$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144223.roa File: AS144223.roa (raw, json) Hash identifier: wQeODAovmWRle1komldqB5fZ8IrHvZq/RjIiNwnm1e8= Subject key identifier: E3:BB:9D:86:8C:25:24:A7:FC:66:CE:ED:CC:7F:A2:DA:A8:19:CF:37 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5AA96BCFB3CC3A0141D9F347E1959B6ECD950E75 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144223.roa Signing time: Wed 04 Mar 2026 06:12:39 +0000 ROA not before: Wed 04 Mar 2026 06:07:39 +0000 ROA not after: Wed 03 Mar 2027 06:12:39 +0000 asID: 144223 IP address blocks: 240a:a625::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:a9:6b:cf:b3:cc:3a:01:41:d9:f3:47:e1:95:9b:6e:cd:95:0e:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:39 2026 GMT Not After : Mar 3 06:12:39 2027 GMT Subject: CN=E3BB9D868C2524A7FC66CEEDCC7FA2DAA819CF37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c9:45:17:82:af:9e:8c:ea:2d:53:d5:75:e1: 70:78:af:66:3d:e5:e1:72:df:50:2e:d6:45:b3:5b: 07:8c:40:4b:2e:bb:60:d5:bf:ff:6d:e3:d8:0f:2a: 34:de:89:23:bb:a2:0f:3a:a6:fe:4c:d1:0b:0c:17: 06:5e:fa:42:8d:e6:46:aa:cd:e6:30:b9:79:16:51: bf:99:4b:d3:b4:87:67:c6:ab:54:2a:ce:93:89:fe: 9f:b8:8d:ed:8e:b1:5d:f3:17:bb:08:97:9a:ba:55: e0:93:a4:d9:46:02:ee:dd:a7:12:a3:d5:8b:06:65: f9:55:a0:33:18:ea:27:07:ec:3c:f9:c7:d1:08:46: 80:19:96:2e:b0:a1:d9:57:47:3b:27:5a:f5:32:88: 3e:e0:07:eb:5f:66:a1:a0:8d:fe:7f:bc:61:1b:b4: ce:4b:cb:bb:ad:cd:2e:38:38:67:12:f2:9a:36:2e: a0:d0:6c:c5:78:11:ee:56:68:48:58:fb:84:6a:68: 1e:42:39:99:bc:1d:9c:ec:6d:66:34:7b:3e:48:fe: cb:bd:2e:17:9c:2c:fe:53:4b:16:a6:cc:c4:9c:7c: f0:37:01:a3:0c:7c:9a:9d:e8:38:0d:12:ca:0c:48: 10:c5:3e:65:34:8a:28:a4:4b:36:13:54:6e:6b:72: 49:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:BB:9D:86:8C:25:24:A7:FC:66:CE:ED:CC:7F:A2:DA:A8:19:CF:37 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144223.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a625::/32 Signature Algorithm: sha256WithRSAEncryption 69:4d:f4:d4:c9:48:ee:a0:9e:e4:bc:a9:27:a2:25:27:65:33: ee:0c:c3:a1:51:69:59:6d:ba:2a:27:98:a0:83:c9:b2:e9:72: 8b:0b:c3:34:41:91:6a:ab:a8:14:1f:4f:18:fd:9e:ef:46:00: 46:ea:b8:61:42:67:dc:11:e5:7e:c7:d6:4f:4b:c6:47:2a:66: 73:d2:cd:29:54:9c:44:d0:bd:72:35:0c:c9:61:09:ef:11:db: 07:ea:d6:7e:a8:d5:8d:e4:9a:73:03:4f:f4:86:63:72:2a:5f: c5:73:7b:4f:2c:1f:a4:66:aa:52:93:6d:d6:a6:83:32:a9:5b: cd:0c:71:d5:f3:e4:df:4a:ba:05:fa:3e:10:3b:61:8c:99:03: b6:89:3d:7b:eb:5f:c8:00:60:8c:3b:94:e7:3d:30:d0:11:b4: b0:80:9e:c1:ee:4e:39:de:3f:40:50:79:d3:63:11:6a:04:62: 1a:46:cf:3d:16:42:7d:54:da:95:9b:78:8e:bf:aa:46:39:74: 0a:a6:71:a4:f2:d9:5b:eb:6b:10:78:35:8c:42:d9:a7:76:ad: d2:59:17:8c:cf:56:4b:da:b0:7c:85:98:81:50:1f:ff:c1:91: 35:69:46:12:b3:d1:7c:c2:76:85:12:30:b2:1f:90:8d:9c:04: 29:0d:d7:d7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWqlrz7PMOgFB2fNH4ZWbbs2VDnUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczOVoX DTI3MDMwMzA2MTIzOVowMzExMC8GA1UEAxMoRTNCQjlEODY4QzI1MjRBN0ZDNjZD RUVEQ0M3RkEyREFBODE5Q0YzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANbJRReCr56M6i1T1XXhcHivZj3l4XLfUC7WRbNbB4xASy67YNW//23j2A8q NN6JI7uiDzqm/kzRCwwXBl76Qo3mRqrN5jC5eRZRv5lL07SHZ8arVCrOk4n+n7iN 7Y6xXfMXuwiXmrpV4JOk2UYC7t2nEqPViwZl+VWgMxjqJwfsPPnH0QhGgBmWLrCh 2VdHOyda9TKIPuAH619moaCN/n+8YRu0zkvLu63NLjg4ZxLymjYuoNBsxXgR7lZo SFj7hGpoHkI5mbwdnOxtZjR7Pkj+y70uF5ws/lNLFqbMxJx88DcBowx8mp3oOA0S ygxIEMU+ZTSKKKRLNhNUbmtySc0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTju52G jCUkp/xmzu3Mf6LaqBnPNzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDIyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK piUwDQYJKoZIhvcNAQELBQADggEBAGlN9NTJSO6gnuS8qSeiJSdlM+4Mw6FRaVlt uionmKCDybLpcosLwzRBkWqrqBQfTxj9nu9GAEbquGFCZ9wR5X7H1k9LxkcqZnPS zSlUnETQvXI1DMlhCe8R2wfq1n6o1Y3kmnMDT/SGY3IqX8Vze08sH6RmqlKTbdam gzKpW80McdXz5N9KugX6PhA7YYyZA7aJPXvrX8gAYIw7lOc9MNARtLCAnsHuTjne P0BQedNjEWoEYhpGzz0WQn1U2pWbeI6/qkY5dAqmcaTy2VvraxB4NYxC2ad2rdJZ F4zPVkvasHyFmIFQH//BkTVpRhKz0XzCdoUSMLIfkI2cBCkN19c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:58 2026 by rpki-client