$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144822.roa File: AS144822.roa (raw, json) Hash identifier: uLylq8sbTpC2oqvN9TortGQPyQR4K9yNpcJ0p9q+wRk= Subject key identifier: 1A:D3:AD:EF:D9:84:AF:AF:4D:DC:4B:31:61:19:D4:01:9B:88:D6:29 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 60CDF11F7C1BBB775F9BE622F628F72EDC7E833A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144822.roa Signing time: Wed 04 Mar 2026 06:20:08 +0000 ROA not before: Wed 04 Mar 2026 06:15:08 +0000 ROA not after: Wed 03 Mar 2027 06:20:08 +0000 asID: 144822 IP address blocks: 240a:a87c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:cd:f1:1f:7c:1b:bb:77:5f:9b:e6:22:f6:28:f7:2e:dc:7e:83:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:08 2026 GMT Not After : Mar 3 06:20:08 2027 GMT Subject: CN=1AD3ADEFD984AFAF4DDC4B316119D4019B88D629 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:5d:37:c3:72:52:b9:db:d7:4e:a0:e9:87:af: 65:c7:5a:c1:ad:bc:f6:ae:96:5e:9c:91:90:c8:03: 40:c3:fb:17:82:26:99:1e:aa:65:7f:29:09:6c:98: 34:6a:85:5c:34:ec:0e:2a:f8:ef:f7:f0:d4:b4:96: 31:b3:45:71:99:91:61:71:f8:4f:2d:1e:47:94:f4: bb:11:15:41:40:0a:1b:55:39:fc:a9:9c:79:52:5a: 13:28:66:aa:f4:f4:ec:2e:6e:0c:85:b1:bc:62:93: c8:6e:97:62:f9:c3:27:e8:3e:9b:ae:70:89:3a:71: 84:65:66:75:19:e6:30:ef:65:75:91:be:10:85:94: 6f:28:f1:7d:e3:0f:fd:ff:f2:c1:cd:9c:40:fe:81: ff:4d:4d:64:72:6a:20:5f:aa:43:9e:c2:b6:43:e5: 7b:50:89:aa:77:2b:55:b0:53:ed:8a:b4:2c:9e:a8: da:26:d0:1a:24:31:3d:59:e5:7e:03:2a:df:53:1e: 81:f6:11:45:7e:7d:f4:3e:a6:32:90:c1:b4:9a:b9: 8f:f3:10:87:5e:52:b7:50:6a:fb:01:d6:c0:a2:04: 45:99:9b:55:e9:ba:e6:db:3b:20:d5:ff:47:a1:64: f5:7a:b9:b1:c9:50:57:8e:08:7d:bf:95:54:b7:06: 81:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:D3:AD:EF:D9:84:AF:AF:4D:DC:4B:31:61:19:D4:01:9B:88:D6:29 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144822.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a87c::/32 Signature Algorithm: sha256WithRSAEncryption b4:05:c5:cb:51:99:a2:6c:67:9e:14:94:91:6d:c6:a3:87:71: 9f:2e:33:e3:6c:7d:9f:02:cc:36:08:2b:f5:cf:1d:d5:de:6d: 02:1c:05:e8:c8:ea:68:aa:3f:66:a6:7f:5b:9a:84:61:04:3d: 91:bd:27:bf:24:2b:e3:08:d4:e2:df:15:90:3b:ee:ed:c9:b3: 90:c7:c9:c9:d7:75:b9:5d:d2:cc:cf:82:56:57:45:de:24:9f: 19:74:e3:4d:2d:33:e7:f3:f0:93:c6:f8:ad:71:b6:fc:43:00: 3c:ce:4e:7f:e6:19:97:94:8e:69:9c:79:e6:f8:8f:f4:07:5c: f4:fd:ea:42:0b:f0:6d:06:57:07:38:ea:a3:6d:1b:a4:fe:47: 8d:9c:f9:0b:24:29:e5:3b:2e:99:e2:1d:61:7e:96:b5:76:b3: c6:79:78:0f:27:78:9b:bf:55:99:14:cb:9d:62:59:49:65:48: 4f:4b:f8:0e:1b:b6:bd:30:43:81:13:e6:d5:67:d4:67:1c:3e: 47:49:98:cb:57:e6:83:b7:aa:f1:57:04:22:87:26:63:59:d1: 63:bf:48:92:34:c5:05:c0:30:6e:56:6b:57:0b:52:84:55:b2: c4:ff:fa:97:5a:f1:1f:3e:08:80:ed:e1:7d:d6:7a:78:fd:69: 10:93:c6:8b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYM3xH3wbu3dfm+Yi9ij3Ltx+gzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwOFoX DTI3MDMwMzA2MjAwOFowMzExMC8GA1UEAxMoMUFEM0FERUZEOTg0QUZBRjREREM0 QjMxNjExOUQ0MDE5Qjg4RDYyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhdN8NyUrnb106g6YevZcdawa289q6WXpyRkMgDQMP7F4ImmR6qZX8pCWyY NGqFXDTsDir47/fw1LSWMbNFcZmRYXH4Ty0eR5T0uxEVQUAKG1U5/KmceVJaEyhm qvT07C5uDIWxvGKTyG6XYvnDJ+g+m65wiTpxhGVmdRnmMO9ldZG+EIWUbyjxfeMP /f/ywc2cQP6B/01NZHJqIF+qQ57CtkPle1CJqncrVbBT7Yq0LJ6o2ibQGiQxPVnl fgMq31MegfYRRX599D6mMpDBtJq5j/MQh15St1Bq+wHWwKIERZmbVem65ts7INX/ R6Fk9Xq5sclQV44Ifb+VVLcGgQMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQa063v 2YSvr03cSzFhGdQBm4jWKTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qHwwDQYJKoZIhvcNAQELBQADggEBALQFxctRmaJsZ54UlJFtxqOHcZ8uM+NsfZ8C zDYIK/XPHdXebQIcBejI6miqP2amf1uahGEEPZG9J78kK+MI1OLfFZA77u3Js5DH ycnXdbld0szPglZXRd4knxl0400tM+fz8JPG+K1xtvxDADzOTn/mGZeUjmmceeb4 j/QHXPT96kIL8G0GVwc46qNtG6T+R42c+QskKeU7LpniHWF+lrV2s8Z5eA8neJu/ VZkUy51iWUllSE9L+A4btr0wQ4ET5tVn1GccPkdJmMtX5oO3qvFXBCKHJmNZ0WO/ SJI0xQXAMG5Wa1cLUoRVssT/+pda8R8+CIDt4X3Wenj9aRCTxos= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:43 2026 by rpki-client