$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144580.roa File: AS144580.roa (raw, json) Hash identifier: SHo7G6JcaWoJFlqp3DX0+F3Fi7SXwdnKvGScMVA1FXg= Subject key identifier: 8F:64:C0:95:2B:8B:13:9A:19:84:5C:1C:AC:C6:06:86:CD:92:C4:FF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3A8A17C8CBF7654195210239662BC83FC89694E8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144580.roa Signing time: Wed 04 Mar 2026 06:19:20 +0000 ROA not before: Wed 04 Mar 2026 06:14:20 +0000 ROA not after: Wed 03 Mar 2027 06:19:20 +0000 asID: 144580 IP address blocks: 240a:a78a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:8a:17:c8:cb:f7:65:41:95:21:02:39:66:2b:c8:3f:c8:96:94:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:20 2026 GMT Not After : Mar 3 06:19:20 2027 GMT Subject: CN=8F64C0952B8B139A19845C1CACC60686CD92C4FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:17:0f:10:14:06:de:50:7c:8a:4c:d2:d6:e7: 2c:5d:16:72:84:15:e6:90:b5:28:60:c1:91:48:b6: df:f4:b4:52:a1:30:c4:78:e4:51:38:b1:c0:7c:ae: 0f:87:fb:74:bc:61:5e:52:36:89:fc:3c:8c:52:3c: 4f:f3:f4:47:3a:3b:09:38:35:98:0e:8a:c9:40:e4: 69:ea:7b:57:eb:36:8e:df:5c:c2:23:c7:28:79:25: fd:23:fc:29:62:49:95:a7:55:47:1b:1e:f0:c8:7f: ab:8d:69:24:91:28:4a:18:09:86:8d:43:f2:8f:25: e4:30:38:e1:c0:c1:6a:10:2c:e2:63:59:6f:14:4e: 0d:e1:ca:9a:dd:4f:87:be:d3:0b:eb:bf:04:bf:55: 30:8b:71:e3:bb:15:ef:b2:97:23:cd:16:61:ad:de: 59:a8:e5:2e:87:13:b7:52:f8:e0:66:c6:fc:d9:a7: 3c:97:7b:2a:da:38:c6:3a:63:af:bc:8c:b0:52:cc: 4c:5c:aa:1a:4b:37:b7:dc:2f:d4:b2:eb:60:c3:4a: c0:fc:93:c4:27:b3:74:82:ea:99:cf:91:22:d0:5d: fd:66:b0:29:9b:cf:e4:21:6d:81:61:f9:10:44:b3: ae:65:cc:2f:e6:b4:c0:e4:f2:a4:fb:b3:23:77:bc: c5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:64:C0:95:2B:8B:13:9A:19:84:5C:1C:AC:C6:06:86:CD:92:C4:FF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144580.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a78a::/32 Signature Algorithm: sha256WithRSAEncryption af:48:ac:b0:29:fd:c0:99:66:fa:58:b5:3f:6a:ff:8c:30:2e: 32:86:f8:3d:7f:b1:6c:db:64:94:67:51:6b:c1:9d:3b:0b:96: 3b:61:e3:49:79:87:23:9e:04:b1:08:05:13:39:43:5d:00:4a: 95:2c:81:51:66:61:c8:af:93:c8:a2:65:c7:99:15:e4:fd:46: d9:a3:14:cd:86:37:10:d8:43:47:53:0f:9b:27:26:90:c7:a9: b7:90:3e:e7:f1:5c:5e:82:46:3a:ce:ce:6c:71:43:92:0a:ec: 9e:02:73:df:f5:fd:2b:59:07:fb:71:b5:66:f4:5c:f6:f0:5c: 15:e0:6b:5d:af:09:69:10:8f:9f:d4:62:08:c8:0a:d0:d6:16: 67:0c:fe:6d:37:1c:00:33:98:00:94:98:88:a7:16:bf:db:94: 3f:b6:25:82:c2:b9:c1:7d:4e:f8:81:a8:b5:a4:13:e7:54:1d: b8:a2:4f:e3:1c:de:c8:9e:6f:40:c1:63:49:86:8d:88:a8:e2: 3f:94:8a:2b:70:37:07:d5:70:ff:db:4f:09:21:8b:8f:07:5e: 53:1c:72:1e:93:3d:f5:14:30:8c:63:ec:51:05:3f:dd:db:78: b4:6b:09:84:48:e4:53:c4:83:38:9f:3d:fd:56:65:1c:3e:b6: f7:55:99:b5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOooXyMv3ZUGVIQI5ZivIP8iWlOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyMFoX DTI3MDMwMzA2MTkyMFowMzExMC8GA1UEAxMoOEY2NEMwOTUyQjhCMTM5QTE5ODQ1 QzFDQUNDNjA2ODZDRDkyQzRGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgXDxAUBt5QfIpM0tbnLF0WcoQV5pC1KGDBkUi23/S0UqEwxHjkUTixwHyu D4f7dLxhXlI2ifw8jFI8T/P0Rzo7CTg1mA6KyUDkaep7V+s2jt9cwiPHKHkl/SP8 KWJJladVRxse8Mh/q41pJJEoShgJho1D8o8l5DA44cDBahAs4mNZbxRODeHKmt1P h77TC+u/BL9VMItx47sV77KXI80WYa3eWajlLocTt1L44GbG/NmnPJd7Kto4xjpj r7yMsFLMTFyqGks3t9wv1LLrYMNKwPyTxCezdILqmc+RItBd/WawKZvP5CFtgWH5 EESzrmXML+a0wOTypPuzI3e8xUkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSPZMCV K4sTmhmEXBysxgaGzZLE/zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU4MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p4owDQYJKoZIhvcNAQELBQADggEBAK9IrLAp/cCZZvpYtT9q/4wwLjKG+D1/sWzb ZJRnUWvBnTsLljth40l5hyOeBLEIBRM5Q10ASpUsgVFmYcivk8iiZceZFeT9Rtmj FM2GNxDYQ0dTD5snJpDHqbeQPufxXF6CRjrOzmxxQ5IK7J4Cc9/1/StZB/txtWb0 XPbwXBXga12vCWkQj5/UYgjICtDWFmcM/m03HAAzmACUmIinFr/blD+2JYLCucF9 TviBqLWkE+dUHbiiT+Mc3sieb0DBY0mGjYio4j+UiitwNwfVcP/bTwkhi48HXlMc ch6TPfUUMIxj7FEFP93beLRrCYRI5FPEgzifPf1WZRw+tvdVmbU= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:43 2026 by rpki-client