$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144218.roa File: AS144218.roa (raw, json) Hash identifier: bHOlEhyvoT09uhGpyJ5Pphu6BfccGewvX6k8kn610bM= Subject key identifier: 95:3A:D1:13:A7:8F:DE:B7:7B:AB:82:29:11:C9:27:DA:71:12:32:3F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 10DC4DDAC802B3D173A30B21CA82C0343844E840 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144218.roa Signing time: Wed 04 Mar 2026 06:12:28 +0000 ROA not before: Wed 04 Mar 2026 06:07:28 +0000 ROA not after: Wed 03 Mar 2027 06:12:28 +0000 asID: 144218 IP address blocks: 240a:a620::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:dc:4d:da:c8:02:b3:d1:73:a3:0b:21:ca:82:c0:34:38:44:e8:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:28 2026 GMT Not After : Mar 3 06:12:28 2027 GMT Subject: CN=953AD113A78FDEB77BAB822911C927DA7112323F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:90:ef:70:80:ae:89:44:b6:8a:ce:f5:a3:78: ac:88:63:b6:28:d2:63:15:8d:53:3c:41:de:43:3d: fd:7a:b8:14:ae:cd:c1:ea:bc:71:3b:35:4e:fb:91: 45:fa:88:b7:ec:98:c1:94:e0:93:2a:0b:29:cc:cf: c8:bc:14:f3:01:06:98:20:6d:a2:b7:ce:fb:90:b0: 39:c7:9c:a3:c5:62:a1:ab:f9:f7:0f:50:2d:a4:ee: fc:70:35:83:85:d5:6b:55:18:ee:07:8a:e1:17:9a: 03:d7:28:d7:d3:54:f6:21:56:fe:38:9b:44:af:12: ea:d1:17:a9:68:29:20:d5:46:0e:a7:ea:f8:79:a9: 0d:70:7d:ce:0d:1b:24:1d:fb:1e:8a:bd:e7:33:9a: 9b:54:c7:ab:f5:f3:78:3e:4c:1d:f8:1e:5a:23:2c: da:0a:11:26:1d:b5:d9:2b:4e:49:ab:1a:49:5e:e5: 72:1a:ac:f0:f2:9f:d2:d8:7c:48:f4:bd:90:c7:22: 9c:ea:5e:22:bf:b9:56:89:37:49:d1:41:0b:93:a4: 16:87:6d:4e:f1:12:89:ec:92:6a:15:c5:da:78:4a: 99:ae:ee:e7:5f:76:05:71:63:3d:3a:05:29:7f:2f: 56:09:98:11:3d:74:3d:df:0c:fb:a7:ea:07:bf:8a: 9e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:3A:D1:13:A7:8F:DE:B7:7B:AB:82:29:11:C9:27:DA:71:12:32:3F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144218.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a620::/32 Signature Algorithm: sha256WithRSAEncryption 9d:1b:1f:47:9e:bc:76:06:6b:81:78:03:72:72:73:e9:01:b9: 47:47:6f:6f:3c:7e:dd:75:af:bb:51:53:50:d9:30:5b:29:bb: a2:8a:2f:8c:11:14:f7:b7:fb:55:a9:76:62:90:6a:32:b7:4d: 9b:19:f1:e5:40:e7:30:e5:9e:b9:7f:23:15:7d:f6:9b:0c:a6: f1:21:de:4e:5d:2b:58:fe:58:78:8e:d2:30:fc:ad:b9:a5:57: 43:55:45:4b:bf:6b:ec:44:ad:d9:10:08:15:c5:a2:f3:a9:9c: ab:7c:bf:f5:73:0a:00:f0:cd:0a:75:d5:9b:0e:46:88:cf:d7: 9c:22:ef:81:65:c5:dd:c7:16:81:85:2e:f7:b5:27:98:97:2a: 36:34:e1:a3:28:3a:3a:8f:86:45:79:2d:91:79:47:1e:9b:4c: fe:90:d3:a9:70:29:5d:73:59:11:b5:2e:f5:30:a3:61:1a:a7: 4c:b3:06:5b:ab:31:51:af:46:0e:e3:a2:a6:e4:f2:d2:33:8f: ef:39:3e:af:3b:e4:4e:56:6e:8e:27:c7:8c:ca:04:d4:66:66: ba:02:ec:f7:57:3f:a0:6a:60:3f:5d:bf:c3:a6:f1:ac:01:32: 2c:e3:c7:76:59:60:da:4f:67:e2:c5:82:c1:cb:a5:f7:f5:f9: f8:d7:5f:9a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUENxN2sgCs9FzowshyoLANDhE6EAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDcyOFoX DTI3MDMwMzA2MTIyOFowMzExMC8GA1UEAxMoOTUzQUQxMTNBNzhGREVCNzdCQUI4 MjI5MTFDOTI3REE3MTEyMzIzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI2Q73CArolEtorO9aN4rIhjtijSYxWNUzxB3kM9/Xq4FK7Nweq8cTs1TvuR RfqIt+yYwZTgkyoLKczPyLwU8wEGmCBtorfO+5CwOceco8Vioav59w9QLaTu/HA1 g4XVa1UY7geK4ReaA9co19NU9iFW/jibRK8S6tEXqWgpINVGDqfq+HmpDXB9zg0b JB37Hoq95zOam1THq/XzeD5MHfgeWiMs2goRJh212StOSasaSV7lchqs8PKf0th8 SPS9kMcinOpeIr+5Vok3SdFBC5OkFodtTvESieySahXF2nhKma7u5192BXFjPToF KX8vVgmYET10Pd8M+6fqB7+KnjMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSVOtET p4/et3urgikRySfacRIyPzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK piAwDQYJKoZIhvcNAQELBQADggEBAJ0bH0eevHYGa4F4A3Jyc+kBuUdHb288ft11 r7tRU1DZMFspu6KKL4wRFPe3+1WpdmKQajK3TZsZ8eVA5zDlnrl/IxV99psMpvEh 3k5dK1j+WHiO0jD8rbmlV0NVRUu/a+xErdkQCBXFovOpnKt8v/VzCgDwzQp11ZsO RojP15wi74Flxd3HFoGFLve1J5iXKjY04aMoOjqPhkV5LZF5Rx6bTP6Q06lwKV1z WRG1LvUwo2Eap0yzBlurMVGvRg7joqbk8tIzj+85Pq875E5Wbo4nx4zKBNRmZroC 7PdXP6BqYD9dv8Om8awBMizjx3ZZYNpPZ+LFgsHLpff1+fjXX5o= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:47 2026 by rpki-client