$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144965.roa File: AS144965.roa (raw, json) Hash identifier: i/isJyM5tskLXcqOVd+d6/wyYNcJrG9b8TKKn7J5VPg= Subject key identifier: 75:CB:AF:0C:2E:36:3A:54:22:85:04:41:CB:0C:AE:51:41:7D:83:ED Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 03BC9EB30C9972D1B37F290D53724978433C6745 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144965.roa Signing time: Wed 04 Mar 2026 06:19:41 +0000 ROA not before: Wed 04 Mar 2026 06:14:41 +0000 ROA not after: Wed 03 Mar 2027 06:19:41 +0000 asID: 144965 IP address blocks: 240a:a90b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:bc:9e:b3:0c:99:72:d1:b3:7f:29:0d:53:72:49:78:43:3c:67:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:41 2026 GMT Not After : Mar 3 06:19:41 2027 GMT Subject: CN=75CBAF0C2E363A5422850441CB0CAE51417D83ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:50:c7:bd:08:02:15:15:86:33:50:17:0c:9a: 96:a5:1d:62:f5:2c:ec:66:53:4e:a6:a8:a0:f4:1e: 7b:23:60:c0:e6:ba:bb:06:67:65:8a:e8:75:4e:8d: d4:5e:29:60:3a:d0:25:9c:c8:57:fe:0b:ef:da:a2: e2:8a:01:a9:a2:5e:82:d6:a3:ab:40:e6:f1:54:2e: f3:14:bc:38:e4:93:44:8f:42:14:34:7f:28:00:40: 71:db:0a:2e:17:1b:2d:78:42:42:d4:3b:82:a4:e3: 42:b1:21:e1:63:ac:65:fe:4e:9b:30:fb:e2:30:fc: 6b:5b:2f:55:37:21:2e:c0:d6:ab:93:51:60:c5:2c: 86:f4:08:e5:a7:1e:c6:28:0d:a1:94:2f:68:92:58: 0e:d0:fb:2d:27:83:e4:56:b9:27:32:09:cc:1e:59: 2a:15:72:b9:52:ce:e5:33:10:18:0c:61:65:0b:a4: 45:fc:55:b2:55:5d:0b:e1:c8:16:4c:13:cc:07:23: 92:d1:45:3c:22:01:0f:78:bb:e9:d9:f6:a2:68:f0: e4:2b:ae:c9:96:9d:c7:73:10:7d:9c:6f:99:66:92: da:08:4a:55:65:b1:bf:1e:7c:09:3f:83:f9:ab:de: 39:81:48:06:41:e7:55:76:b6:d6:e7:40:b9:3f:0e: 2d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:CB:AF:0C:2E:36:3A:54:22:85:04:41:CB:0C:AE:51:41:7D:83:ED X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144965.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a90b::/32 Signature Algorithm: sha256WithRSAEncryption 4b:eb:32:1d:6c:df:7b:59:f6:67:f0:26:fc:f4:14:24:c5:e0: 5a:0d:4f:7b:2c:4c:07:e7:a0:ea:98:74:2c:0d:b0:e5:84:dc: f0:f4:db:bf:ce:9d:76:22:56:64:9c:6a:b0:77:cb:00:37:18: bf:05:a9:45:94:85:f6:49:fd:88:68:32:eb:ad:8a:8d:3a:75: e4:be:64:c1:d9:a4:cb:e6:fa:cf:fe:4c:88:bc:17:12:3c:33: c3:1c:44:98:c4:0b:b7:8a:db:f1:46:93:28:03:55:39:aa:d8: fb:ca:8d:5c:30:53:32:98:41:fa:a4:a6:4c:82:e2:00:3b:e8: cc:88:09:49:57:ed:39:1c:39:ef:21:8d:45:a5:d1:62:86:40: 47:01:e2:9e:bc:3d:b7:dc:4a:fd:a6:42:6b:61:a2:27:cc:cc: 8d:f5:4b:27:3b:d8:b5:54:5f:90:e4:08:bc:89:fd:63:39:0a: 75:76:44:5f:aa:1d:64:65:3a:d3:78:06:6e:ed:af:5b:cc:21: 0f:71:d6:5a:25:d7:d9:31:75:40:fa:22:29:d5:8a:f7:2a:fc: 56:c7:e2:10:3e:21:22:76:35:5b:50:d9:14:34:4f:79:f3:03: d1:91:fa:07:2b:6e:0b:17:44:21:63:f1:72:10:9f:01:ab:f9: b8:18:9f:e0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA7yeswyZctGzfykNU3JJeEM8Z0UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0MVoX DTI3MDMwMzA2MTk0MVowMzExMC8GA1UEAxMoNzVDQkFGMEMyRTM2M0E1NDIyODUw NDQxQ0IwQ0FFNTE0MTdEODNFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlQx70IAhUVhjNQFwyalqUdYvUs7GZTTqaooPQeeyNgwOa6uwZnZYrodU6N 1F4pYDrQJZzIV/4L79qi4ooBqaJegtajq0Dm8VQu8xS8OOSTRI9CFDR/KABAcdsK LhcbLXhCQtQ7gqTjQrEh4WOsZf5OmzD74jD8a1svVTchLsDWq5NRYMUshvQI5ace xigNoZQvaJJYDtD7LSeD5Fa5JzIJzB5ZKhVyuVLO5TMQGAxhZQukRfxVslVdC+HI FkwTzAcjktFFPCIBD3i76dn2omjw5CuuyZadx3MQfZxvmWaS2ghKVWWxvx58CT+D +aveOYFIBkHnVXa21udAuT8OLQcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR1y68M LjY6VCKFBEHLDK5RQX2D7TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk2NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qQswDQYJKoZIhvcNAQELBQADggEBAEvrMh1s33tZ9mfwJvz0FCTF4FoNT3ssTAfn oOqYdCwNsOWE3PD027/OnXYiVmScarB3ywA3GL8FqUWUhfZJ/YhoMuutio06deS+ ZMHZpMvm+s/+TIi8FxI8M8McRJjEC7eK2/FGkygDVTmq2PvKjVwwUzKYQfqkpkyC 4gA76MyICUlX7TkcOe8hjUWl0WKGQEcB4p68PbfcSv2mQmthoifMzI31Syc72LVU X5DkCLyJ/WM5CnV2RF+qHWRlOtN4Bm7tr1vMIQ9x1lol19kxdUD6IinVivcq/FbH 4hA+ISJ2NVtQ2RQ0T3nzA9GR+gcrbgsXRCFj8XIQnwGr+bgYn+A= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:17 2026 by rpki-client