$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144138.roa File: AS144138.roa (raw, json) Hash identifier: GdpBDPgvqoD4CQJjabHOX7oCxPKfOo8najbsM0KD3h8= Subject key identifier: 1D:25:A6:A9:3D:06:27:A3:20:52:6C:47:F7:83:D6:F2:C2:74:36:96 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 012E70588ADE0FDD03D99DB86AD1F385E6AB1B10 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144138.roa Signing time: Wed 04 Mar 2026 06:13:35 +0000 ROA not before: Wed 04 Mar 2026 06:08:35 +0000 ROA not after: Wed 03 Mar 2027 06:13:35 +0000 asID: 144138 IP address blocks: 240a:a5d0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:2e:70:58:8a:de:0f:dd:03:d9:9d:b8:6a:d1:f3:85:e6:ab:1b:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:35 2026 GMT Not After : Mar 3 06:13:35 2027 GMT Subject: CN=1D25A6A93D0627A320526C47F783D6F2C2743696 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:cb:d7:99:10:79:d8:97:d9:2e:60:74:fb:43: d6:3c:06:e7:30:e5:4b:a1:d8:3b:a6:9a:82:8b:84: 3d:f1:64:0d:77:6b:fe:b4:82:19:ed:da:2c:14:34: 24:22:6f:36:8b:a8:e0:10:8f:df:0f:7f:4c:8d:1c: 12:af:5c:18:5e:05:fb:94:84:be:58:f2:b4:64:8d: c7:ba:1f:47:65:10:ff:3a:f1:4f:87:0b:9e:44:c7: 67:96:6f:a1:25:ed:c8:f5:29:9f:7e:74:40:2a:56: 2d:97:d3:79:8b:93:74:72:88:ac:6a:03:38:a9:4d: 95:62:05:54:29:7a:74:92:c6:00:3d:8a:2e:88:f0: f3:8c:f3:1c:0c:4c:da:24:dd:0c:c3:37:5d:2c:04: 0e:79:08:e5:76:fd:80:49:9c:37:96:da:2d:83:41: 90:2f:86:ca:62:14:cc:cf:e7:44:6c:04:00:85:af: 85:e0:81:ac:fb:d3:53:9f:a6:b4:2f:21:15:27:bb: de:10:11:d9:f0:de:aa:00:01:8a:7a:91:b2:91:8b: c6:14:e7:06:96:49:3d:72:be:5c:a7:df:ab:12:ef: ac:24:35:52:df:b5:c7:56:1d:2a:1e:4e:51:df:c4: cf:87:10:36:03:c6:e2:a3:14:e1:2d:86:1d:b1:e7: 70:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:25:A6:A9:3D:06:27:A3:20:52:6C:47:F7:83:D6:F2:C2:74:36:96 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a5d0::/32 Signature Algorithm: sha256WithRSAEncryption 11:9f:af:05:96:fd:f8:5c:a0:91:93:41:5f:d5:11:40:9b:5e: 48:7e:9c:2c:b5:0a:67:5d:27:89:29:62:46:52:99:73:52:12: 41:5f:f4:01:f9:b1:25:bd:05:e6:2a:0a:32:dd:5d:91:e8:54: 29:e5:ce:36:b3:6b:86:7f:69:e9:96:aa:6d:5c:1e:fb:eb:36: 1c:a9:50:cc:5f:9f:d0:08:1b:4e:9e:e6:b1:6e:b3:9f:04:97: 8e:74:da:28:b7:cd:b2:40:dc:fa:8f:c4:30:19:3a:ec:34:d8: 71:3b:82:b2:6d:99:4b:75:8e:59:e7:f7:6f:fd:d3:9f:eb:ef: 4f:b5:ae:74:78:30:ae:3d:3e:8c:01:ed:18:c7:51:a3:ba:74: 7a:6c:d4:6a:6b:5c:52:58:2f:3c:90:39:47:b2:ea:c6:28:4c: b4:9a:cf:fc:08:19:7e:1d:77:4d:79:01:46:39:94:d2:9a:fa: 5c:72:df:6c:4d:57:6a:32:36:80:74:3a:96:f8:9b:1c:65:7a: 0f:8e:56:0c:95:de:91:61:f0:b7:c4:81:64:e1:e7:7c:cd:cd: 8b:fa:c0:c0:58:db:70:ac:45:8e:02:e7:33:0d:17:a3:bf:1f: 44:96:4b:db:59:e3:bb:ef:a7:1c:be:f7:a8:b7:04:58:14:6d: be:00:dd:ac -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAS5wWIreD90D2Z24atHzhearGxAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzNVoX DTI3MDMwMzA2MTMzNVowMzExMC8GA1UEAxMoMUQyNUE2QTkzRDA2MjdBMzIwNTI2 QzQ3Rjc4M0Q2RjJDMjc0MzY5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7L15kQediX2S5gdPtD1jwG5zDlS6HYO6aagouEPfFkDXdr/rSCGe3aLBQ0 JCJvNouo4BCP3w9/TI0cEq9cGF4F+5SEvljytGSNx7ofR2UQ/zrxT4cLnkTHZ5Zv oSXtyPUpn350QCpWLZfTeYuTdHKIrGoDOKlNlWIFVCl6dJLGAD2KLojw84zzHAxM 2iTdDMM3XSwEDnkI5Xb9gEmcN5baLYNBkC+GymIUzM/nRGwEAIWvheCBrPvTU5+m tC8hFSe73hAR2fDeqgABinqRspGLxhTnBpZJPXK+XKffqxLvrCQ1Ut+1x1YdKh5O Ud/Ez4cQNgPG4qMU4S2GHbHncN8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQdJaap PQYnoyBSbEf3g9bywnQ2ljAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDEzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pdAwDQYJKoZIhvcNAQELBQADggEBABGfrwWW/fhcoJGTQV/VEUCbXkh+nCy1Cmdd J4kpYkZSmXNSEkFf9AH5sSW9BeYqCjLdXZHoVCnlzjaza4Z/aemWqm1cHvvrNhyp UMxfn9AIG06e5rFus58El4502ii3zbJA3PqPxDAZOuw02HE7grJtmUt1jlnn92/9 05/r70+1rnR4MK49PowB7RjHUaO6dHps1GprXFJYLzyQOUey6sYoTLSaz/wIGX4d d015AUY5lNKa+lxy32xNV2oyNoB0Opb4mxxleg+OVgyV3pFh8LfEgWTh53zNzYv6 wMBY23CsRY4C5zMNF6O/H0SWS9tZ47vvpxy+96i3BFgUbb4A3aw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:50 2026 by rpki-client