$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144118.roa File: AS144118.roa (raw, json) Hash identifier: rOExNI1aD308c772K3o/Xr1Cp+smE6Czx4wZfgXiUnQ= Subject key identifier: 29:01:0F:F0:50:4A:17:25:C3:16:5A:04:65:88:BF:8F:C5:C8:62:D4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 490D2D7BE338D66C2F9F9F5504876CA0EE61E834 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144118.roa Signing time: Wed 04 Mar 2026 06:13:34 +0000 ROA not before: Wed 04 Mar 2026 06:08:34 +0000 ROA not after: Wed 03 Mar 2027 06:13:34 +0000 asID: 144118 IP address blocks: 240a:a5bc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:0d:2d:7b:e3:38:d6:6c:2f:9f:9f:55:04:87:6c:a0:ee:61:e8:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:34 2026 GMT Not After : Mar 3 06:13:34 2027 GMT Subject: CN=29010FF0504A1725C3165A046588BF8FC5C862D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:02:d2:09:b0:13:f2:de:78:5d:b7:e7:24:7f: eb:6b:2e:37:45:3f:a1:69:ba:d8:21:b9:21:cf:96: 30:ed:e4:55:ae:2a:0a:6b:cc:a1:06:ef:bc:75:bf: bd:0a:0c:58:2a:0f:ae:07:a5:f2:fe:e7:c1:27:fc: 23:c9:dd:66:ae:01:83:aa:0a:42:6d:31:eb:b0:91: 76:50:a2:f0:40:df:9b:78:95:1a:62:7d:0f:23:82: 83:74:31:b4:7e:63:7a:dd:e5:d8:81:cd:f4:dd:6d: 08:9c:f5:b9:d6:0a:e5:5b:ef:7e:de:e7:10:0c:39: c8:e8:8f:0e:1e:0c:84:12:89:5a:de:a1:03:a2:db: f7:7c:33:02:04:12:ec:6d:c2:0e:d9:25:59:20:97: fe:08:22:d2:77:58:7d:62:d4:3b:cd:70:6a:95:ef: 27:3f:a8:eb:48:e9:d9:8b:20:a2:b7:01:6f:f0:03: e9:91:24:05:01:97:45:9d:13:ec:ae:33:17:da:c6: 50:80:6c:35:33:72:f4:cb:cb:12:26:a3:8e:04:db: aa:51:68:3c:68:d8:b0:23:25:e2:ac:86:e7:b7:aa: ca:9b:f1:30:92:b1:70:ba:8a:b8:c6:b5:fe:86:4c: 0d:3f:52:71:52:d2:37:bd:0f:8a:7f:72:11:28:41: 39:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:01:0F:F0:50:4A:17:25:C3:16:5A:04:65:88:BF:8F:C5:C8:62:D4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144118.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5bc::/32 Signature Algorithm: sha256WithRSAEncryption 39:de:2b:ab:c2:7c:d9:7f:86:e4:99:7b:02:ba:45:e4:a6:f7: 04:3e:a0:ce:2b:06:84:75:50:c9:36:74:e6:58:1f:2b:95:cc: c0:a3:0c:4d:bd:2c:6c:6f:ba:a0:f2:5f:32:6d:f1:bc:af:6d: 83:16:00:ca:83:47:ad:37:12:d3:63:1b:b0:b8:f2:23:6a:1d: 5b:90:91:3d:15:c1:a8:c2:b9:d0:e2:a9:d3:50:0f:dd:8c:b1: 9d:47:f1:30:8e:4b:99:57:6d:b3:cc:7a:fd:29:fd:b1:28:6d: 2d:90:33:69:a6:a4:31:6f:50:21:7f:54:b2:44:a6:31:da:58: c7:87:b3:6d:dc:08:1f:bd:1f:6b:84:01:20:db:71:3d:49:f7: d8:0f:d9:e3:88:01:ba:c1:08:9c:4f:40:65:e1:81:e8:3b:20: fa:94:24:a5:3a:87:25:ae:18:ad:fd:bc:99:8f:12:99:3c:32: cd:8e:32:54:ce:76:b7:1a:10:d1:27:7c:e5:00:57:fa:3b:c3: d1:95:6c:73:0e:2f:f2:5e:5f:13:b3:7f:4a:2b:f1:fe:eb:84: 58:8f:8b:88:bc:a1:1f:6f:07:ea:be:08:1d:e5:51:3f:0a:31: 06:83:3a:70:c3:22:3f:3b:35:2c:fd:ce:8e:25:4f:f9:53:3f: 7f:c9:36:ce -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSQ0te+M41mwvn59VBIdsoO5h6DQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzNFoX DTI3MDMwMzA2MTMzNFowMzExMC8GA1UEAxMoMjkwMTBGRjA1MDRBMTcyNUMzMTY1 QTA0NjU4OEJGOEZDNUM4NjJENDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIQC0gmwE/LeeF235yR/62suN0U/oWm62CG5Ic+WMO3kVa4qCmvMoQbvvHW/ vQoMWCoPrgel8v7nwSf8I8ndZq4Bg6oKQm0x67CRdlCi8EDfm3iVGmJ9DyOCg3Qx tH5jet3l2IHN9N1tCJz1udYK5Vvvft7nEAw5yOiPDh4MhBKJWt6hA6Lb93wzAgQS 7G3CDtklWSCX/ggi0ndYfWLUO81wapXvJz+o60jp2YsgorcBb/AD6ZEkBQGXRZ0T 7K4zF9rGUIBsNTNy9MvLEiajjgTbqlFoPGjYsCMl4qyG57eqypvxMJKxcLqKuMa1 /oZMDT9ScVLSN70Pin9yEShBOVkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQpAQ/w UEoXJcMWWgRliL+Pxchi1DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDExOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pbwwDQYJKoZIhvcNAQELBQADggEBADneK6vCfNl/huSZewK6ReSm9wQ+oM4rBoR1 UMk2dOZYHyuVzMCjDE29LGxvuqDyXzJt8byvbYMWAMqDR603EtNjG7C48iNqHVuQ kT0VwajCudDiqdNQD92MsZ1H8TCOS5lXbbPMev0p/bEobS2QM2mmpDFvUCF/VLJE pjHaWMeHs23cCB+9H2uEASDbcT1J99gP2eOIAbrBCJxPQGXhgeg7IPqUJKU6hyWu GK39vJmPEpk8Ms2OMlTOdrcaENEnfOUAV/o7w9GVbHMOL/JeXxOzf0or8f7rhFiP i4i8oR9vB+q+CB3lUT8KMQaDOnDDIj87NSz9zo4lT/lTP3/JNs4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:24 2026 by rpki-client