$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144837.roa File: AS144837.roa (raw, json) Hash identifier: Sg/GLtfWh9AgP4M9OEVWZPJQeIuOy9we64gYRlbFzkQ= Subject key identifier: 32:49:FA:00:41:70:EF:E4:C6:13:7A:F0:92:72:9D:86:C3:05:34:96 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 14ECE2BA392696F195B0D61B5ACCC1282A55F6D3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144837.roa Signing time: Wed 04 Mar 2026 06:19:42 +0000 ROA not before: Wed 04 Mar 2026 06:14:42 +0000 ROA not after: Wed 03 Mar 2027 06:19:42 +0000 asID: 144837 IP address blocks: 240a:a88b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:ec:e2:ba:39:26:96:f1:95:b0:d6:1b:5a:cc:c1:28:2a:55:f6:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:42 2026 GMT Not After : Mar 3 06:19:42 2027 GMT Subject: CN=3249FA004170EFE4C6137AF092729D86C3053496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:12:fd:7f:c7:d0:ad:59:a0:28:9a:d5:ff:ea: 00:7a:f6:05:93:10:eb:73:69:fc:86:2f:49:9d:eb: a7:0c:b1:61:62:2b:ea:b6:1f:1c:e4:01:a2:e8:4a: 55:74:79:62:22:27:01:52:bf:21:e4:ed:05:a9:9f: c3:b5:a2:67:f3:80:97:30:07:cc:ba:65:ae:98:88: ff:a8:e8:da:46:3d:07:df:a1:b1:47:da:b0:75:86: 4e:a6:16:50:80:92:6c:b2:bf:42:77:33:65:23:64: c9:df:ac:a3:3d:3f:80:07:21:f2:cf:ee:a6:76:a3: 4f:37:8a:6e:dc:4b:b3:9c:97:57:8d:f7:58:32:72: 81:d9:c5:38:27:57:f3:79:f7:ee:10:07:e6:81:56: b4:da:48:72:ec:50:af:fd:d7:f2:c0:05:7f:07:18: 8d:ba:73:54:1f:d5:28:c1:d0:46:03:00:de:e6:90: b6:55:46:fb:a3:12:cd:f6:3d:12:15:98:96:23:08: 80:ff:92:a9:49:e1:7a:60:59:42:57:6e:9b:9c:20: ba:86:50:60:ca:b4:4d:eb:4d:fe:e7:cb:fc:ed:1e: 1f:7c:0e:b0:25:a2:f1:6d:5c:51:ff:a9:b1:da:33: f2:ef:f8:38:56:09:d7:aa:7e:0d:8f:78:38:80:cc: f5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:49:FA:00:41:70:EF:E4:C6:13:7A:F0:92:72:9D:86:C3:05:34:96 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a88b::/32 Signature Algorithm: sha256WithRSAEncryption 58:18:99:64:a3:c4:e8:79:2c:6a:58:fd:44:4c:84:56:da:6c: 2c:ea:e9:07:06:31:fe:7c:f8:d8:b3:8e:fe:47:04:9b:38:e7: 78:d3:65:bc:ad:7d:78:3a:b0:f3:6b:33:32:b6:d1:0a:bc:31: df:fc:0c:ef:92:5a:67:be:1b:cb:a8:19:ce:fd:61:af:07:e3: 4a:88:f8:5b:9b:a2:26:6e:19:d1:2c:1b:d7:ef:25:9a:38:8d: 02:74:d2:b8:45:83:7e:30:a3:0f:7d:68:78:b0:fb:f9:71:b7: 6c:39:e0:b7:fa:1e:1a:05:63:88:16:68:14:69:b3:fe:5a:4f: c4:2e:44:32:35:12:3c:c0:8b:a5:ac:ca:aa:aa:7c:97:66:0a: 2d:6e:cc:70:bd:af:2d:74:cc:ed:cb:e9:4f:c1:dc:d5:45:3e: 87:1e:3f:a8:5b:fc:e2:34:ab:62:86:94:e6:3e:7d:14:1a:38: b5:2a:1c:eb:8a:23:e6:59:b2:cb:36:81:72:0f:9f:01:aa:f2: a1:59:6b:66:bc:6e:82:3b:d6:0e:60:9b:3c:86:2f:10:8e:ae: e5:32:ac:24:5f:2a:e7:cb:ad:15:a2:39:d0:8c:15:2c:16:aa: 1b:76:02:2b:7a:84:53:03:b2:6b:dd:80:1d:54:1f:d8:12:f7: 9a:5e:24:c4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFOziujkmlvGVsNYbWszBKCpV9tMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0MloX DTI3MDMwMzA2MTk0MlowMzExMC8GA1UEAxMoMzI0OUZBMDA0MTcwRUZFNEM2MTM3 QUYwOTI3MjlEODZDMzA1MzQ5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4S/X/H0K1ZoCia1f/qAHr2BZMQ63Np/IYvSZ3rpwyxYWIr6rYfHOQBouhK VXR5YiInAVK/IeTtBamfw7WiZ/OAlzAHzLplrpiI/6jo2kY9B9+hsUfasHWGTqYW UICSbLK/QnczZSNkyd+soz0/gAch8s/upnajTzeKbtxLs5yXV433WDJygdnFOCdX 83n37hAH5oFWtNpIcuxQr/3X8sAFfwcYjbpzVB/VKMHQRgMA3uaQtlVG+6MSzfY9 EhWYliMIgP+SqUnhemBZQldum5wguoZQYMq0TetN/ufL/O0eH3wOsCWi8W1cUf+p sdoz8u/4OFYJ16p+DY94OIDM9TECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQySfoA QXDv5MYTevCScp2GwwU0ljAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qIswDQYJKoZIhvcNAQELBQADggEBAFgYmWSjxOh5LGpY/URMhFbabCzq6QcGMf58 +Nizjv5HBJs453jTZbytfXg6sPNrMzK20Qq8Md/8DO+SWme+G8uoGc79Ya8H40qI +FuboiZuGdEsG9fvJZo4jQJ00rhFg34wow99aHiw+/lxt2w54Lf6HhoFY4gWaBRp s/5aT8QuRDI1EjzAi6WsyqqqfJdmCi1uzHC9ry10zO3L6U/B3NVFPoceP6hb/OI0 q2KGlOY+fRQaOLUqHOuKI+ZZsss2gXIPnwGq8qFZa2a8boI71g5gmzyGLxCOruUy rCRfKufLrRWiOdCMFSwWqht2Ait6hFMDsmvdgB1UH9gS95peJMQ= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:43 2026 by rpki-client