$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144758.roa File: AS144758.roa (raw, json) Hash identifier: 1QNjFKVavSuPGWv7BhroGXrZIfBxfYKlKYl9gcLKtwo= Subject key identifier: B9:8F:71:9C:85:B5:60:1B:95:F5:7D:AB:34:E3:5E:71:71:6E:87:E9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 06428E8F2ED493E4406A8302B1E977B049CBAFEA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144758.roa Signing time: Wed 04 Mar 2026 06:22:09 +0000 ROA not before: Wed 04 Mar 2026 06:17:09 +0000 ROA not after: Wed 03 Mar 2027 06:22:09 +0000 asID: 144758 IP address blocks: 240a:a83c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:42:8e:8f:2e:d4:93:e4:40:6a:83:02:b1:e9:77:b0:49:cb:af:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:09 2026 GMT Not After : Mar 3 06:22:09 2027 GMT Subject: CN=B98F719C85B5601B95F57DAB34E35E71716E87E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:f2:b5:83:6d:92:5f:22:0b:0e:88:8d:54:00: c1:e1:17:21:f0:e7:a2:76:70:da:9d:94:51:c6:76: b0:88:6d:de:96:d6:a6:c9:cf:ce:25:bf:af:57:85: 27:c7:04:88:63:e0:fe:3d:06:03:d6:e1:10:29:e2: 63:f3:07:cb:64:88:d1:20:e6:52:01:29:f4:ab:79: 2f:f2:5a:f9:89:da:4c:a5:c2:ce:de:15:68:b8:66: a9:c8:f0:cb:63:eb:d6:58:1e:a0:d0:54:d0:93:24: 0d:14:5c:cb:55:70:3d:37:2c:9d:ae:43:e9:e1:c1: a1:27:a0:f6:22:75:90:e5:3a:33:f4:1b:df:da:3f: d7:b5:b4:47:60:15:a1:b3:d8:cb:e2:18:e8:1b:56: 74:e8:4f:e5:2a:3a:f4:01:1b:43:06:f1:4e:97:98: f7:8e:1d:d2:bd:96:08:b5:cf:ef:a5:bf:52:76:fb: c0:03:61:ff:51:5f:b8:50:ee:6f:97:7c:b0:8d:64: da:7f:46:79:3e:7d:06:84:f4:79:4d:03:d5:21:22: cd:06:3c:17:92:30:eb:f9:57:79:a7:01:95:1a:cf: 2d:81:e7:f5:0c:45:5f:79:dd:90:03:2d:a1:75:3a: 26:86:c8:18:c8:16:b0:dc:95:1f:51:8f:56:38:6b: ff:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:8F:71:9C:85:B5:60:1B:95:F5:7D:AB:34:E3:5E:71:71:6E:87:E9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144758.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a83c::/32 Signature Algorithm: sha256WithRSAEncryption 0c:c4:e7:f7:f2:6c:e4:1c:26:85:ec:a0:0a:65:c4:77:fa:ce: d5:5d:ea:db:d9:4b:dd:dc:fa:ac:27:16:cc:48:cc:a1:70:aa: d8:0f:67:df:b8:63:92:b5:79:52:ab:c0:fa:c7:7f:42:39:80: 1a:2f:14:e0:4e:52:92:07:82:5e:aa:81:c1:d6:3f:04:01:e3: b7:02:8a:29:c5:7d:63:79:35:8c:45:28:37:b1:61:bc:7f:7e: 7a:31:f0:86:80:62:82:5a:7f:2f:ab:a1:ad:44:54:f3:8e:cf: 81:13:bd:18:a6:97:37:5a:38:47:ea:84:52:be:cd:f1:3b:ac: 49:ce:db:77:ba:36:2a:d8:b6:59:65:ae:a2:65:35:1c:54:c3: ea:80:68:fa:35:78:63:d2:66:18:8a:51:1e:60:b9:33:c9:c3: 23:e0:33:64:f3:50:79:8e:bf:ef:f8:ad:17:e2:7c:11:87:aa: 47:89:5a:9d:96:52:25:ab:c6:c4:f1:15:5c:43:64:cb:d5:5f: 1c:46:05:2c:41:55:05:7f:8e:20:a1:22:17:c6:2d:05:bb:be: 2f:db:20:7a:d6:b0:3e:42:8b:e7:99:33:e6:51:e1:18:f3:f7: 0f:66:e4:40:1f:48:fa:e5:0a:63:44:54:2c:bd:04:ed:d1:2a: 6c:28:59:86 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBkKOjy7Uk+RAaoMCsel3sEnLr+owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwOVoX DTI3MDMwMzA2MjIwOVowMzExMC8GA1UEAxMoQjk4RjcxOUM4NUI1NjAxQjk1RjU3 REFCMzRFMzVFNzE3MTZFODdFOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKLytYNtkl8iCw6IjVQAweEXIfDnonZw2p2UUcZ2sIht3pbWpsnPziW/r1eF J8cEiGPg/j0GA9bhECniY/MHy2SI0SDmUgEp9Kt5L/Ja+YnaTKXCzt4VaLhmqcjw y2Pr1lgeoNBU0JMkDRRcy1VwPTcsna5D6eHBoSeg9iJ1kOU6M/Qb39o/17W0R2AV obPYy+IY6BtWdOhP5So69AEbQwbxTpeY944d0r2WCLXP76W/Unb7wANh/1FfuFDu b5d8sI1k2n9GeT59BoT0eU0D1SEizQY8F5Iw6/lXeacBlRrPLYHn9QxFX3ndkAMt oXU6JobIGMgWsNyVH1GPVjhr/wsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS5j3Gc hbVgG5X1fas0415xcW6H6TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDc1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qDwwDQYJKoZIhvcNAQELBQADggEBAAzE5/fybOQcJoXsoAplxHf6ztVd6tvZS93c +qwnFsxIzKFwqtgPZ9+4Y5K1eVKrwPrHf0I5gBovFOBOUpIHgl6qgcHWPwQB47cC iinFfWN5NYxFKDexYbx/fnox8IaAYoJafy+roa1EVPOOz4ETvRimlzdaOEfqhFK+ zfE7rEnO23e6NirYtlllrqJlNRxUw+qAaPo1eGPSZhiKUR5guTPJwyPgM2TzUHmO v+/4rRfifBGHqkeJWp2WUiWrxsTxFVxDZMvVXxxGBSxBVQV/jiChIhfGLQW7vi/b IHrWsD5Ci+eZM+ZR4Rjz9w9m5EAfSPrlCmNEVCy9BO3RKmwoWYY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:47 2026 by rpki-client