$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144949.roa File: AS144949.roa (raw, json) Hash identifier: rnxkZD0aBNAbF3LsYTdqj6nkPrv4umEW4j15OnU5LK0= Subject key identifier: 5E:5A:B8:87:97:6F:88:5B:9B:D3:1E:76:5C:AF:FC:83:DD:83:37:17 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 57D5A33E87D8E9B4106F935FAE1D4AFDD784D92E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144949.roa Signing time: Wed 04 Mar 2026 06:21:53 +0000 ROA not before: Wed 04 Mar 2026 06:16:53 +0000 ROA not after: Wed 03 Mar 2027 06:21:53 +0000 asID: 144949 IP address blocks: 240a:a8fb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:d5:a3:3e:87:d8:e9:b4:10:6f:93:5f:ae:1d:4a:fd:d7:84:d9:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:53 2026 GMT Not After : Mar 3 06:21:53 2027 GMT Subject: CN=5E5AB887976F885B9BD31E765CAFFC83DD833717 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:d6:ef:76:6f:d2:8e:58:3a:45:00:21:0a:9a: 0c:24:70:ae:76:26:98:a2:74:89:32:b4:71:cc:fe: 2d:49:66:e5:95:3f:58:bd:32:76:54:5e:d1:8a:1b: bd:f0:9f:94:9f:d0:fd:1f:d4:a3:91:4e:65:cd:f2: 93:54:06:69:bb:41:32:01:62:c1:71:06:63:40:f2: f3:25:24:c0:c4:64:e7:e6:9c:21:31:cd:07:57:d5: 9d:a1:c8:d2:21:d3:09:54:bf:62:4a:32:19:c9:a1: d1:81:34:97:bf:ee:9f:01:be:f2:81:da:b3:19:e1: b2:b5:41:2c:98:97:f9:62:d9:8c:6e:ce:85:a4:ca: 2a:ee:df:fa:0d:95:ed:63:f2:63:62:fd:32:1c:d2: e5:8f:d0:24:ca:7c:10:65:11:42:e5:bf:a4:7d:67: 0b:a9:f4:14:ab:85:c7:fb:13:6d:c2:e8:9e:1d:98: b8:f8:c7:66:5c:43:1b:80:75:50:61:b6:e4:af:f0: ff:19:6f:94:fe:40:06:75:50:34:88:1a:41:07:5b: 27:f2:5b:17:e5:df:a4:fb:18:59:c1:51:f2:75:d5: ff:f1:0a:ff:45:2f:a7:3d:a0:a0:f0:82:67:53:94: cb:4c:4a:1b:9d:20:aa:ab:47:b4:20:b8:71:a5:5d: 30:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:5A:B8:87:97:6F:88:5B:9B:D3:1E:76:5C:AF:FC:83:DD:83:37:17 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144949.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8fb::/32 Signature Algorithm: sha256WithRSAEncryption c0:1c:8e:57:c0:11:2b:13:6d:58:c1:1a:b0:06:91:1f:ba:eb: 16:53:da:a0:78:36:00:9b:b4:bd:80:51:cc:17:82:e9:d6:21: 17:3a:ca:33:45:c0:e2:e1:64:5c:7c:4f:f0:e7:ff:67:21:9d: 01:ba:3d:5e:7e:b1:79:e9:c7:f7:f0:1a:ed:29:a2:3c:5e:8c: fe:b5:4e:2f:fd:e8:06:87:0d:63:f1:db:f0:34:f8:97:76:a2: ba:34:a3:cf:f9:fc:a7:2f:89:db:69:16:6d:4f:35:16:de:57: ab:d4:ce:9b:18:7c:85:d6:d1:ae:8a:35:6f:e0:f0:66:45:8f: 97:36:82:cc:ae:f0:e0:10:28:7b:ce:b7:71:b6:a5:46:48:27: 70:a2:f0:c5:b8:07:f6:69:5a:ec:18:a6:e3:b7:c8:53:a5:ae: 73:f3:fc:1e:48:a9:72:b7:f3:05:f9:e3:b0:bd:9c:d8:db:1b: 00:d4:c3:c6:78:90:31:a7:5f:2c:a5:32:f9:fc:6b:d5:1b:9d: 5c:4f:7a:cc:a9:9d:97:6e:f9:44:79:5d:ec:27:2e:77:8f:8d: 67:ac:e6:af:74:8f:16:ff:5e:0c:7e:13:46:a2:e6:99:1f:92: 25:d0:e7:56:ae:08:48:76:be:62:52:b7:7a:45:52:c3:c4:e9: 6e:9b:25:83 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUV9WjPofY6bQQb5Nfrh1K/deE2S4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1M1oX DTI3MDMwMzA2MjE1M1owMzExMC8GA1UEAxMoNUU1QUI4ODc5NzZGODg1QjlCRDMx RTc2NUNBRkZDODNERDgzMzcxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMbW73Zv0o5YOkUAIQqaDCRwrnYmmKJ0iTK0ccz+LUlm5ZU/WL0ydlRe0Yob vfCflJ/Q/R/Uo5FOZc3yk1QGabtBMgFiwXEGY0Dy8yUkwMRk5+acITHNB1fVnaHI 0iHTCVS/YkoyGcmh0YE0l7/unwG+8oHasxnhsrVBLJiX+WLZjG7OhaTKKu7f+g2V 7WPyY2L9MhzS5Y/QJMp8EGURQuW/pH1nC6n0FKuFx/sTbcLonh2YuPjHZlxDG4B1 UGG25K/w/xlvlP5ABnVQNIgaQQdbJ/JbF+XfpPsYWcFR8nXV//EK/0Uvpz2goPCC Z1OUy0xKG50gqqtHtCC4caVdMHUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBReWriH l2+IW5vTHnZcr/yD3YM3FzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk0OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qPswDQYJKoZIhvcNAQELBQADggEBAMAcjlfAESsTbVjBGrAGkR+66xZT2qB4NgCb tL2AUcwXgunWIRc6yjNFwOLhZFx8T/Dn/2chnQG6PV5+sXnpx/fwGu0pojxejP61 Ti/96AaHDWPx2/A0+Jd2oro0o8/5/KcvidtpFm1PNRbeV6vUzpsYfIXW0a6KNW/g 8GZFj5c2gsyu8OAQKHvOt3G2pUZIJ3Ci8MW4B/ZpWuwYpuO3yFOlrnPz/B5IqXK3 8wX547C9nNjbGwDUw8Z4kDGnXyylMvn8a9UbnVxPesypnZdu+UR5XewnLnePjWes 5q90jxb/Xgx+E0ai5pkfkiXQ51auCEh2vmJSt3pFUsPE6W6bJYM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:08 2026 by rpki-client