$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144689.roa File: AS144689.roa (raw, json) Hash identifier: 1k/LwsHvbpAq18MAMt/o9rsezAkR7LZ9Gtyk/BXrwks= Subject key identifier: 88:A4:68:41:3B:D4:33:C7:B4:57:83:4D:F2:1C:D2:A6:3D:5C:B5:1E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 04ECF11C47DC18D68E60D6FF709DAF185F6AAF7C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144689.roa Signing time: Wed 04 Mar 2026 06:20:58 +0000 ROA not before: Wed 04 Mar 2026 06:15:58 +0000 ROA not after: Wed 03 Mar 2027 06:20:58 +0000 asID: 144689 IP address blocks: 240a:a7f7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:ec:f1:1c:47:dc:18:d6:8e:60:d6:ff:70:9d:af:18:5f:6a:af:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:58 2026 GMT Not After : Mar 3 06:20:58 2027 GMT Subject: CN=88A468413BD433C7B457834DF21CD2A63D5CB51E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c6:58:29:13:3e:20:be:ab:68:f0:75:50:2d: 34:74:d4:f1:05:cf:5a:2b:56:a3:cd:6e:f1:bd:1e: 76:9f:35:98:1e:d8:f7:dd:06:e3:a9:bc:69:5b:31: 4f:8c:86:7b:1a:57:37:dd:82:22:06:6a:58:32:c1: f4:96:54:d0:fb:a8:04:87:0c:04:f4:7c:a9:b6:f4: 0a:6a:55:58:6c:18:c6:66:f1:18:82:9e:ba:10:64: b3:29:c4:9c:28:02:44:35:44:0c:d5:6a:b9:13:03: 7a:92:19:f6:c7:1d:bd:69:47:5f:de:93:8d:da:99: f8:06:94:e3:af:22:1a:d3:de:61:67:16:93:c3:11: ad:0a:a5:78:b7:cb:71:cb:71:73:7c:95:30:0f:2d: b4:25:28:e8:1d:bd:e1:37:6e:40:3e:06:4c:33:5f: 36:e4:b7:3b:03:a3:0f:31:45:5c:fb:66:41:bd:73: 93:ea:3b:8b:32:ae:1d:1d:5d:69:1c:ea:f3:e3:fa: 83:99:44:1f:b5:53:db:7e:32:3c:f1:bc:fc:64:23: d4:e8:11:e4:1d:df:e8:c8:22:9d:de:14:58:17:84: bf:16:42:0c:1b:2e:08:70:6f:76:03:25:85:b8:a6: 01:ff:d9:e2:d9:a5:8c:2c:31:50:3d:ba:69:a5:a9: 4d:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:A4:68:41:3B:D4:33:C7:B4:57:83:4D:F2:1C:D2:A6:3D:5C:B5:1E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144689.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a7f7::/32 Signature Algorithm: sha256WithRSAEncryption 0d:44:da:5c:fc:72:77:a6:3c:13:2e:f6:7b:8d:96:68:ea:a9: 17:38:2b:e0:ae:15:a0:2f:ef:1e:3f:17:b0:38:c8:c8:52:a8: 8d:fa:e4:5d:4b:71:3a:1d:d5:24:50:13:52:b9:ba:14:46:66: aa:1d:fb:a9:7d:58:5d:2b:3c:b3:19:51:d2:94:58:88:fb:7e: 68:44:c0:10:95:52:90:b4:af:34:fd:f1:5a:d3:f0:4f:2d:86: 97:da:ce:29:fe:cc:59:84:9d:a5:e9:04:4b:b6:54:54:dd:2b: 3f:4d:4b:77:54:e2:b1:55:d4:8c:de:87:26:f9:6b:07:52:19: 01:6d:be:7b:25:0d:15:0e:9f:6d:aa:31:45:4a:f9:4d:2d:d9: f6:55:b9:7d:27:ac:4b:e7:dd:c3:49:b7:6a:91:c7:18:ef:cc: 7d:44:d5:42:69:c3:1d:e2:d5:c2:d0:dc:19:83:b4:c0:a8:d0: 65:b7:c9:72:67:a6:7f:8e:dd:06:68:c6:14:dc:20:c4:36:7f: 7f:e5:b3:cd:cc:fc:be:23:cc:c5:e8:39:3e:e4:9c:30:1a:45: f8:b7:a3:6c:ea:2a:3a:a9:c3:6f:03:35:d7:fc:81:6c:75:78: ef:b2:42:48:a5:bc:76:8a:40:33:6b:70:ef:5d:65:55:5d:8c: 96:ce:65:e0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBOzxHEfcGNaOYNb/cJ2vGF9qr3wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1OFoX DTI3MDMwMzA2MjA1OFowMzExMC8GA1UEAxMoODhBNDY4NDEzQkQ0MzNDN0I0NTc4 MzRERjIxQ0QyQTYzRDVDQjUxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANLGWCkTPiC+q2jwdVAtNHTU8QXPWitWo81u8b0edp81mB7Y990G46m8aVsx T4yGexpXN92CIgZqWDLB9JZU0PuoBIcMBPR8qbb0CmpVWGwYxmbxGIKeuhBksynE nCgCRDVEDNVquRMDepIZ9scdvWlHX96TjdqZ+AaU468iGtPeYWcWk8MRrQqleLfL cctxc3yVMA8ttCUo6B294TduQD4GTDNfNuS3OwOjDzFFXPtmQb1zk+o7izKuHR1d aRzq8+P6g5lEH7VT234yPPG8/GQj1OgR5B3f6Mgind4UWBeEvxZCDBsuCHBvdgMl hbimAf/Z4tmljCwxUD26aaWpTccCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSIpGhB O9Qzx7RXg03yHNKmPVy1HjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDY4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK p/cwDQYJKoZIhvcNAQELBQADggEBAA1E2lz8cnemPBMu9nuNlmjqqRc4K+CuFaAv 7x4/F7A4yMhSqI365F1LcTod1SRQE1K5uhRGZqod+6l9WF0rPLMZUdKUWIj7fmhE wBCVUpC0rzT98VrT8E8thpfazin+zFmEnaXpBEu2VFTdKz9NS3dU4rFV1Izehyb5 awdSGQFtvnslDRUOn22qMUVK+U0t2fZVuX0nrEvn3cNJt2qRxxjvzH1E1UJpwx3i 1cLQ3BmDtMCo0GW3yXJnpn+O3QZoxhTcIMQ2f3/ls83M/L4jzMXoOT7knDAaRfi3 o2zqKjqpw28DNdf8gWx1eO+yQkilvHaKQDNrcO9dZVVdjJbOZeA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:23 2026 by rpki-client