$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144798.roa File: AS144798.roa (raw, json) Hash identifier: 8vEAFuG+ipXUqUkaeFBMjgVi15Uc16M54iqi2RZcxr4= Subject key identifier: C7:66:E9:30:5D:62:0C:36:DA:7A:21:86:14:AF:E6:82:68:B0:0B:44 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 52BC8EADE8B42E21E6329751127F16D761237439 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144798.roa Signing time: Wed 04 Mar 2026 06:21:03 +0000 ROA not before: Wed 04 Mar 2026 06:16:03 +0000 ROA not after: Wed 03 Mar 2027 06:21:03 +0000 asID: 144798 IP address blocks: 240a:a864::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:bc:8e:ad:e8:b4:2e:21:e6:32:97:51:12:7f:16:d7:61:23:74:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:03 2026 GMT Not After : Mar 3 06:21:03 2027 GMT Subject: CN=C766E9305D620C36DA7A218614AFE68268B00B44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6f:df:1a:fa:f9:34:e5:34:ce:a3:ae:74:75: b5:5c:82:df:ea:79:2a:30:05:1a:06:53:fd:3b:a7: 59:9c:aa:d8:2b:db:19:bd:3b:ff:90:2a:79:23:37: 85:16:94:1e:b8:6e:63:5a:87:c5:5f:f7:ec:8e:3e: f8:5b:ac:fd:5e:c1:58:01:eb:1c:cf:91:6e:6b:87: 20:fb:3d:79:03:82:d6:87:c2:6d:56:a5:8b:a7:71: 48:e2:9c:ee:6e:71:24:25:ae:10:37:b1:23:17:56: 22:7c:c7:d3:16:2c:9e:50:02:f9:ba:0e:27:59:ba: 16:83:5f:e7:dc:5e:d4:44:43:93:41:e7:53:3c:70: 41:21:a1:69:cb:21:e2:47:6d:13:f8:71:78:a6:e6: 62:56:2d:c4:86:e7:9d:8b:8c:91:dd:ec:5a:67:50: bd:3b:f5:9c:26:99:5c:b8:1b:7e:80:86:68:14:69: 2d:cc:78:f5:2b:1a:54:6b:53:22:d6:79:3b:ef:ad: 9f:be:a7:ad:e1:2c:a9:38:1d:74:c9:95:13:0d:22: ed:7d:4d:50:0d:3c:54:a8:02:c9:21:d5:7b:d2:b8: 6e:03:5d:1e:08:07:34:0a:d8:08:02:ea:d0:f3:42: 7e:cc:26:60:a7:45:92:d1:03:64:60:7d:fd:f0:0d: e4:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:66:E9:30:5D:62:0C:36:DA:7A:21:86:14:AF:E6:82:68:B0:0B:44 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144798.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a864::/32 Signature Algorithm: sha256WithRSAEncryption 9b:8c:24:6b:09:aa:86:3c:15:5c:9d:e8:5d:69:bb:33:b1:1a: fb:97:d3:05:02:f4:06:29:f2:d4:5a:b5:f7:0c:82:38:ef:31: c4:e8:f6:7a:2f:38:fb:8a:79:b3:c3:b3:4b:ea:46:67:98:fd: 2b:80:2c:4b:9c:27:d0:fe:a3:2b:ea:bc:6f:d8:db:8f:61:94: a5:a6:a1:a8:78:95:37:3e:1c:52:bc:85:02:6a:f8:89:01:b4: ff:34:48:be:b7:ad:25:51:70:7d:af:da:65:68:69:d5:d5:c2: 83:9a:6a:c7:b3:db:8c:76:ad:33:1f:de:b7:07:0c:7a:51:df: 30:8c:bd:dc:c2:2a:0d:03:38:c2:ad:bd:11:58:b9:2e:0f:e9: c5:57:3d:be:0a:a2:e1:2d:09:b7:5a:af:79:92:59:eb:9c:66: 6a:bd:99:5b:c3:b0:d8:ba:4a:46:fc:29:b6:5d:8d:13:2e:46: 71:2f:62:a8:84:45:bc:59:b5:e9:80:b1:78:a1:07:94:66:2f: 58:94:ca:ee:40:cf:21:f5:55:6a:ec:ce:c5:f1:55:75:df:61: 6b:e0:8c:d3:9d:84:1d:f6:ea:71:e3:cb:29:ed:63:a9:93:92: da:a7:9a:f6:fe:19:b8:25:ec:3f:12:d1:dc:f0:84:c6:ba:91: fd:be:27:be -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUryOrei0LiHmMpdREn8W12EjdDkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYwM1oX DTI3MDMwMzA2MjEwM1owMzExMC8GA1UEAxMoQzc2NkU5MzA1RDYyMEMzNkRBN0Ey MTg2MTRBRkU2ODI2OEIwMEI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5v3xr6+TTlNM6jrnR1tVyC3+p5KjAFGgZT/TunWZyq2CvbGb07/5AqeSM3 hRaUHrhuY1qHxV/37I4++Fus/V7BWAHrHM+RbmuHIPs9eQOC1ofCbVali6dxSOKc 7m5xJCWuEDexIxdWInzH0xYsnlAC+boOJ1m6FoNf59xe1ERDk0HnUzxwQSGhacsh 4kdtE/hxeKbmYlYtxIbnnYuMkd3sWmdQvTv1nCaZXLgbfoCGaBRpLcx49SsaVGtT ItZ5O++tn76nreEsqTgddMmVEw0i7X1NUA08VKgCySHVe9K4bgNdHggHNArYCALq 0PNCfswmYKdFktEDZGB9/fAN5MsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHZukw XWIMNtp6IYYUr+aCaLALRDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDc5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qGQwDQYJKoZIhvcNAQELBQADggEBAJuMJGsJqoY8FVyd6F1puzOxGvuX0wUC9AYp 8tRatfcMgjjvMcTo9novOPuKebPDs0vqRmeY/SuALEucJ9D+oyvqvG/Y249hlKWm oah4lTc+HFK8hQJq+IkBtP80SL63rSVRcH2v2mVoadXVwoOaasez24x2rTMf3rcH DHpR3zCMvdzCKg0DOMKtvRFYuS4P6cVXPb4KouEtCbdar3mSWeucZmq9mVvDsNi6 Skb8KbZdjRMuRnEvYqiERbxZtemAsXihB5RmL1iUyu5AzyH1VWrszsXxVXXfYWvg jNOdhB326nHjyyntY6mTktqnmvb+Gbgl7D8S0dzwhMa6kf2+J74= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:19 2026 by rpki-client