$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144686.roa File: AS144686.roa (raw, json) Hash identifier: G7McdH4eraLrzKIQWYOQ1npIdfVswXdDudbUR5bNkDU= Subject key identifier: 5B:11:5D:89:38:9D:C0:7A:C4:7D:09:30:92:81:B3:47:81:9F:E0:32 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 188BF559D599C5E25E977486437B1A37571C500C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144686.roa Signing time: Wed 04 Mar 2026 06:20:34 +0000 ROA not before: Wed 04 Mar 2026 06:15:34 +0000 ROA not after: Wed 03 Mar 2027 06:20:34 +0000 asID: 144686 IP address blocks: 240a:a7f4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:8b:f5:59:d5:99:c5:e2:5e:97:74:86:43:7b:1a:37:57:1c:50:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:34 2026 GMT Not After : Mar 3 06:20:34 2027 GMT Subject: CN=5B115D89389DC07AC47D09309281B347819FE032 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:83:83:c7:90:b3:8c:70:70:d3:69:9c:f3:2d: 91:c0:a2:d7:9c:7d:aa:cd:41:e0:4d:81:8f:fc:9c: 21:89:df:f9:59:f2:37:5d:72:9b:52:c9:0a:28:8d: 85:87:18:c7:bc:6a:2f:c4:07:02:c3:05:41:d0:52: d1:90:82:fc:81:ce:ad:6d:59:32:18:76:2b:9b:98: dd:cf:73:25:50:a6:00:dc:37:d2:63:54:74:28:f4: 24:4c:17:80:69:5f:70:f5:3d:b0:44:f9:84:31:64: d0:4f:51:a8:0e:0c:3d:5b:aa:19:1f:8d:b3:fe:a7: 52:e4:8b:e0:e3:84:25:84:8a:ea:71:4b:d0:68:63: 4b:df:5e:db:81:34:0a:47:b3:8e:ee:22:f8:33:9f: d0:80:8f:ac:17:c0:70:3d:13:7e:09:9d:31:56:68: 2b:33:2b:f5:b1:bd:7f:4e:00:17:4b:e7:ab:90:d3: 9d:b4:48:20:79:a1:92:91:b6:ea:54:0b:3a:a4:fd: ce:01:86:92:1b:80:f0:0b:17:c4:04:80:f7:0e:84: d5:ac:f5:42:90:e6:02:60:b7:8d:33:6d:09:fe:13: 72:7b:e2:03:2e:f5:e6:3c:ee:6e:73:eb:26:7c:af: 39:b9:07:6f:6c:77:97:4c:25:39:07:e4:02:ae:5c: bc:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:11:5D:89:38:9D:C0:7A:C4:7D:09:30:92:81:B3:47:81:9F:E0:32 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144686.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7f4::/32 Signature Algorithm: sha256WithRSAEncryption c6:36:aa:e6:08:15:8d:ea:3d:8c:b7:40:fd:bc:cf:33:ae:07: bd:de:98:9c:8a:81:69:e8:d7:3a:a8:b4:eb:de:69:1e:22:fc: d7:01:53:96:e8:b0:df:f7:59:7d:a6:02:12:2f:5c:d4:e0:c5: 66:8d:d2:13:20:dd:14:81:a9:1a:ed:e7:cf:14:9f:23:b8:cc: 19:73:87:8a:b5:7b:35:bf:d0:fc:4d:24:c6:61:e3:7d:f6:75: cd:1c:bf:ac:e3:af:d2:4c:b1:af:fb:12:12:f1:d2:73:55:3f: bf:2b:80:62:b6:6c:46:7f:dd:06:91:c8:f8:22:8c:22:3f:87: d8:a0:d2:be:9c:d7:bf:3b:ab:e3:2c:02:db:a9:f3:30:31:80: 8f:e3:00:d1:3e:8a:9c:5b:ea:76:c1:0b:99:d0:b5:b5:95:a5: 00:bd:e5:a1:e7:0d:3e:b3:53:42:0f:38:bf:a3:88:f2:d3:70: 77:bd:ff:e6:3a:fd:c9:0c:57:dd:b9:93:aa:6f:e8:8e:85:d3: 5a:4d:0b:e0:cb:28:df:c4:e9:1f:39:f8:ee:81:46:66:87:db: e8:f4:18:01:71:fc:f4:f2:9e:39:6a:54:bd:c6:bc:02:0d:33: 64:0f:89:7d:d3:59:b7:b1:1d:86:3d:e6:3d:70:bd:42:23:94: 3f:d0:9d:99 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGIv1WdWZxeJel3SGQ3saN1ccUAwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzNFoX DTI3MDMwMzA2MjAzNFowMzExMC8GA1UEAxMoNUIxMTVEODkzODlEQzA3QUM0N0Qw OTMwOTI4MUIzNDc4MTlGRTAzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKDg8eQs4xwcNNpnPMtkcCi15x9qs1B4E2Bj/ycIYnf+VnyN11ym1LJCiiN hYcYx7xqL8QHAsMFQdBS0ZCC/IHOrW1ZMhh2K5uY3c9zJVCmANw30mNUdCj0JEwX gGlfcPU9sET5hDFk0E9RqA4MPVuqGR+Ns/6nUuSL4OOEJYSK6nFL0GhjS99e24E0 Ckezju4i+DOf0ICPrBfAcD0TfgmdMVZoKzMr9bG9f04AF0vnq5DTnbRIIHmhkpG2 6lQLOqT9zgGGkhuA8AsXxASA9w6E1az1QpDmAmC3jTNtCf4TcnviAy715jzubnPr JnyvObkHb2x3l0wlOQfkAq5cvB0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRbEV2J OJ3AesR9CTCSgbNHgZ/gMjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p/QwDQYJKoZIhvcNAQELBQADggEBAMY2quYIFY3qPYy3QP28zzOuB73emJyKgWno 1zqotOveaR4i/NcBU5bosN/3WX2mAhIvXNTgxWaN0hMg3RSBqRrt588UnyO4zBlz h4q1ezW/0PxNJMZh4332dc0cv6zjr9JMsa/7EhLx0nNVP78rgGK2bEZ/3QaRyPgi jCI/h9ig0r6c1787q+MsAtup8zAxgI/jANE+ipxb6nbBC5nQtbWVpQC95aHnDT6z U0IPOL+jiPLTcHe9/+Y6/ckMV925k6pv6I6F01pNC+DLKN/E6R85+O6BRmaH2+j0 GAFx/PTynjlqVL3GvAINM2QPiX3TWbexHYY95j1wvUIjlD/QnZk= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:33 2026 by rpki-client