$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144995.roa File: AS144995.roa (raw, json) Hash identifier: IwLZGKEkgdfoorrVkB8y9/61mV0/Jz3v7h+jBEUcfzg= Subject key identifier: 1D:0A:4A:52:7E:EE:4E:7F:FB:29:78:24:0D:2E:C8:7C:CA:6A:EE:36 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0CAEB5AD50367DE133842432F98FF366B6F19D18 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144995.roa Signing time: Wed 04 Mar 2026 06:20:05 +0000 ROA not before: Wed 04 Mar 2026 06:15:05 +0000 ROA not after: Wed 03 Mar 2027 06:20:05 +0000 asID: 144995 IP address blocks: 240a:a929::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:ae:b5:ad:50:36:7d:e1:33:84:24:32:f9:8f:f3:66:b6:f1:9d:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:05 2026 GMT Not After : Mar 3 06:20:05 2027 GMT Subject: CN=1D0A4A527EEE4E7FFB2978240D2EC87CCA6AEE36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:0b:91:9c:4b:f5:a9:82:94:3b:10:67:14:56: 20:5b:5a:22:9e:7b:b8:27:1d:c4:4d:ba:5f:0d:84: b6:0a:58:9e:76:9c:63:5c:c0:e7:16:09:95:39:46: c1:f0:d8:45:9f:32:94:1a:fe:b1:f3:0e:26:37:7a: 54:94:70:31:93:a6:a0:25:aa:54:cd:4a:61:2d:8c: fb:4c:a9:f5:bd:5d:7f:75:68:d0:01:38:59:05:10: 4d:af:d9:39:96:0c:14:9d:6f:65:fe:8f:4b:5a:ca: ef:bc:ec:52:54:a0:f7:d4:68:7e:f7:f6:c0:ba:a1: b3:99:9e:7b:9c:73:f8:87:96:4d:84:c2:33:16:53: 82:cb:23:e6:2a:0e:51:d8:8c:1b:ed:6d:08:a2:d2: ee:e2:cd:be:fa:59:2b:25:e5:49:5f:53:2e:5c:79: a9:03:aa:cf:4f:c0:1f:25:79:93:a0:32:98:a1:cf: 1b:c4:72:d1:e7:a7:19:fc:93:ec:57:30:dd:7d:02: ec:92:9f:0f:0d:67:74:8a:e3:47:74:06:61:2c:50: 93:07:78:f8:02:12:5f:9a:b8:0d:7f:ae:e6:46:66: f7:12:ed:ab:dd:69:96:73:e7:0b:b5:28:e8:c8:51: a7:55:c5:cb:1e:cc:32:04:4c:ac:0b:0a:54:1f:69: 83:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:0A:4A:52:7E:EE:4E:7F:FB:29:78:24:0D:2E:C8:7C:CA:6A:EE:36 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144995.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a929::/32 Signature Algorithm: sha256WithRSAEncryption 47:4f:e2:46:f5:fb:0b:21:b1:8f:5a:94:7d:54:e9:9a:56:27: 9b:5c:1b:09:69:0c:9b:49:f5:f3:e9:ee:15:be:ee:5b:d0:11: 1a:ec:b9:db:5f:17:56:72:a2:c5:60:20:27:53:97:e1:54:39: 7f:a7:34:dd:63:37:6e:37:14:c7:88:b4:e5:33:d2:f0:a0:0c: 10:25:bc:15:45:dd:ed:0f:6b:e3:ad:d4:59:67:c0:94:8a:00: a7:a9:05:bc:bc:d0:bf:94:f0:23:60:a7:4b:ba:c3:18:3d:77: d2:80:b4:af:9f:04:26:87:c3:e5:0b:ed:0d:2a:70:bf:b2:37: d0:e7:b4:2d:6a:f7:3d:05:02:8e:16:a6:31:e3:17:c3:02:5f: ed:9e:91:8d:6c:88:6c:90:68:6c:62:44:60:81:d3:37:ea:a2: 37:de:e3:35:46:b9:a1:1e:8a:fc:9b:ec:1e:6f:c9:00:79:1f: 2b:f3:33:e0:63:6a:4d:f7:0c:2a:a5:ba:18:c8:9e:d5:da:ad: f1:46:42:44:95:c7:d0:83:2e:2f:41:fb:60:a4:45:db:05:82: b9:82:ea:3d:e0:e5:34:c5:91:f4:38:b6:22:7d:4c:7d:f9:22: 4d:70:ef:de:3a:cd:6e:cb:7e:b2:50:dd:23:e1:b5:45:30:c9: c4:49:61:7f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDK61rVA2feEzhCQy+Y/zZrbxnRgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwNVoX DTI3MDMwMzA2MjAwNVowMzExMC8GA1UEAxMoMUQwQTRBNTI3RUVFNEU3RkZCMjk3 ODI0MEQyRUM4N0NDQTZBRUUzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANALkZxL9amClDsQZxRWIFtaIp57uCcdxE26Xw2EtgpYnnacY1zA5xYJlTlG wfDYRZ8ylBr+sfMOJjd6VJRwMZOmoCWqVM1KYS2M+0yp9b1df3Vo0AE4WQUQTa/Z OZYMFJ1vZf6PS1rK77zsUlSg99Rofvf2wLqhs5mee5xz+IeWTYTCMxZTgssj5ioO UdiMG+1tCKLS7uLNvvpZKyXlSV9TLlx5qQOqz0/AHyV5k6AymKHPG8Ry0eenGfyT 7Fcw3X0C7JKfDw1ndIrjR3QGYSxQkwd4+AISX5q4DX+u5kZm9xLtq91plnPnC7Uo 6MhRp1XFyx7MMgRMrAsKVB9pgysCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQdCkpS fu5Of/speCQNLsh8ymruNjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk5NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qSkwDQYJKoZIhvcNAQELBQADggEBAEdP4kb1+wshsY9alH1U6ZpWJ5tcGwlpDJtJ 9fPp7hW+7lvQERrsudtfF1ZyosVgICdTl+FUOX+nNN1jN243FMeItOUz0vCgDBAl vBVF3e0Pa+Ot1FlnwJSKAKepBby80L+U8CNgp0u6wxg9d9KAtK+fBCaHw+UL7Q0q cL+yN9DntC1q9z0FAo4WpjHjF8MCX+2ekY1siGyQaGxiRGCB0zfqojfe4zVGuaEe ivyb7B5vyQB5HyvzM+Bjak33DCqluhjIntXarfFGQkSVx9CDLi9B+2CkRdsFgrmC 6j3g5TTFkfQ4tiJ9TH35Ik1w7946zW7LfrJQ3SPhtUUwycRJYX8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:01 2026 by rpki-client