$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144956.roa File: AS144956.roa (raw, json) Hash identifier: RgpQI6sf+EA/1pFxKRyOMlQqT6rAn0k+zTopGBb4Jw4= Subject key identifier: 21:79:D6:3F:E1:F5:5B:57:8B:05:45:75:0D:FB:A8:FF:A1:D0:D5:90 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1F0DC4A41D0F9A5D4388EADCC6D884F54F9BBC02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144956.roa Signing time: Wed 04 Mar 2026 06:21:11 +0000 ROA not before: Wed 04 Mar 2026 06:16:11 +0000 ROA not after: Wed 03 Mar 2027 06:21:11 +0000 asID: 144956 IP address blocks: 240a:a902::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:0d:c4:a4:1d:0f:9a:5d:43:88:ea:dc:c6:d8:84:f5:4f:9b:bc:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:11 2026 GMT Not After : Mar 3 06:21:11 2027 GMT Subject: CN=2179D63FE1F55B578B0545750DFBA8FFA1D0D590 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:07:5d:df:a8:0e:f4:67:74:55:bc:e7:2f:62: c7:28:73:7a:6e:12:a1:59:97:2b:e8:e3:a1:6c:65: e2:0c:ed:27:ba:5a:da:4d:9c:db:1e:2b:52:d4:35: fe:8b:21:24:9c:2c:6d:63:1f:71:26:35:b7:57:40: 87:c3:fb:ba:80:73:70:db:9d:2c:6d:38:ae:e4:7a: 9a:9d:50:ba:5b:b5:2e:ad:07:24:b6:de:ed:a7:00: fc:3a:af:5f:3b:d3:0c:26:77:3c:d7:cf:37:d5:80: 11:53:61:f3:c7:b7:4a:bd:2e:11:9d:91:ff:50:63: bf:66:37:e1:01:4a:cc:64:73:a3:b5:6a:20:cc:4d: fa:e3:c0:cb:72:0b:75:a4:46:6b:d7:2c:2e:87:95: 71:d0:03:7c:94:2c:16:ad:91:47:4c:fc:e3:28:a6: 6b:c5:b3:b1:a0:b7:b2:ae:f6:89:e7:68:ff:ae:21: 8e:fd:21:16:c7:70:91:d6:5c:db:7f:23:0a:28:cd: 43:dc:2e:07:fe:2b:bb:c5:b7:9f:3d:2a:7f:50:a6: 7e:60:78:e5:ad:6d:d5:68:27:c4:8f:13:c7:19:23: ef:aa:c9:64:21:1d:b5:63:67:f2:9a:96:d4:fe:80: b4:df:5d:b7:3c:6a:14:bb:38:18:67:be:72:24:fd: 27:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:79:D6:3F:E1:F5:5B:57:8B:05:45:75:0D:FB:A8:FF:A1:D0:D5:90 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144956.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a902::/32 Signature Algorithm: sha256WithRSAEncryption d1:9f:e6:56:52:92:9e:23:a3:0a:68:63:0a:69:bf:22:66:19: 04:95:92:45:56:43:2e:62:51:be:00:e7:01:ba:6b:11:eb:c3: 9f:42:61:db:27:84:98:c7:c7:13:c9:4e:03:43:33:f3:28:91: 8d:62:fb:63:80:9f:a4:ab:a9:50:f6:b6:0f:0b:bd:79:b5:79: f5:bf:f6:00:67:c8:13:de:82:ee:c7:fd:05:45:bb:17:4b:00: 55:be:56:04:db:95:f1:b9:20:2a:1a:4b:51:bb:12:f9:d0:17: 83:4a:d7:15:f9:d9:51:53:30:1f:64:d4:d6:17:8b:c6:8f:2e: 2d:a1:a4:65:ee:57:62:cf:8e:96:5c:ee:cd:ca:7b:38:81:a8: bc:f1:d6:f4:4f:a2:55:b6:78:e7:10:25:49:4f:39:9b:73:a6: f2:da:4e:c3:31:9f:f8:de:0b:90:1c:6c:0e:52:b7:49:f2:26: 6e:d8:37:9f:45:8b:49:d7:74:77:eb:83:08:c6:80:6a:99:8c: 9d:bc:6f:49:7e:93:e3:b0:3e:62:0b:32:01:c4:c9:8d:fe:12: d9:70:5f:26:04:28:73:a4:f4:36:d8:0b:6e:5d:2a:78:61:ef: 35:96:3b:3a:bf:09:fd:36:cb:52:72:77:67:9e:a3:13:26:58: d8:f0:1d:01 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHw3EpB0Pml1DiOrcxtiE9U+bvAIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxMVoX DTI3MDMwMzA2MjExMVowMzExMC8GA1UEAxMoMjE3OUQ2M0ZFMUY1NUI1NzhCMDU0 NTc1MERGQkE4RkZBMUQwRDU5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsHXd+oDvRndFW85y9ixyhzem4SoVmXK+jjoWxl4gztJ7pa2k2c2x4rUtQ1 /oshJJwsbWMfcSY1t1dAh8P7uoBzcNudLG04ruR6mp1Qulu1Lq0HJLbe7acA/Dqv XzvTDCZ3PNfPN9WAEVNh88e3Sr0uEZ2R/1Bjv2Y34QFKzGRzo7VqIMxN+uPAy3IL daRGa9csLoeVcdADfJQsFq2RR0z84yima8WzsaC3sq72iedo/64hjv0hFsdwkdZc 238jCijNQ9wuB/4ru8W3nz0qf1CmfmB45a1t1WgnxI8Txxkj76rJZCEdtWNn8pqW 1P6AtN9dtzxqFLs4GGe+ciT9JzUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQhedY/ 4fVbV4sFRXUN+6j/odDVkDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qQIwDQYJKoZIhvcNAQELBQADggEBANGf5lZSkp4jowpoYwppvyJmGQSVkkVWQy5i Ub4A5wG6axHrw59CYdsnhJjHxxPJTgNDM/MokY1i+2OAn6SrqVD2tg8LvXm1efW/ 9gBnyBPegu7H/QVFuxdLAFW+VgTblfG5ICoaS1G7EvnQF4NK1xX52VFTMB9k1NYX i8aPLi2hpGXuV2LPjpZc7s3KeziBqLzx1vRPolW2eOcQJUlPOZtzpvLaTsMxn/je C5AcbA5St0nyJm7YN59Fi0nXdHfrgwjGgGqZjJ28b0l+k+OwPmILMgHEyY3+Etlw XyYEKHOk9DbYC25dKnhh7zWWOzq/Cf02y1Jyd2eeoxMmWNjwHQE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:06 2026 by rpki-client