$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144214.roa File: AS144214.roa (raw, json) Hash identifier: IZuE8WXIhwbvHNqxMU/+tebWkKl9MKyDK28jN6ggek0= Subject key identifier: 86:58:5A:64:3B:90:58:1A:9E:11:43:C0:0F:60:F4:5F:4F:53:D9:E1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 20A9BC760CCEA9FBCDBE367D7C299C8C07EAC740 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144214.roa Signing time: Wed 04 Mar 2026 06:15:27 +0000 ROA not before: Wed 04 Mar 2026 06:10:27 +0000 ROA not after: Wed 03 Mar 2027 06:15:27 +0000 asID: 144214 IP address blocks: 240a:a61c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:a9:bc:76:0c:ce:a9:fb:cd:be:36:7d:7c:29:9c:8c:07:ea:c7:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:27 2026 GMT Not After : Mar 3 06:15:27 2027 GMT Subject: CN=86585A643B90581A9E1143C00F60F45F4F53D9E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:24:43:07:38:ff:f4:cc:de:73:62:c8:f8:ce: 50:c4:b9:83:eb:c5:ce:46:00:b2:6d:5c:a7:a7:df: 28:cf:b6:b2:0d:bb:e8:eb:ce:05:88:40:11:a0:fb: 2f:ac:05:1e:ed:fa:b5:b2:0f:7f:16:de:7b:1d:3b: f7:6b:1f:dd:ed:cd:9d:6c:4e:d4:ab:6e:29:25:a4: d8:f1:df:17:9b:ff:df:59:3d:87:a3:55:d6:c3:05: 70:87:14:b6:02:15:be:c8:6d:e0:66:71:57:96:2c: b9:de:85:93:04:eb:5f:a8:86:94:c9:2e:1e:29:7f: da:b4:b6:79:32:38:6d:2a:a9:e8:c3:55:6d:2f:3b: 5d:ca:b9:2b:da:11:63:60:78:54:3d:34:65:00:01: cd:09:fe:9c:62:27:06:a4:82:ad:9a:aa:ee:2f:8b: fc:d3:a7:6e:01:ad:a5:85:76:eb:8f:1a:1b:58:e7: b3:40:fe:bd:93:fa:cd:3b:7f:53:39:3e:54:db:fc: 87:54:fd:ea:c3:a4:c7:4a:cb:6d:de:91:85:98:7e: 39:40:59:5c:46:b2:0d:74:a2:b0:72:7a:31:83:b1: 3a:21:c9:d5:ed:08:b5:a5:9b:76:a6:49:9f:28:b6: f0:b3:cd:c7:c5:4e:74:b4:30:16:ae:c2:d8:3f:70: 49:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:58:5A:64:3B:90:58:1A:9E:11:43:C0:0F:60:F4:5F:4F:53:D9:E1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144214.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a61c::/32 Signature Algorithm: sha256WithRSAEncryption 20:8c:6c:74:18:6e:c4:0d:e4:8d:f1:2b:61:d4:04:12:ff:3d: 4e:f9:a3:26:fa:80:4b:65:95:56:32:1d:59:54:24:70:11:b4: 5a:a9:03:82:da:59:ee:92:72:e5:c0:32:1e:30:67:11:4e:69: 1a:23:5a:45:bb:24:28:4d:4e:1e:35:0e:a5:05:86:e0:6b:4f: ae:e4:96:d2:e4:de:85:2f:52:f6:0c:46:7c:11:c1:2e:33:d3: 24:63:e8:62:7e:d5:61:c1:bb:01:6c:4a:07:9d:f5:63:45:9e: 96:69:27:73:fd:ee:92:a4:a5:21:a2:ca:ef:c3:da:4e:4c:46: 62:5b:7a:71:e0:7d:77:4b:89:15:de:48:2f:f6:33:57:de:95: 3a:a2:a6:2c:c8:5b:b4:e5:34:18:db:ce:c5:bd:98:8a:e9:f1: c7:28:30:71:e8:e1:94:56:3a:08:a8:23:5c:16:bf:67:e2:6f: 5b:99:a8:23:43:b0:4f:a4:45:e4:6b:53:53:42:35:21:fd:49: b2:df:cd:a8:41:9b:96:84:58:2f:d5:67:93:9f:2a:89:f3:03: ac:89:4f:17:2c:ea:88:8e:d7:78:12:3a:83:b6:f7:cb:5c:8d: 9c:a6:c3:64:b9:84:eb:44:83:3c:6e:bc:7b:e8:7b:bc:d8:09: 6e:27:91:61 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIKm8dgzOqfvNvjZ9fCmcjAfqx0AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyN1oX DTI3MDMwMzA2MTUyN1owMzExMC8GA1UEAxMoODY1ODVBNjQzQjkwNTgxQTlFMTE0 M0MwMEY2MEY0NUY0RjUzRDlFMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALokQwc4//TM3nNiyPjOUMS5g+vFzkYAsm1cp6ffKM+2sg276OvOBYhAEaD7 L6wFHu36tbIPfxbeex0792sf3e3NnWxO1KtuKSWk2PHfF5v/31k9h6NV1sMFcIcU tgIVvsht4GZxV5Ysud6FkwTrX6iGlMkuHil/2rS2eTI4bSqp6MNVbS87Xcq5K9oR Y2B4VD00ZQABzQn+nGInBqSCrZqq7i+L/NOnbgGtpYV2648aG1jns0D+vZP6zTt/ Uzk+VNv8h1T96sOkx0rLbd6RhZh+OUBZXEayDXSisHJ6MYOxOiHJ1e0ItaWbdqZJ nyi28LPNx8VOdLQwFq7C2D9wSZECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSGWFpk O5BYGp4RQ8APYPRfT1PZ4TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK phwwDQYJKoZIhvcNAQELBQADggEBACCMbHQYbsQN5I3xK2HUBBL/PU75oyb6gEtl lVYyHVlUJHARtFqpA4LaWe6ScuXAMh4wZxFOaRojWkW7JChNTh41DqUFhuBrT67k ltLk3oUvUvYMRnwRwS4z0yRj6GJ+1WHBuwFsSged9WNFnpZpJ3P97pKkpSGiyu/D 2k5MRmJbenHgfXdLiRXeSC/2M1felTqipizIW7TlNBjbzsW9mIrp8ccoMHHo4ZRW OgioI1wWv2fib1uZqCNDsE+kReRrU1NCNSH9SbLfzahBm5aEWC/VZ5OfKonzA6yJ Txcs6oiO13gSOoO298tcjZymw2S5hOtEgzxuvHvoe7zYCW4nkWE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:29 2026 by rpki-client