$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144204.roa File: AS144204.roa (raw, json) Hash identifier: 7HhsXmrkRq2LI7RGknaBeGzpyVaeh22M8MDUlLNlOiA= Subject key identifier: 8E:2C:A3:6E:FB:F5:40:60:63:5D:2C:3D:66:B9:1B:11:AD:AC:43:91 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 69B1B52C4B2CBD801844B8A0015C3684D9C37060 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144204.roa Signing time: Wed 04 Mar 2026 06:13:30 +0000 ROA not before: Wed 04 Mar 2026 06:08:30 +0000 ROA not after: Wed 03 Mar 2027 06:13:30 +0000 asID: 144204 IP address blocks: 240a:a612::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:b1:b5:2c:4b:2c:bd:80:18:44:b8:a0:01:5c:36:84:d9:c3:70:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:30 2026 GMT Not After : Mar 3 06:13:30 2027 GMT Subject: CN=8E2CA36EFBF54060635D2C3D66B91B11ADAC4391 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:8c:8c:c3:ec:30:05:fe:7f:d4:76:43:62:cf: 31:e3:d8:60:c2:4d:c2:fa:ef:7a:fa:19:4a:80:48: fb:91:5b:80:c5:e4:89:96:e9:f6:8d:e3:fd:1d:0a: 84:6f:af:31:46:83:a6:65:33:d7:ea:21:4b:90:ff: b0:92:93:e7:de:4c:84:f0:d3:a2:eb:39:d8:3e:c7: b6:14:60:4b:f9:e0:a1:06:07:e2:6e:67:ba:ae:b5: ed:81:77:6f:38:2c:f5:ee:e2:f1:d4:20:b0:56:0d: 45:06:34:68:3d:b1:20:24:59:d8:a1:b1:c3:a7:03: 58:b6:09:f4:f1:75:c5:ab:48:a2:d7:76:42:0a:23: f8:c6:b6:af:8b:4b:53:ab:27:0b:91:39:d9:68:64: dc:86:0e:89:8a:26:00:ae:b8:a2:1e:c4:59:be:d7: e2:e1:6d:8a:8e:b9:43:9c:18:a0:77:32:fc:d1:fa: 53:f0:2a:dc:76:28:1a:95:1a:e9:db:68:d8:2c:48: f7:d9:53:7b:44:52:23:d9:bb:c2:ac:91:1a:28:4a: a5:bd:86:2a:65:70:b5:39:95:69:21:31:73:82:96: a3:f2:57:f4:ce:95:c1:8e:f3:5a:21:79:46:19:99: cc:93:54:60:27:9f:8c:2f:76:d0:be:e2:8a:62:1a: 21:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:2C:A3:6E:FB:F5:40:60:63:5D:2C:3D:66:B9:1B:11:AD:AC:43:91 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144204.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a612::/32 Signature Algorithm: sha256WithRSAEncryption 1d:5b:9a:fe:97:d4:d3:1b:ac:7c:3a:f8:b4:af:36:f1:dc:7e: 17:07:b6:32:45:a4:7e:72:e6:4e:4b:9d:e5:17:b6:4b:da:4c: 88:1a:58:33:34:f4:93:24:58:af:20:c7:86:7d:eb:0d:1e:12: f4:49:0c:83:70:02:5d:17:98:4b:c0:d5:eb:20:29:b1:41:1d: 57:ba:32:fc:46:2e:eb:7e:c3:aa:f4:8d:8e:76:f8:9c:c8:f8: b3:78:05:ab:a5:12:45:b0:9c:ef:2f:9d:c1:4a:b6:30:e5:33: 71:4b:66:5d:55:01:c5:a5:66:5e:09:7e:47:17:ef:58:3a:a5: af:14:b0:9c:78:d8:81:9f:79:79:3b:6b:7e:c9:5e:f3:26:aa: 92:21:d9:e8:03:0f:49:53:03:91:bc:8e:32:32:ec:25:a0:b0: 54:ff:20:eb:96:7f:a0:b3:98:a3:63:99:9b:c8:af:20:23:bb: 94:a1:5c:93:44:7e:f6:b7:b1:32:bd:97:ea:1f:00:78:8c:b5: a0:ca:00:0c:04:93:22:da:8c:c3:fd:69:87:fa:bc:74:33:45: 28:0a:42:37:55:55:c8:91:fa:7a:82:4d:cc:ec:9e:62:4f:5a: c2:88:63:a9:12:65:4b:2f:60:5c:5f:82:ff:25:4b:73:6f:d8: f6:e0:c8:b5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUabG1LEssvYAYRLigAVw2hNnDcGAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzMFoX DTI3MDMwMzA2MTMzMFowMzExMC8GA1UEAxMoOEUyQ0EzNkVGQkY1NDA2MDYzNUQy QzNENjZCOTFCMTFBREFDNDM5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIWMjMPsMAX+f9R2Q2LPMePYYMJNwvrvevoZSoBI+5FbgMXkiZbp9o3j/R0K hG+vMUaDpmUz1+ohS5D/sJKT595MhPDTous52D7HthRgS/ngoQYH4m5nuq617YF3 bzgs9e7i8dQgsFYNRQY0aD2xICRZ2KGxw6cDWLYJ9PF1xatIotd2Qgoj+Ma2r4tL U6snC5E52Whk3IYOiYomAK64oh7EWb7X4uFtio65Q5wYoHcy/NH6U/Aq3HYoGpUa 6dto2CxI99lTe0RSI9m7wqyRGihKpb2GKmVwtTmVaSExc4KWo/JX9M6VwY7zWiF5 RhmZzJNUYCefjC920L7iimIaIUUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSOLKNu +/VAYGNdLD1muRsRraxDkTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK phIwDQYJKoZIhvcNAQELBQADggEBAB1bmv6X1NMbrHw6+LSvNvHcfhcHtjJFpH5y 5k5LneUXtkvaTIgaWDM09JMkWK8gx4Z96w0eEvRJDINwAl0XmEvA1esgKbFBHVe6 MvxGLut+w6r0jY52+JzI+LN4BaulEkWwnO8vncFKtjDlM3FLZl1VAcWlZl4JfkcX 71g6pa8UsJx42IGfeXk7a37JXvMmqpIh2egDD0lTA5G8jjIy7CWgsFT/IOuWf6Cz mKNjmZvIryAju5ShXJNEfva3sTK9l+ofAHiMtaDKAAwEkyLajMP9aYf6vHQzRSgK QjdVVciR+nqCTczsnmJPWsKIY6kSZUsvYFxfgv8lS3Nv2PbgyLU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:15 2026 by rpki-client