$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144976.roa File: AS144976.roa (raw, json) Hash identifier: O6KY+b9Vn4ZOddsQ4Q6lDjBLX+tdrtMgmM+UrBzXC1c= Subject key identifier: 13:E9:94:E1:73:62:70:4C:AB:2F:01:6C:59:3A:72:9E:F8:5F:EF:E8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 45D24AC4C616A9780DD3F531AFCFDC1375779C53 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144976.roa Signing time: Wed 04 Mar 2026 06:21:59 +0000 ROA not before: Wed 04 Mar 2026 06:16:59 +0000 ROA not after: Wed 03 Mar 2027 06:21:59 +0000 asID: 144976 IP address blocks: 240a:a916::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:d2:4a:c4:c6:16:a9:78:0d:d3:f5:31:af:cf:dc:13:75:77:9c:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:59 2026 GMT Not After : Mar 3 06:21:59 2027 GMT Subject: CN=13E994E17362704CAB2F016C593A729EF85FEFE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:32:72:45:69:50:6d:fa:dc:17:c5:9d:28:af: cb:c8:56:38:f0:a4:ad:31:1d:df:27:74:e8:dc:32: 28:bd:42:37:33:d8:e7:0c:ed:4d:b3:b5:3b:84:12: 94:58:fb:ba:e4:33:5e:8a:5c:08:e5:6e:0d:d9:c2: e8:73:71:24:11:e6:c6:ee:d0:8b:56:42:b8:cb:21: 77:15:c5:6e:c5:c5:77:1f:af:a4:bf:6d:e1:94:e1: e6:25:cc:f8:df:07:10:fd:79:3d:43:2b:77:c4:c1: 9b:8c:75:2a:95:18:dd:c3:2e:6f:ad:21:af:52:c9: 66:44:49:70:f2:1e:ea:cb:73:15:7b:f1:40:d3:22: e4:93:23:f5:76:cb:b4:65:3f:11:8c:48:3d:29:ae: 6a:38:30:21:e2:11:48:b5:e2:9d:ca:00:4e:47:04: 17:9c:30:67:85:66:7f:9f:bb:fe:b1:c5:bb:2d:51: de:fe:57:33:c3:31:48:ca:df:c6:d2:75:d2:2e:4d: 3b:dd:77:87:30:c2:cc:a3:1f:7b:4c:d1:af:09:92: 83:3f:35:66:8d:57:65:88:0f:82:88:14:c4:ff:9c: 51:c4:27:cb:82:95:0b:ff:72:41:61:e5:90:1e:67: 50:93:48:69:4e:f4:e6:d7:e6:67:0c:63:85:fb:ac: ad:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:E9:94:E1:73:62:70:4C:AB:2F:01:6C:59:3A:72:9E:F8:5F:EF:E8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144976.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a916::/32 Signature Algorithm: sha256WithRSAEncryption a9:b9:5c:1f:14:71:31:d1:86:d8:f8:57:e2:09:f4:8c:fa:6c: 17:7b:7c:3d:ce:0c:5e:ef:ec:f1:17:72:2c:a0:c8:50:25:57: 95:a6:b5:f7:ba:ef:cd:ce:ce:50:42:a9:14:4f:bf:01:27:1b: 5b:74:00:fa:ac:dc:ae:66:dd:1a:ff:2a:73:c9:ac:14:fa:dd: f2:10:e6:ac:69:44:c6:78:5b:4a:99:ef:9d:e5:18:7e:92:bf: f8:ac:2e:a4:6b:95:0b:0f:a4:3d:f9:9b:c1:d5:68:39:a8:bb: b7:1e:7e:0d:60:02:03:9a:b4:0a:83:69:4c:c5:69:8e:fb:c5: 2c:b5:cd:9e:3d:c4:71:99:69:dd:e0:53:de:d1:c4:d3:95:89: c1:f4:7d:b1:f0:33:83:a2:a5:1b:1b:80:81:86:8c:f5:df:69: 15:6f:20:ad:1e:69:82:bd:07:d6:70:ec:7f:28:3e:97:a9:44: 5d:02:0e:f7:a1:d8:1b:10:6f:b2:df:43:5a:d4:d7:64:70:9e: 22:b6:fb:4f:ca:b8:e1:e4:17:77:b2:5b:d7:15:cf:43:50:fb: 70:35:2e:3f:18:5d:d7:47:2b:a9:8c:af:cc:24:1c:2a:ae:5a: a4:0d:f2:af:ef:f9:54:77:7f:85:9a:e2:19:67:56:58:5b:4c: ba:e5:a4:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURdJKxMYWqXgN0/Uxr8/cE3V3nFMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1OVoX DTI3MDMwMzA2MjE1OVowMzExMC8GA1UEAxMoMTNFOTk0RTE3MzYyNzA0Q0FCMkYw MTZDNTkzQTcyOUVGODVGRUZFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMEyckVpUG363BfFnSivy8hWOPCkrTEd3yd06NwyKL1CNzPY5wztTbO1O4QS lFj7uuQzXopcCOVuDdnC6HNxJBHmxu7Qi1ZCuMshdxXFbsXFdx+vpL9t4ZTh5iXM +N8HEP15PUMrd8TBm4x1KpUY3cMub60hr1LJZkRJcPIe6stzFXvxQNMi5JMj9XbL tGU/EYxIPSmuajgwIeIRSLXincoATkcEF5wwZ4Vmf5+7/rHFuy1R3v5XM8MxSMrf xtJ10i5NO913hzDCzKMfe0zRrwmSgz81Zo1XZYgPgogUxP+cUcQny4KVC/9yQWHl kB5nUJNIaU705tfmZwxjhfusrWcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQT6ZTh c2JwTKsvAWxZOnKe+F/v6DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qRYwDQYJKoZIhvcNAQELBQADggEBAKm5XB8UcTHRhtj4V+IJ9Iz6bBd7fD3ODF7v 7PEXciygyFAlV5Wmtfe6783OzlBCqRRPvwEnG1t0APqs3K5m3Rr/KnPJrBT63fIQ 5qxpRMZ4W0qZ753lGH6Sv/isLqRrlQsPpD35m8HVaDmou7cefg1gAgOatAqDaUzF aY77xSy1zZ49xHGZad3gU97RxNOVicH0fbHwM4OipRsbgIGGjPXfaRVvIK0eaYK9 B9Zw7H8oPpepRF0CDveh2BsQb7LfQ1rU12RwniK2+0/KuOHkF3eyW9cVz0NQ+3A1 Lj8YXddHK6mMr8wkHCquWqQN8q/v+VR3f4Wa4hlnVlhbTLrlpCQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:33 2026 by rpki-client