$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144111.roa File: AS144111.roa (raw, json) Hash identifier: zy8qNg4BBFaZS6JRBT/SDFGJCuzYY0RmBAEWqo4obWQ= Subject key identifier: 88:FA:29:F7:31:77:7F:75:6F:E0:57:A3:A1:6A:FC:88:4A:67:50:8E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 49B4FF1C1C67C374107FEA891918AF68A52E77DE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144111.roa Signing time: Wed 04 Mar 2026 06:15:43 +0000 ROA not before: Wed 04 Mar 2026 06:10:43 +0000 ROA not after: Wed 03 Mar 2027 06:15:43 +0000 asID: 144111 IP address blocks: 240a:a5b5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:b4:ff:1c:1c:67:c3:74:10:7f:ea:89:19:18:af:68:a5:2e:77:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:43 2026 GMT Not After : Mar 3 06:15:43 2027 GMT Subject: CN=88FA29F731777F756FE057A3A16AFC884A67508E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:79:74:07:83:77:6a:e2:22:73:79:a6:40:79: 51:fd:80:a6:b2:93:a5:cb:d5:3a:67:4e:c3:ae:e9: 90:6d:f8:d0:cb:45:c7:91:09:a9:e1:96:6b:88:4e: d6:ed:fb:62:9c:bf:8f:04:e2:00:bd:82:98:f5:c0: 61:48:57:32:0e:9d:bb:09:b6:31:e3:56:dd:67:37: 1f:f5:e7:c3:f7:4f:2b:91:82:de:12:8b:6e:8f:2b: 6c:cb:62:d4:a0:18:b3:96:c7:6b:c9:14:e3:c4:ca: 11:00:f7:01:d5:ac:10:59:f0:0d:4d:ab:6d:2f:92: c8:4b:8c:be:d6:67:ac:b7:f0:45:98:33:8f:4c:56: c0:61:76:5a:79:da:a0:9c:16:e9:7f:79:64:53:35: a1:aa:4d:39:6c:cf:e5:27:f5:5d:2c:26:b9:a2:8e: e3:61:f3:5a:40:a1:c2:3a:8d:64:95:79:88:13:d9: 5f:2f:21:78:50:8b:ee:0c:ff:44:90:4f:3d:c2:fc: 6e:c0:f9:31:4d:77:2f:40:b8:7b:c1:9c:6d:f1:0c: 03:91:ec:da:78:ab:db:4e:2b:da:d4:d0:ba:16:35: e6:79:e2:5b:26:5d:bc:fd:89:25:10:6f:7b:73:b8: 66:ea:a3:6e:9a:11:2e:1a:66:bd:21:3b:bf:6b:17: 78:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:FA:29:F7:31:77:7F:75:6F:E0:57:A3:A1:6A:FC:88:4A:67:50:8E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144111.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5b5::/32 Signature Algorithm: sha256WithRSAEncryption bb:51:fa:47:ca:2c:84:4b:48:e3:8a:6c:e8:e1:50:96:3e:b0: 70:73:e8:e7:3d:c6:7a:1c:88:2d:82:7a:b3:17:95:8c:2e:c4: 86:6f:b7:f3:08:d5:9a:83:04:3b:3a:e6:1f:ab:c7:17:08:87: 7c:00:22:94:b1:25:c9:f1:ad:ef:57:48:b8:a9:41:bc:11:25: 6c:4f:ff:56:a4:dd:b2:3a:d1:8e:c0:dd:a3:32:15:12:c4:4c: c4:93:0e:e4:91:fa:b5:ba:32:95:fa:4c:50:32:97:3b:01:ee: 13:e8:2e:26:90:8a:76:69:b6:2e:07:7b:a2:72:05:22:49:91: a6:63:6f:18:8c:9d:7b:98:09:c0:bf:c7:62:d2:3b:06:f5:fb: 58:d4:27:a8:7d:84:86:35:0c:66:07:fd:91:30:cb:9a:ec:17: cf:9a:5e:c5:14:d0:39:f1:b4:85:48:2e:65:b8:1a:4e:7a:7f: 2e:79:4d:bb:81:7b:fb:c9:fb:e2:a8:76:13:14:67:60:fa:90: 82:d0:cb:ca:d2:15:6a:d1:6b:7f:31:73:1f:db:62:ef:f2:05: 8e:9c:46:77:92:7f:8e:c2:cd:b0:cb:dc:7d:27:ae:0d:40:ae: 4e:8d:0a:00:88:a6:a8:f1:cf:4b:d1:c5:0c:5c:f7:6e:18:2e: 9d:17:b1:bf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSbT/HBxnw3QQf+qJGRivaKUud94wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0M1oX DTI3MDMwMzA2MTU0M1owMzExMC8GA1UEAxMoODhGQTI5RjczMTc3N0Y3NTZGRTA1 N0EzQTE2QUZDODg0QTY3NTA4RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM95dAeDd2riInN5pkB5Uf2AprKTpcvVOmdOw67pkG340MtFx5EJqeGWa4hO 1u37Ypy/jwTiAL2CmPXAYUhXMg6duwm2MeNW3Wc3H/Xnw/dPK5GC3hKLbo8rbMti 1KAYs5bHa8kU48TKEQD3AdWsEFnwDU2rbS+SyEuMvtZnrLfwRZgzj0xWwGF2Wnna oJwW6X95ZFM1oapNOWzP5Sf1XSwmuaKO42HzWkChwjqNZJV5iBPZXy8heFCL7gz/ RJBPPcL8bsD5MU13L0C4e8GcbfEMA5Hs2nir204r2tTQuhY15nniWyZdvP2JJRBv e3O4ZuqjbpoRLhpmvSE7v2sXeDcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSI+in3 MXd/dW/gV6OhavyISmdQjjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDExMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pbUwDQYJKoZIhvcNAQELBQADggEBALtR+kfKLIRLSOOKbOjhUJY+sHBz6Oc9xnoc iC2CerMXlYwuxIZvt/MI1ZqDBDs65h+rxxcIh3wAIpSxJcnxre9XSLipQbwRJWxP /1ak3bI60Y7A3aMyFRLETMSTDuSR+rW6MpX6TFAylzsB7hPoLiaQinZpti4He6Jy BSJJkaZjbxiMnXuYCcC/x2LSOwb1+1jUJ6h9hIY1DGYH/ZEwy5rsF8+aXsUU0Dnx tIVILmW4Gk56fy55TbuBe/vJ++KodhMUZ2D6kILQy8rSFWrRa38xcx/bYu/yBY6c RneSf47CzbDL3H0nrg1Ark6NCgCIpqjxz0vRxQxc924YLp0Xsb8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:10 2026 by rpki-client