$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144018.roa File: AS144018.roa (raw, json) Hash identifier: F1tq+rNZBQI5UNcGhV8KQGBkPnj4YxZCophYnxvX6SA= Subject key identifier: 22:9A:43:1C:E7:78:BB:09:6E:83:E3:69:3C:DD:8A:EA:DE:E9:47:F3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 780418F8619C78585DBB18598B8E2247443F429A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144018.roa Signing time: Wed 04 Mar 2026 06:15:10 +0000 ROA not before: Wed 04 Mar 2026 06:10:10 +0000 ROA not after: Wed 03 Mar 2027 06:15:10 +0000 asID: 144018 IP address blocks: 240a:a558::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:04:18:f8:61:9c:78:58:5d:bb:18:59:8b:8e:22:47:44:3f:42:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:10 2026 GMT Not After : Mar 3 06:15:10 2027 GMT Subject: CN=229A431CE778BB096E83E3693CDD8AEADEE947F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:a0:d3:c8:06:ed:4d:b1:97:ea:86:c7:8b:41: 7d:33:98:4a:dc:db:fb:d7:fe:fb:e7:5a:9d:e7:30: 2a:78:a8:bc:e4:58:53:02:04:07:92:4a:37:7b:c3: 11:78:95:ed:73:fa:ca:be:d6:6e:c4:e2:c9:45:64: d8:bc:40:d3:7b:c5:d5:e9:0b:26:b6:e9:ef:90:50: 01:d7:60:9b:7a:f3:eb:f9:29:c9:b7:48:fe:f0:33: 20:62:c8:eb:6a:08:00:f4:81:93:09:6c:35:5c:01: 64:58:f1:4e:29:f8:28:08:88:6c:b4:c2:be:5c:ed: 25:ba:e2:db:b0:e2:c3:71:eb:7e:86:ed:50:d0:f0: c7:fd:ae:9d:09:c4:d0:29:6a:f1:42:2a:b2:f3:37: 61:e5:17:17:48:f5:b6:3c:ab:55:d7:53:c9:10:62: 8c:32:2b:81:f2:a4:73:65:af:c1:66:4b:bc:71:6f: 43:2e:36:fb:ec:cd:26:8f:87:89:b8:75:cb:af:92: cb:6e:5e:ab:be:cb:45:31:8d:74:32:dd:45:ab:2c: fc:aa:22:be:d9:f2:29:0b:b5:36:1c:c2:27:dc:97: ec:09:d1:1d:3c:b2:6e:97:da:8c:5f:42:d6:c5:68: 3b:a2:2f:d0:cc:8f:93:db:0b:d9:7c:65:91:da:a7: a8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:9A:43:1C:E7:78:BB:09:6E:83:E3:69:3C:DD:8A:EA:DE:E9:47:F3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144018.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a558::/32 Signature Algorithm: sha256WithRSAEncryption 0f:e7:42:bc:3c:5b:ad:36:5b:30:f2:9c:41:79:91:e1:a7:37: 73:bc:3d:16:14:1c:46:d1:72:a0:4a:eb:30:46:52:4b:a1:b7: a0:bf:f3:ad:0d:c8:84:f9:3b:8f:6d:de:44:7d:2a:78:ac:35: 33:4b:20:cc:df:5b:15:88:34:cf:57:ab:47:30:0a:88:97:77: ea:d0:2c:08:14:75:19:53:3c:35:e2:91:b0:b4:17:dc:3c:4d: 30:a8:ee:15:e4:81:29:a2:fc:ce:48:b5:35:4e:13:60:e1:26: ec:e3:90:00:35:1a:8c:fe:39:a2:48:95:2d:78:82:db:73:8e: 5c:4d:7c:4a:48:df:c2:1e:85:cb:a5:a3:d6:d7:33:09:50:f3: 49:9e:9a:bd:e6:6a:41:2a:1f:e4:b0:26:c9:0e:31:8d:1e:c7: ee:9f:21:ad:2b:f9:bb:cb:98:2d:11:36:c6:81:18:db:9e:a2: c8:e7:db:9f:7e:00:7e:42:dc:26:c3:da:94:dd:33:70:e1:6d: 7a:37:ff:90:5e:32:00:63:e1:4f:00:7e:f8:ad:a2:54:43:00: b0:37:f2:bd:bd:70:c6:eb:b3:57:16:18:62:4d:70:b5:76:da: 72:a2:75:51:7d:a1:fa:4f:c3:79:fb:5c:06:dd:b1:99:6a:70: 8b:27:86:2e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeAQY+GGceFhduxhZi44iR0Q/QpowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxMFoX DTI3MDMwMzA2MTUxMFowMzExMC8GA1UEAxMoMjI5QTQzMUNFNzc4QkIwOTZFODNF MzY5M0NERDhBRUFERUU5NDdGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKyg08gG7U2xl+qGx4tBfTOYStzb+9f+++danecwKniovORYUwIEB5JKN3vD EXiV7XP6yr7WbsTiyUVk2LxA03vF1ekLJrbp75BQAddgm3rz6/kpybdI/vAzIGLI 62oIAPSBkwlsNVwBZFjxTin4KAiIbLTCvlztJbri27Diw3HrfobtUNDwx/2unQnE 0Clq8UIqsvM3YeUXF0j1tjyrVddTyRBijDIrgfKkc2WvwWZLvHFvQy42++zNJo+H ibh1y6+Sy25eq77LRTGNdDLdRass/KoivtnyKQu1NhzCJ9yX7AnRHTyybpfajF9C 1sVoO6Iv0MyPk9sL2XxlkdqnqE8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQimkMc 53i7CW6D42k83Yrq3ulH8zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pVgwDQYJKoZIhvcNAQELBQADggEBAA/nQrw8W602WzDynEF5keGnN3O8PRYUHEbR cqBK6zBGUkuht6C/860NyIT5O49t3kR9KnisNTNLIMzfWxWINM9Xq0cwCoiXd+rQ LAgUdRlTPDXikbC0F9w8TTCo7hXkgSmi/M5ItTVOE2DhJuzjkAA1Goz+OaJIlS14 gttzjlxNfEpI38Iehculo9bXMwlQ80memr3makEqH+SwJskOMY0ex+6fIa0r+bvL mC0RNsaBGNueosjn259+AH5C3CbD2pTdM3DhbXo3/5BeMgBj4U8AfvitolRDALA3 8r29cMbrs1cWGGJNcLV22nKidVF9ofpPw3n7XAbdsZlqcIsnhi4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:26 2026 by rpki-client