$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144088.roa File: AS144088.roa (raw, json) Hash identifier: X7fmVJLr7L0j3f7qu+eH/JCqFB7uIHHHSaMimHDK0QE= Subject key identifier: B2:52:CC:56:D9:0E:72:04:80:A7:1C:C5:5A:0C:68:E6:5B:1E:4A:77 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1A043461E8AA239CAD490D0AF121EE58CEC7CC30 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144088.roa Signing time: Wed 04 Mar 2026 06:14:18 +0000 ROA not before: Wed 04 Mar 2026 06:09:18 +0000 ROA not after: Wed 03 Mar 2027 06:14:18 +0000 asID: 144088 IP address blocks: 240a:a59e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:04:34:61:e8:aa:23:9c:ad:49:0d:0a:f1:21:ee:58:ce:c7:cc:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:18 2026 GMT Not After : Mar 3 06:14:18 2027 GMT Subject: CN=B252CC56D90E720480A71CC55A0C68E65B1E4A77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:50:ca:07:97:ad:f7:d0:84:9a:52:f9:3a:bd: dd:6c:aa:d5:73:5a:e0:94:c5:4a:2a:84:07:a3:97: 3c:54:ed:55:f8:3d:ec:3b:34:df:1a:dd:e5:32:ad: 9c:42:92:9d:14:18:4c:4b:fb:ff:47:b1:2e:7a:68: e9:f2:c1:45:7f:f9:ad:08:f3:e7:04:c5:51:ee:84: d3:e5:8a:e2:d0:0f:e7:b6:f6:2a:bb:74:2f:f2:8c: 67:08:8c:00:cd:50:e5:16:e1:98:d4:cd:ff:6b:68: 27:eb:eb:28:89:7a:00:d4:87:74:af:22:79:d7:94: e3:2b:13:df:54:f9:cc:a8:0b:b6:57:cb:9e:4b:12: d8:dc:45:6b:58:a9:a2:2c:38:90:2f:96:6b:5c:ff: d8:61:d9:9f:97:ea:dc:61:fd:8c:a4:04:42:e4:1b: 54:7b:93:4a:39:22:3a:ab:8b:0f:81:bf:61:30:2d: df:0d:ec:d0:75:f2:4c:c6:41:5c:54:2d:85:6f:d3: 41:48:84:fa:d2:60:b3:cd:a6:94:e1:f6:ad:fb:b1: 86:e9:86:10:aa:ac:60:d4:77:2e:73:e6:a0:86:95: b5:50:4c:52:ac:79:92:58:5b:eb:04:43:98:29:10: e7:48:7c:e2:18:23:b3:9d:b9:81:30:4b:a4:d7:2a: 68:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:52:CC:56:D9:0E:72:04:80:A7:1C:C5:5A:0C:68:E6:5B:1E:4A:77 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144088.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a59e::/32 Signature Algorithm: sha256WithRSAEncryption 10:de:fb:02:fc:f5:07:2e:d1:d0:c1:f0:9a:8b:b4:d4:d1:ed: ac:9d:d3:d3:ce:7a:4b:c8:88:84:41:64:a5:91:9a:0e:e5:ad: dd:bb:54:d5:52:48:f4:20:2c:07:60:7f:3d:4f:5e:49:00:bb: d2:99:cf:a2:48:f4:0b:c2:8c:85:06:19:52:9f:38:9a:fd:dc: 84:59:49:3d:73:fa:7e:d3:05:97:e5:1d:a3:3f:15:8f:78:dd: a3:e9:9d:01:5a:91:a5:d9:31:ef:21:ed:6d:f4:d8:e9:7a:75: 0e:fa:13:47:44:e9:b3:2d:6a:c9:5c:32:f3:16:1d:dd:69:dc: 63:ce:ee:ab:b6:2b:d7:b4:17:6f:06:54:fa:13:86:98:7a:94: c5:1b:a7:8e:a6:4d:56:af:2f:ac:44:03:95:3a:c5:78:07:7e: aa:f3:a7:a2:b6:ff:23:7e:d3:16:8d:9b:21:cf:7d:9a:09:cd: e4:ec:80:ec:ec:74:b4:b7:2b:5b:0a:fc:ed:13:30:d6:96:f1: 31:08:12:ad:62:6e:c9:6a:c6:3d:1b:c3:86:c3:d7:42:84:2c: ec:c2:40:c0:c5:05:b7:60:c5:6c:ec:0e:67:6e:a3:8e:56:56: eb:8e:57:f5:63:df:a5:34:15:4c:84:1f:a9:a9:cd:cf:8e:5a: 2b:2a:42:61 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGgQ0YeiqI5ytSQ0K8SHuWM7HzDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxOFoX DTI3MDMwMzA2MTQxOFowMzExMC8GA1UEAxMoQjI1MkNDNTZEOTBFNzIwNDgwQTcx Q0M1NUEwQzY4RTY1QjFFNEE3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJNQygeXrffQhJpS+Tq93Wyq1XNa4JTFSiqEB6OXPFTtVfg97Ds03xrd5TKt nEKSnRQYTEv7/0exLnpo6fLBRX/5rQjz5wTFUe6E0+WK4tAP57b2Krt0L/KMZwiM AM1Q5RbhmNTN/2toJ+vrKIl6ANSHdK8iedeU4ysT31T5zKgLtlfLnksS2NxFa1ip oiw4kC+Wa1z/2GHZn5fq3GH9jKQEQuQbVHuTSjkiOquLD4G/YTAt3w3s0HXyTMZB XFQthW/TQUiE+tJgs82mlOH2rfuxhumGEKqsYNR3LnPmoIaVtVBMUqx5klhb6wRD mCkQ50h84hgjs525gTBLpNcqaJECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSyUsxW 2Q5yBICnHMVaDGjmWx5KdzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDA4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pZ4wDQYJKoZIhvcNAQELBQADggEBABDe+wL89Qcu0dDB8JqLtNTR7ayd09POekvI iIRBZKWRmg7lrd27VNVSSPQgLAdgfz1PXkkAu9KZz6JI9AvCjIUGGVKfOJr93IRZ ST1z+n7TBZflHaM/FY943aPpnQFakaXZMe8h7W302Ol6dQ76E0dE6bMtaslcMvMW Hd1p3GPO7qu2K9e0F28GVPoThph6lMUbp46mTVavL6xEA5U6xXgHfqrzp6K2/yN+ 0xaNmyHPfZoJzeTsgOzsdLS3K1sK/O0TMNaW8TEIEq1ibslqxj0bw4bD10KELOzC QMDFBbdgxWzsDmduo45WVuuOV/Vj36U0FUyEH6mpzc+OWisqQmE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:03 2026 by rpki-client