$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144584.roa File: AS144584.roa (raw, json) Hash identifier: RZ1GQ6mWSlERUoIw5FrIVsfZ5pB41kWSsHfycW+Jd2I= Subject key identifier: 33:FF:3F:E0:CC:31:7B:39:DE:84:12:D2:35:21:E8:D8:38:B5:74:BD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 302FBF85FE0F179E308548CE66344BC001951435 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144584.roa Signing time: Wed 04 Mar 2026 06:21:06 +0000 ROA not before: Wed 04 Mar 2026 06:16:06 +0000 ROA not after: Wed 03 Mar 2027 06:21:06 +0000 asID: 144584 IP address blocks: 240a:a78e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:2f:bf:85:fe:0f:17:9e:30:85:48:ce:66:34:4b:c0:01:95:14:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:06 2026 GMT Not After : Mar 3 06:21:06 2027 GMT Subject: CN=33FF3FE0CC317B39DE8412D23521E8D838B574BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:2f:2f:08:23:37:32:d6:dd:d9:c4:fb:88:60: a0:d2:94:80:3c:81:1c:30:76:5e:54:62:f6:9f:e4: 61:90:31:17:2c:cc:bb:64:f8:a6:f8:e3:22:1a:f7: f8:e9:72:c0:83:33:d8:9c:1a:28:e2:1f:c5:3b:fe: cc:fc:80:34:7a:bc:ca:0d:91:40:d3:b1:3d:df:72: 78:fb:19:fd:2c:1d:ef:ab:37:9f:44:84:b3:dc:df: 3e:0b:b4:e0:b0:8e:12:cb:84:ae:09:f3:ba:be:7e: d4:e9:ab:80:ba:ef:41:2f:14:4e:53:36:11:50:a2: 01:c6:d5:dd:5b:b5:e9:12:f6:20:8b:35:bb:89:a2: cf:e9:29:63:37:cf:6a:da:10:75:bf:45:f9:a1:f4: 51:29:7c:8e:48:86:30:fd:96:41:19:b7:27:fe:b2: d3:59:c5:a1:4d:06:5a:7c:4e:0e:dd:83:d0:35:5f: e8:7d:d2:9d:1d:ab:d7:aa:6a:3b:e8:6e:10:8b:45: cb:0b:c0:e5:76:cd:53:31:f2:fe:13:42:6b:42:6e: c6:ff:87:1b:01:d6:55:69:da:33:01:5f:1d:67:a8: 39:b7:66:db:46:4f:10:4a:16:a0:6e:b8:96:e6:8d: da:82:cc:4e:ed:89:57:90:20:d0:5c:90:c9:77:bb: 56:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:FF:3F:E0:CC:31:7B:39:DE:84:12:D2:35:21:E8:D8:38:B5:74:BD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144584.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a78e::/32 Signature Algorithm: sha256WithRSAEncryption 26:69:94:d6:72:b5:ce:d9:2b:ba:ac:e0:d7:28:bf:02:2b:dd: cd:c9:6e:ce:1e:82:ca:50:94:45:f9:d1:53:16:9b:6d:58:cc: 63:35:a2:41:3c:8f:fe:de:7a:68:0e:9d:5b:30:81:3b:d9:7f: fa:16:8f:bf:30:8c:62:f2:e9:12:ff:7f:ad:5f:fd:f9:e4:71: e5:8a:47:03:5a:5d:33:b4:56:c6:f9:30:1e:0d:20:61:24:96: 51:83:73:5c:a8:4b:73:3d:bd:7e:1a:68:38:f6:87:e3:cb:c8: ce:b4:47:16:6b:66:19:18:59:a5:4c:00:6f:49:57:eb:19:ce: 26:67:3d:0f:cf:87:b1:50:d7:30:b6:4c:f7:51:31:ac:0e:e7: 3c:1f:48:01:f3:68:95:74:d9:9f:a5:b6:1f:db:48:bb:22:0b: 83:a6:a1:8f:39:e0:23:52:0e:9e:db:84:ed:3b:47:b7:4e:39: 41:72:fc:93:ab:a1:aa:32:6c:ff:12:04:00:3a:56:d5:92:71: f1:76:94:77:8b:40:cb:33:29:d0:b9:9e:43:50:e5:cd:38:16: 6c:ff:e5:34:6e:6f:f7:11:d6:60:7f:4a:4a:06:44:7b:85:e7: ad:54:15:fe:b1:0f:b0:ee:64:19:e9:0a:08:52:72:29:33:34: e4:1e:ef:b5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMC+/hf4PF54whUjOZjRLwAGVFDUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYwNloX DTI3MDMwMzA2MjEwNlowMzExMC8GA1UEAxMoMzNGRjNGRTBDQzMxN0IzOURFODQx MkQyMzUyMUU4RDgzOEI1NzRCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKUvLwgjNzLW3dnE+4hgoNKUgDyBHDB2XlRi9p/kYZAxFyzMu2T4pvjjIhr3 +OlywIMz2JwaKOIfxTv+zPyANHq8yg2RQNOxPd9yePsZ/Swd76s3n0SEs9zfPgu0 4LCOEsuErgnzur5+1OmrgLrvQS8UTlM2EVCiAcbV3Vu16RL2IIs1u4miz+kpYzfP atoQdb9F+aH0USl8jkiGMP2WQRm3J/6y01nFoU0GWnxODt2D0DVf6H3SnR2r16pq O+huEItFywvA5XbNUzHy/hNCa0Juxv+HGwHWVWnaMwFfHWeoObdm20ZPEEoWoG64 luaN2oLMTu2JV5Ag0FyQyXe7VrUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQz/z/g zDF7Od6EEtI1IejYOLV0vTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDU4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p44wDQYJKoZIhvcNAQELBQADggEBACZplNZytc7ZK7qs4NcovwIr3c3Jbs4egspQ lEX50VMWm21YzGM1okE8j/7eemgOnVswgTvZf/oWj78wjGLy6RL/f61f/fnkceWK RwNaXTO0Vsb5MB4NIGEkllGDc1yoS3M9vX4aaDj2h+PLyM60RxZrZhkYWaVMAG9J V+sZziZnPQ/Ph7FQ1zC2TPdRMawO5zwfSAHzaJV02Z+lth/bSLsiC4OmoY854CNS Dp7bhO07R7dOOUFy/JOroaoybP8SBAA6VtWScfF2lHeLQMszKdC5nkNQ5c04Fmz/ 5TRub/cR1mB/SkoGRHuF561UFf6xD7DuZBnpCghScikzNOQe77U= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:22 2026 by rpki-client