$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144960.roa File: AS144960.roa (raw, json) Hash identifier: PxBpS/wB7prOWUztCJqJ00jOVwO4xqG3m+oe/S2/AaY= Subject key identifier: C4:36:A2:42:BF:C0:F1:DB:11:20:BB:22:32:F5:22:6A:DF:1A:68:49 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 03F57196180C4A229F8D4D544DE40B5EB33E8331 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144960.roa Signing time: Wed 04 Mar 2026 06:21:26 +0000 ROA not before: Wed 04 Mar 2026 06:16:26 +0000 ROA not after: Wed 03 Mar 2027 06:21:26 +0000 asID: 144960 IP address blocks: 240a:a906::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:f5:71:96:18:0c:4a:22:9f:8d:4d:54:4d:e4:0b:5e:b3:3e:83:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:26 2026 GMT Not After : Mar 3 06:21:26 2027 GMT Subject: CN=C436A242BFC0F1DB1120BB2232F5226ADF1A6849 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ef:41:39:a9:6b:a6:3a:8a:72:f5:d4:98:8c: 9a:00:c0:27:e9:5d:50:a0:22:9a:f3:d3:33:a0:44: 60:72:e4:31:63:aa:c4:5e:55:00:df:9d:42:8c:40: 3e:f1:a8:02:9b:7a:5b:8c:96:b3:84:8c:15:05:aa: a7:fa:e3:38:38:ed:c2:f5:49:06:ad:71:61:4c:04: ba:e6:e5:5e:ec:0d:2a:07:ef:44:79:b1:f4:01:db: 60:56:eb:34:2b:19:98:17:d6:fe:be:c2:f7:d2:d2: 49:38:65:30:56:6b:62:24:f8:66:a5:16:5a:87:65: a1:6f:cd:fb:86:c4:5d:e9:8c:48:28:f5:2a:58:63: a5:e6:67:81:46:71:3d:46:ef:4f:df:d7:82:9a:0c: 70:37:6e:1b:aa:e5:f9:20:85:7b:68:41:35:41:88: cf:c2:fa:de:ee:a0:a0:f8:3a:06:5f:80:eb:48:58: 9d:c2:d8:9e:15:68:a6:a7:38:0e:bf:07:c8:ad:ff: 1c:e6:e9:68:37:f9:93:c2:d2:9d:98:7e:04:e3:a7: f7:c7:97:a4:36:86:40:6e:be:0c:d5:10:c5:89:bd: 61:e5:b2:b9:06:fd:ca:9a:b5:bb:00:97:f7:a2:28: 08:bc:60:3c:1a:55:e4:b2:c0:ff:d6:4f:88:76:a5: dc:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:36:A2:42:BF:C0:F1:DB:11:20:BB:22:32:F5:22:6A:DF:1A:68:49 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144960.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a906::/32 Signature Algorithm: sha256WithRSAEncryption 19:e5:0e:d0:94:24:38:ee:b7:f1:8d:ef:6f:8c:8c:de:3b:35: 06:3f:c9:a2:cd:20:0d:85:60:9a:c5:fe:ea:dc:1e:2e:07:80: 12:15:46:c9:0f:d3:1e:e1:0d:9d:a2:14:d2:79:d2:36:f9:70: ef:f6:22:51:94:15:db:ac:e2:2b:c8:9f:f0:82:93:81:ec:e5: f6:d6:e7:d4:fd:69:86:bb:3f:ba:e1:79:65:3d:2d:75:16:a8: f7:09:7f:46:2e:f3:dd:41:14:fd:41:2d:7a:a9:48:11:c7:79: dc:81:1a:cf:31:ad:54:02:05:06:d8:d6:4d:fe:ca:42:eb:15: 2d:88:38:ab:87:ed:f2:e5:f8:1c:7d:b8:18:18:bc:e7:79:b0: 3c:75:49:2d:4f:bd:c3:46:67:da:fe:ca:d1:0d:57:1d:22:4c: bf:06:af:ce:2c:63:12:63:a4:03:91:f4:a9:89:3d:79:cb:37: ad:ee:de:9f:eb:4b:77:2f:6a:3f:6b:e0:78:4b:15:2a:4f:4d: 55:ca:0f:0b:33:b8:1b:4c:52:d6:df:84:d1:14:90:37:dd:6e: 7a:9c:2e:ca:77:b8:18:85:7d:74:8f:37:e0:6f:f9:d0:36:6a: b0:54:4e:78:47:71:a7:ed:a7:77:ec:2d:d5:28:d1:9c:09:0c: 4b:a9:bc:91 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA/VxlhgMSiKfjU1UTeQLXrM+gzEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyNloX DTI3MDMwMzA2MjEyNlowMzExMC8GA1UEAxMoQzQzNkEyNDJCRkMwRjFEQjExMjBC QjIyMzJGNTIyNkFERjFBNjg0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKPvQTmpa6Y6inL11JiMmgDAJ+ldUKAimvPTM6BEYHLkMWOqxF5VAN+dQoxA PvGoApt6W4yWs4SMFQWqp/rjODjtwvVJBq1xYUwEuublXuwNKgfvRHmx9AHbYFbr NCsZmBfW/r7C99LSSThlMFZrYiT4ZqUWWodloW/N+4bEXemMSCj1KlhjpeZngUZx PUbvT9/XgpoMcDduG6rl+SCFe2hBNUGIz8L63u6goPg6Bl+A60hYncLYnhVopqc4 Dr8HyK3/HObpaDf5k8LSnZh+BOOn98eXpDaGQG6+DNUQxYm9YeWyuQb9ypq1uwCX 96IoCLxgPBpV5LLA/9ZPiHal3O0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTENqJC v8Dx2xEguyIy9SJq3xpoSTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qQYwDQYJKoZIhvcNAQELBQADggEBABnlDtCUJDjut/GN72+MjN47NQY/yaLNIA2F YJrF/urcHi4HgBIVRskP0x7hDZ2iFNJ50jb5cO/2IlGUFdus4ivIn/CCk4Hs5fbW 59T9aYa7P7rheWU9LXUWqPcJf0Yu891BFP1BLXqpSBHHedyBGs8xrVQCBQbY1k3+ ykLrFS2IOKuH7fLl+Bx9uBgYvOd5sDx1SS1PvcNGZ9r+ytENVx0iTL8Gr84sYxJj pAOR9KmJPXnLN63u3p/rS3cvaj9r4HhLFSpPTVXKDwszuBtMUtbfhNEUkDfdbnqc Lsp3uBiFfXSPN+Bv+dA2arBUTnhHcaftp3fsLdUo0ZwJDEupvJE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:52 2026 by rpki-client