$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144839.roa File: AS144839.roa (raw, json) Hash identifier: Z7gTayzSzXr5gWsKoTGYgr5Kw2Fn0jZRVOe9fVbrkuc= Subject key identifier: D9:E9:77:2A:C8:AC:6E:FE:D9:A5:AE:ED:9E:65:D0:54:24:A9:CF:19 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 340975714DA5B937FB46B716EAD1D5320963DD88 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144839.roa Signing time: Wed 04 Mar 2026 06:21:08 +0000 ROA not before: Wed 04 Mar 2026 06:16:08 +0000 ROA not after: Wed 03 Mar 2027 06:21:08 +0000 asID: 144839 IP address blocks: 240a:a88d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:09:75:71:4d:a5:b9:37:fb:46:b7:16:ea:d1:d5:32:09:63:dd:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:08 2026 GMT Not After : Mar 3 06:21:08 2027 GMT Subject: CN=D9E9772AC8AC6EFED9A5AEED9E65D05424A9CF19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:34:d1:0e:35:26:8b:f2:49:bc:a5:ee:22:79: f5:3c:cf:96:98:44:32:7b:08:60:2c:12:90:ae:7f: 04:52:c8:ce:7d:ae:70:c9:6c:bd:2f:d9:2b:c2:dd: 3b:a6:d4:17:c3:29:50:fd:6b:a5:50:56:b2:40:d4: 19:92:80:fe:34:db:fd:f5:2a:17:24:ff:c3:90:8a: 37:7e:b1:e9:90:81:6c:e5:ef:04:23:1e:6a:03:bd: 94:cd:c6:2f:5f:2e:53:05:29:69:a1:08:b0:15:a9: 3a:a9:5a:c4:93:d8:a3:d7:14:8e:63:59:47:0b:b6: c9:fd:51:bf:0c:69:89:0c:36:a3:30:8c:69:b7:cb: c4:a6:11:f5:31:d4:3a:86:e1:60:eb:87:9a:e0:cb: 0e:25:c9:d7:09:6f:4e:1f:1f:b5:cb:89:00:47:ba: 60:88:51:ea:ef:ff:f6:dd:64:93:92:9a:2e:ca:f4: 2a:01:da:94:6b:5a:3b:5f:7f:e4:52:94:19:0d:99: 00:e6:a8:62:2b:3d:94:07:4d:35:4d:92:65:d1:11: 0b:59:bd:2e:e4:3e:8d:3c:06:75:e2:9f:59:dc:05: 17:57:34:3e:a5:a4:5b:26:c0:20:35:ff:d6:b8:9e: f4:0e:99:17:e2:02:75:01:5f:e7:60:93:22:03:ef: 92:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:E9:77:2A:C8:AC:6E:FE:D9:A5:AE:ED:9E:65:D0:54:24:A9:CF:19 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144839.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a88d::/32 Signature Algorithm: sha256WithRSAEncryption ce:fc:3b:17:8c:5d:75:ab:62:c8:4b:e1:38:bb:ef:8e:b5:3d: 8e:d6:12:b8:90:fe:aa:4d:44:c8:37:c9:76:c7:82:3a:8c:d3: 5a:8e:ef:91:63:3b:6c:de:c9:fc:de:35:97:14:cc:40:8c:55: 1d:2b:ba:be:01:dc:c0:20:f1:79:a7:c9:1e:67:c2:e3:26:37: 8a:5a:89:23:b2:a9:f2:19:b2:1f:b2:7b:34:73:6f:e0:73:97: 88:bb:fa:8b:5b:2c:2a:43:fe:48:0c:b6:8e:2f:64:e8:19:79: d3:f1:8d:fa:8b:a9:b6:f9:0d:96:73:39:7f:09:5c:d9:c0:59: 57:31:29:78:19:67:a6:12:3c:52:9e:46:89:57:b8:60:4e:f4: f8:10:43:da:18:58:90:b4:73:46:e7:21:e3:c1:f3:ab:d6:d7: 34:48:62:9b:57:85:00:5f:ce:2e:62:f8:03:80:6f:e8:dc:58: 5f:37:34:0b:7a:d9:f1:9e:ae:9d:6b:ed:a0:cc:8e:fd:9c:27: 75:76:14:6d:28:d9:57:60:bf:68:50:0a:d0:2e:e3:60:a5:11: a9:da:e2:ef:db:e3:20:09:3f:64:d7:e5:0d:1e:21:ec:66:b2: 69:a8:20:4f:04:1d:1a:91:c6:d2:91:be:f6:ca:c5:a1:e1:a8: e1:d8:51:06 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNAl1cU2luTf7RrcW6tHVMglj3YgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYwOFoX DTI3MDMwMzA2MjEwOFowMzExMC8GA1UEAxMoRDlFOTc3MkFDOEFDNkVGRUQ5QTVB RUVEOUU2NUQwNTQyNEE5Q0YxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALc00Q41JovySbyl7iJ59TzPlphEMnsIYCwSkK5/BFLIzn2ucMlsvS/ZK8Ld O6bUF8MpUP1rpVBWskDUGZKA/jTb/fUqFyT/w5CKN36x6ZCBbOXvBCMeagO9lM3G L18uUwUpaaEIsBWpOqlaxJPYo9cUjmNZRwu2yf1RvwxpiQw2ozCMabfLxKYR9THU OobhYOuHmuDLDiXJ1wlvTh8ftcuJAEe6YIhR6u//9t1kk5KaLsr0KgHalGtaO19/ 5FKUGQ2ZAOaoYis9lAdNNU2SZdERC1m9LuQ+jTwGdeKfWdwFF1c0PqWkWybAIDX/ 1rie9A6ZF+ICdQFf52CTIgPvkvMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTZ6Xcq yKxu/tmlru2eZdBUJKnPGTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDgzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qI0wDQYJKoZIhvcNAQELBQADggEBAM78OxeMXXWrYshL4Ti77461PY7WEriQ/qpN RMg3yXbHgjqM01qO75FjO2zeyfzeNZcUzECMVR0rur4B3MAg8XmnyR5nwuMmN4pa iSOyqfIZsh+yezRzb+Bzl4i7+otbLCpD/kgMto4vZOgZedPxjfqLqbb5DZZzOX8J XNnAWVcxKXgZZ6YSPFKeRolXuGBO9PgQQ9oYWJC0c0bnIePB86vW1zRIYptXhQBf zi5i+AOAb+jcWF83NAt62fGerp1r7aDMjv2cJ3V2FG0o2Vdgv2hQCtAu42ClEana 4u/b4yAJP2TX5Q0eIexmsmmoIE8EHRqRxtKRvvbKxaHhqOHYUQY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:30 2026 by rpki-client