$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144022.roa File: AS144022.roa (raw, json) Hash identifier: tFE/fY62bKKAQUqSGfjsj9P1gl8SgmTk2EJlAtdhZZ8= Subject key identifier: 4B:8A:63:8C:86:B9:7B:06:BB:B3:E7:F0:90:83:46:9B:71:D5:30:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2B3F5A14823A007873EED9FDD56E1EEF04D19895 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144022.roa Signing time: Wed 04 Mar 2026 06:12:33 +0000 ROA not before: Wed 04 Mar 2026 06:07:33 +0000 ROA not after: Wed 03 Mar 2027 06:12:33 +0000 asID: 144022 IP address blocks: 240a:a55c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:3f:5a:14:82:3a:00:78:73:ee:d9:fd:d5:6e:1e:ef:04:d1:98:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:33 2026 GMT Not After : Mar 3 06:12:33 2027 GMT Subject: CN=4B8A638C86B97B06BBB3E7F09083469B71D53013 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:21:7f:71:3f:2b:0f:45:a2:c7:7a:be:ca:bd: f7:d3:18:80:c3:bc:c1:d8:fd:03:6e:27:a5:e7:45: 52:9e:43:f4:49:2a:3b:4a:e3:50:c7:0b:c3:14:28: 82:87:aa:3b:2a:0c:05:19:08:2d:76:ed:cf:f5:46: 78:8e:e0:00:d6:d2:51:65:34:70:6a:16:e2:ea:c4: 5b:30:c6:03:e2:b0:b2:77:eb:1f:79:b8:2e:77:84: ab:28:bc:50:b6:35:89:e5:22:45:6d:db:8b:9f:b5: a9:fd:85:25:07:bb:75:5b:c6:a0:d3:49:3d:87:9a: 3a:bc:af:6d:15:bc:59:0a:56:c6:8d:e2:6e:22:55: f7:13:a8:7a:15:0f:d1:00:d9:2b:77:0e:17:7f:b7: 13:4a:05:49:51:73:f1:06:b9:e8:2a:bc:06:63:73: ee:93:be:52:f7:6d:0f:1f:3e:51:42:e2:8f:8b:06: 7c:a3:75:bb:39:77:94:f5:a4:34:cd:22:56:4c:91: 79:5b:90:02:f5:2d:3a:2d:a8:57:ae:ae:c6:31:b6: 96:95:dd:34:11:97:3f:03:f9:93:ae:bf:d7:0e:82: 8a:e0:48:57:73:4d:fd:0a:9b:cb:62:72:2a:70:55: 66:4a:68:ca:2d:f8:c3:ac:ae:9a:d7:aa:9f:86:10: 9d:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:8A:63:8C:86:B9:7B:06:BB:B3:E7:F0:90:83:46:9B:71:D5:30:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144022.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a55c::/32 Signature Algorithm: sha256WithRSAEncryption b5:cd:f0:e1:59:87:55:40:b9:6f:0b:7c:c5:5a:52:bd:ac:93: e0:73:10:22:f6:3e:80:c2:41:d5:7a:e6:ec:e9:98:61:57:07: 34:2c:fc:59:60:f1:3c:5b:49:41:bd:63:96:51:62:24:fd:e8: 1b:c1:22:be:5f:11:69:d9:66:a8:e4:a9:92:d9:71:33:c2:83: 30:3d:82:a5:6f:53:be:0b:3c:9a:90:98:36:38:a5:41:44:36: c3:cd:a6:b6:de:d9:2d:e5:aa:06:3f:e2:0c:e5:6d:16:0b:0d: e6:50:e2:c2:6d:99:93:00:72:7d:c4:fa:ff:7a:45:a3:a8:a2: f6:f7:a3:ab:9b:40:af:0a:78:d5:93:ac:39:55:11:c3:76:51: 33:2e:47:4f:52:12:ed:79:75:3d:5c:6e:01:dd:16:9d:2a:47: 23:fc:47:0b:42:44:08:31:c0:3b:f6:b6:81:87:71:e9:52:1a: 04:39:8a:ec:a1:a3:67:d1:e7:9c:23:a3:38:81:39:01:a2:21: e6:2b:5c:7a:e8:53:6d:f9:a5:65:51:47:0f:9a:6f:05:e3:19: 52:03:11:56:2c:d7:bc:00:f3:c9:97:51:46:e7:de:ae:c9:9d: 3c:42:bb:db:1c:b1:fc:dd:c0:c7:15:9e:09:b6:b8:c7:4e:87: c3:e3:cd:9a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKz9aFII6AHhz7tn91W4e7wTRmJUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczM1oX DTI3MDMwMzA2MTIzM1owMzExMC8GA1UEAxMoNEI4QTYzOEM4NkI5N0IwNkJCQjNF N0YwOTA4MzQ2OUI3MUQ1MzAxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJQhf3E/Kw9Fosd6vsq999MYgMO8wdj9A24npedFUp5D9EkqO0rjUMcLwxQo goeqOyoMBRkILXbtz/VGeI7gANbSUWU0cGoW4urEWzDGA+KwsnfrH3m4LneEqyi8 ULY1ieUiRW3bi5+1qf2FJQe7dVvGoNNJPYeaOryvbRW8WQpWxo3ibiJV9xOoehUP 0QDZK3cOF3+3E0oFSVFz8Qa56Cq8BmNz7pO+UvdtDx8+UULij4sGfKN1uzl3lPWk NM0iVkyReVuQAvUtOi2oV66uxjG2lpXdNBGXPwP5k66/1w6CiuBIV3NN/Qqby2Jy KnBVZkpoyi34w6yumteqn4YQnTECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRLimOM hrl7Bruz5/CQg0abcdUwEzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDAyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pVwwDQYJKoZIhvcNAQELBQADggEBALXN8OFZh1VAuW8LfMVaUr2sk+BzECL2PoDC QdV65uzpmGFXBzQs/Flg8TxbSUG9Y5ZRYiT96BvBIr5fEWnZZqjkqZLZcTPCgzA9 gqVvU74LPJqQmDY4pUFENsPNprbe2S3lqgY/4gzlbRYLDeZQ4sJtmZMAcn3E+v96 RaOoovb3o6ubQK8KeNWTrDlVEcN2UTMuR09SEu15dT1cbgHdFp0qRyP8RwtCRAgx wDv2toGHcelSGgQ5iuyho2fR55wjoziBOQGiIeYrXHroU235pWVRRw+abwXjGVID EVYs17wA88mXUUbn3q7JnTxCu9scsfzdwMcVngm2uMdOh8PjzZo= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:46 2026 by rpki-client