$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144829.roa File: AS144829.roa (raw, json) Hash identifier: oN3Y8YgP7h8lS2lozreCwDmZM8vO4WJd8ucO0tqLR5A= Subject key identifier: 42:5F:36:E9:F6:2E:BC:A1:AC:75:89:71:B2:42:B2:07:DE:D4:2C:77 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3F9ED39387BBEA44B442E95B4047F838450718A2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144829.roa Signing time: Wed 04 Mar 2026 06:21:47 +0000 ROA not before: Wed 04 Mar 2026 06:16:47 +0000 ROA not after: Wed 03 Mar 2027 06:21:47 +0000 asID: 144829 IP address blocks: 240a:a883::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:9e:d3:93:87:bb:ea:44:b4:42:e9:5b:40:47:f8:38:45:07:18:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:47 2026 GMT Not After : Mar 3 06:21:47 2027 GMT Subject: CN=425F36E9F62EBCA1AC758971B242B207DED42C77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:8c:09:9c:57:03:94:ee:9c:ab:70:83:3a:d3: a2:13:ce:00:60:16:53:d9:4a:20:7c:03:dd:7a:51: d8:cb:cd:4d:f6:d5:f5:c1:9e:82:15:94:17:3d:56: 62:ba:fc:07:c3:e0:af:55:81:a1:1e:8e:3b:e6:4d: 65:e9:8f:ee:38:59:8b:c6:9d:26:65:d3:12:94:9e: 11:d4:42:7e:f1:f4:4e:96:c4:7f:b4:6f:b4:fa:ad: f2:d3:01:65:7d:15:86:fd:67:5d:79:e7:d2:38:b0: f5:6c:b4:a5:af:19:5d:94:fb:72:58:59:6d:6c:5a: f5:82:e3:ee:e3:13:db:31:53:33:5d:b5:90:80:4c: ad:26:fb:50:96:f8:e8:26:60:a6:f4:73:45:74:8b: 69:67:2e:77:75:27:12:eb:03:7f:e5:cd:a8:4b:b7: ec:6a:45:14:76:4f:3d:78:e1:bd:99:83:ae:4a:82: 93:34:e7:a6:66:78:0d:8f:7e:b7:af:ed:d8:2f:ce: 96:18:13:2b:82:51:b3:e6:33:e2:0a:f0:5d:4c:61: d6:68:b9:95:1a:00:a3:a0:c1:bd:4a:16:1c:03:5a: d9:5a:a8:5e:aa:c9:7c:42:3b:94:f7:7c:b0:7e:f3: f2:3b:93:6b:51:08:1b:06:b3:bb:22:b3:30:d6:a5: e7:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:5F:36:E9:F6:2E:BC:A1:AC:75:89:71:B2:42:B2:07:DE:D4:2C:77 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144829.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a883::/32 Signature Algorithm: sha256WithRSAEncryption c9:64:cc:3d:93:7f:1d:2f:39:45:46:f8:95:c0:98:c8:7f:e8: f9:53:f4:07:5d:35:7a:ee:e1:72:4f:f6:70:00:ab:8e:67:dc: a8:a7:a8:df:b9:6f:8a:a4:3b:60:19:4f:f7:03:f0:ef:41:08: 50:e3:af:10:0d:a5:7f:09:26:a6:42:90:88:b7:ff:c4:7a:98: 8e:56:ec:e5:eb:7f:00:e1:d1:30:44:a0:55:c8:94:bb:75:ac: c9:48:a3:9d:e0:c9:f5:cb:02:9a:b1:14:8a:ee:00:2c:14:1d: a0:79:7a:e2:ed:9a:3f:7d:52:a8:c1:a2:64:39:9f:5a:d9:28: 1f:e2:d6:a4:d8:c4:3c:8c:00:27:02:08:b4:cb:d1:19:93:50: 6d:29:e3:c3:7a:a4:5c:07:73:ca:d2:3b:de:7d:54:bf:a9:d0: b6:04:43:e9:28:e2:fa:6d:a4:32:dd:9b:18:54:b6:fb:6d:89: 71:e4:f8:5e:63:ed:1d:b2:ef:98:46:a7:36:b7:fb:9c:21:f2: 6b:a5:1f:7a:f3:e6:cb:ae:84:24:4f:03:3a:99:d4:fd:f6:a0: 57:54:a3:0b:b1:39:ae:4b:26:55:39:37:75:59:fa:ed:62:05: a0:60:d9:aa:75:d4:22:90:70:4a:24:d0:12:b3:91:c3:1f:80: bf:f5:47:94 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP57Tk4e76kS0QulbQEf4OEUHGKIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0N1oX DTI3MDMwMzA2MjE0N1owMzExMC8GA1UEAxMoNDI1RjM2RTlGNjJFQkNBMUFDNzU4 OTcxQjI0MkIyMDdERUQ0MkM3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANCMCZxXA5TunKtwgzrTohPOAGAWU9lKIHwD3XpR2MvNTfbV9cGeghWUFz1W Yrr8B8Pgr1WBoR6OO+ZNZemP7jhZi8adJmXTEpSeEdRCfvH0TpbEf7RvtPqt8tMB ZX0Vhv1nXXnn0jiw9Wy0pa8ZXZT7clhZbWxa9YLj7uMT2zFTM121kIBMrSb7UJb4 6CZgpvRzRXSLaWcud3UnEusDf+XNqEu37GpFFHZPPXjhvZmDrkqCkzTnpmZ4DY9+ t6/t2C/OlhgTK4JRs+Yz4grwXUxh1mi5lRoAo6DBvUoWHANa2VqoXqrJfEI7lPd8 sH7z8juTa1EIGwazuyKzMNal51ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRCXzbp 9i68oax1iXGyQrIH3tQsdzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qIMwDQYJKoZIhvcNAQELBQADggEBAMlkzD2Tfx0vOUVG+JXAmMh/6PlT9AddNXru 4XJP9nAAq45n3KinqN+5b4qkO2AZT/cD8O9BCFDjrxANpX8JJqZCkIi3/8R6mI5W 7OXrfwDh0TBEoFXIlLt1rMlIo53gyfXLApqxFIruACwUHaB5euLtmj99UqjBomQ5 n1rZKB/i1qTYxDyMACcCCLTL0RmTUG0p48N6pFwHc8rSO959VL+p0LYEQ+ko4vpt pDLdmxhUtvttiXHk+F5j7R2y75hGpza3+5wh8mulH3rz5suuhCRPAzqZ1P32oFdU owuxOa5LJlU5N3VZ+u1iBaBg2ap11CKQcEok0BKzkcMfgL/1R5Q= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:19 2026 by rpki-client