$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144932.roa File: AS144932.roa (raw, json) Hash identifier: Q8hI83rhSktltUEE/EcRbQMyvtQ3elbHkwyyzc7UR/k= Subject key identifier: DA:39:69:20:D0:5C:A7:C5:DF:A1:AD:62:55:09:BE:C0:54:5A:9F:A0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 699BA7BCC6307B6E10F2DE0E2CC6C2A922F7DD4D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144932.roa Signing time: Wed 04 Mar 2026 06:22:05 +0000 ROA not before: Wed 04 Mar 2026 06:17:05 +0000 ROA not after: Wed 03 Mar 2027 06:22:05 +0000 asID: 144932 IP address blocks: 240a:a8ea::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:9b:a7:bc:c6:30:7b:6e:10:f2:de:0e:2c:c6:c2:a9:22:f7:dd:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:05 2026 GMT Not After : Mar 3 06:22:05 2027 GMT Subject: CN=DA396920D05CA7C5DFA1AD625509BEC0545A9FA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:2e:ce:30:e1:9b:a4:d3:fa:9f:2d:70:0d:dc: 91:96:a3:cd:50:08:70:69:dc:ec:79:5c:35:2e:78: cf:82:e7:79:ca:34:65:04:5c:f9:5e:9b:de:b8:82: e8:35:39:b9:22:f0:de:83:72:7f:dc:68:87:d9:cb: 61:3f:3e:35:04:17:0c:b4:94:b1:f5:d9:31:6c:2c: b0:5f:5a:a1:01:a5:c6:6a:94:38:f7:b3:38:ba:2b: f5:3c:bb:db:b4:3a:ee:b9:37:b6:15:7d:7b:25:d2: 11:ba:fc:f5:36:4d:1c:8e:20:4b:2a:58:8a:15:76: 49:8c:e1:7a:4f:c8:f9:57:dc:42:b6:f2:29:bf:86: ac:41:a5:01:2b:8a:b3:1d:14:cb:ad:0d:4b:50:69: 66:df:f2:ee:30:b5:10:97:94:69:47:0c:80:b2:ff: 88:66:20:c2:a2:72:08:81:79:6c:ca:d4:ad:49:2c: d6:d8:61:94:c7:38:cb:00:87:fa:cd:8c:3c:02:bb: 47:58:20:70:38:d7:48:7d:b8:84:c4:1f:62:5d:f2: 9e:b1:77:15:38:e4:41:5a:10:80:1b:fa:a1:1f:eb: 84:5b:3b:50:85:66:6d:26:f3:23:7a:7d:fa:11:5b: 21:eb:6e:a5:96:54:c3:8e:1d:89:59:b2:cd:be:e2: 9b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:39:69:20:D0:5C:A7:C5:DF:A1:AD:62:55:09:BE:C0:54:5A:9F:A0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144932.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8ea::/32 Signature Algorithm: sha256WithRSAEncryption 6c:f6:f6:94:0b:19:93:21:e3:31:48:30:d2:1b:d0:a6:83:33: eb:e1:5e:fd:db:04:57:df:9d:50:e3:a3:22:60:4d:d2:b7:b6: 8a:6b:15:02:36:3c:20:90:f7:4f:19:7b:49:c2:6a:87:36:8f: 5e:f7:17:a1:6c:8a:28:49:50:28:7e:94:a1:5b:4e:66:3a:99: 47:5a:47:cb:2f:b8:57:9b:e4:0d:1a:8e:62:36:6d:33:d6:6c: ca:5e:0b:f8:e4:95:f9:a9:cf:fe:aa:7b:b8:ad:fa:ab:b1:2b: 36:3c:82:af:ff:83:47:f2:46:7c:eb:f1:31:9d:d9:90:ba:b6: 20:c2:5c:1e:0b:ea:aa:00:80:23:da:0a:f1:5a:51:e6:f6:bd: 36:b5:b1:70:d9:b2:f8:f5:45:af:11:5b:39:4f:d9:82:e5:19: b8:19:e9:1e:56:04:86:bb:eb:78:10:f0:7f:99:95:0f:52:14: 57:f8:b4:d3:f8:f6:49:dc:0a:f3:fc:e0:22:87:34:b7:12:e7: 4d:f0:71:c1:8b:7d:33:cf:a8:e6:f1:16:5f:ed:92:5d:cf:2d: ae:ec:d8:f5:66:b9:8e:e6:5f:7f:fe:73:73:55:b1:6f:c9:d1: 8e:e1:b6:b8:29:1c:89:47:a4:23:45:a4:be:8f:05:5d:7c:b2: e2:e4:55:d0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaZunvMYwe24Q8t4OLMbCqSL33U0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwNVoX DTI3MDMwMzA2MjIwNVowMzExMC8GA1UEAxMoREEzOTY5MjBEMDVDQTdDNURGQTFB RDYyNTUwOUJFQzA1NDVBOUZBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANguzjDhm6TT+p8tcA3ckZajzVAIcGnc7HlcNS54z4Lneco0ZQRc+V6b3riC 6DU5uSLw3oNyf9xoh9nLYT8+NQQXDLSUsfXZMWwssF9aoQGlxmqUOPezOLor9Ty7 27Q67rk3thV9eyXSEbr89TZNHI4gSypYihV2SYzhek/I+VfcQrbyKb+GrEGlASuK sx0Uy60NS1BpZt/y7jC1EJeUaUcMgLL/iGYgwqJyCIF5bMrUrUks1thhlMc4ywCH +s2MPAK7R1ggcDjXSH24hMQfYl3ynrF3FTjkQVoQgBv6oR/rhFs7UIVmbSbzI3p9 +hFbIetupZZUw44diVmyzb7imyECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTaOWkg 0Fynxd+hrWJVCb7AVFqfoDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qOowDQYJKoZIhvcNAQELBQADggEBAGz29pQLGZMh4zFIMNIb0KaDM+vhXv3bBFff nVDjoyJgTdK3toprFQI2PCCQ908Ze0nCaoc2j173F6FsiihJUCh+lKFbTmY6mUda R8svuFeb5A0ajmI2bTPWbMpeC/jklfmpz/6qe7it+quxKzY8gq//g0fyRnzr8TGd 2ZC6tiDCXB4L6qoAgCPaCvFaUeb2vTa1sXDZsvj1Ra8RWzlP2YLlGbgZ6R5WBIa7 63gQ8H+ZlQ9SFFf4tNP49kncCvP84CKHNLcS503wccGLfTPPqObxFl/tkl3PLa7s 2PVmuY7mX3/+c3NVsW/J0Y7htrgpHIlHpCNFpL6PBV18suLkVdA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:54 2026 by rpki-client