:c0:f7:ef:05:4e:26:0e: cd:4f:41:59:b4:b9:ee:9c:ef:55:02:76:27:e1:08:51:ed:cb: ef:00:30:20 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbsgS2/mvb//FoIo6p2RaCIVH9kwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyMloX DTI3MDMwMzA2MjIyMlowMzExMC8GA1UEAxMoRDc2QkI0RTA3Q0MzOTRFNjlFODc0 M0FBRTNDRjJFOEUwNTI5MTEwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOMcLyNOlqIOFzK/UDngPSh/xRpID/jowA3rGIeVjMKOCxkRtOfCfJmqnJOk OcwfRkCxfA3xcfFVm/Lax1y2Bs+EeiSBogceTjIVhyFJnSXnh1+07BoDd0EZl1fk leIcPhW+3BfhBUCdW0UaT20wcdNkhUPMzcdM4FoopTRTcxcJxqlEoQV4T/zFSDRu 55aYz1bpYh0ShMd2tCbUz2JghragccHfbVxYKz7U+EXp4VwHXwbORgH2DB0Fq0Ic 17Gx84UlF8qBDdxNvB4Pqk5m3wXYQDtCuv9BJGELOna92fBbKvxPLPCUJnwFu1Wf eZRZEpRiIgAUfhJh5Mgd45wJSuMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTXa7Tg fMOU5p6HQ6rjzy6OBSkRCzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qOYwDQYJKoZIhvcNAQELBQADggEBADYcAOFvUctHjovKHEf3Lv0h03pRxAs/cTcd KpF59dwzDOspp64mf8T/+GmVcoXY+wy1BKwovKu5vkrSkFNSOJskqdRrp1IcmTgn MPAe+9OspZotFcX3aHSmiBJz5bYua9xEEwzocHY22izZQx4eT7yywFXDf19yyDZk Gb9mtUop6ASXj/Ba6EEvxNF4QkkuW2CoTHhE9clgb4cn2ZQkuffsr7yyWvixfg81 IISvwt8SzuxL1kHIwUG1LvD/aeTCvzKFSTaAq2kdrFXzFw/c0aIpP/h6LwH+eMUt n7QUg8TmCyRBwPfvBU4mDs1PQVm0ue6c71UCdifhCFHty+8AMCA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:51 2026 by rpki-client