$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144852.roa File: AS144852.roa (raw, json) Hash identifier: d3dmRGqCQkBASbJEJX8AGDifqGk7Its1nvDS0VhKOE0= Subject key identifier: E0:87:21:35:0E:A1:94:D9:FB:76:43:A2:C6:0F:31:94:09:24:15:4A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2737498BA1C780115997E418752D328B9A8558C9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144852.roa Signing time: Wed 04 Mar 2026 06:20:29 +0000 ROA not before: Wed 04 Mar 2026 06:15:29 +0000 ROA not after: Wed 03 Mar 2027 06:20:29 +0000 asID: 144852 IP address blocks: 240a:a89a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:37:49:8b:a1:c7:80:11:59:97:e4:18:75:2d:32:8b:9a:85:58:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:29 2026 GMT Not After : Mar 3 06:20:29 2027 GMT Subject: CN=E08721350EA194D9FB7643A2C60F31940924154A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c9:0a:e0:a6:b5:3c:5e:63:fa:96:49:e2:86: b6:c8:56:4a:87:d8:1f:9c:9a:99:c5:5b:27:1b:44: 58:35:21:59:ca:ac:7b:2d:25:4f:10:18:2e:fd:e7: f7:28:4d:bb:cf:9e:67:31:ad:55:7a:5a:05:71:84: 7b:91:f8:81:e7:a4:dd:d2:40:56:de:0f:1c:5a:4d: 9a:f4:81:82:59:1b:86:20:94:0b:67:ca:cf:ad:34: 92:5d:7d:29:07:a3:e0:f2:61:85:69:c7:8f:3c:d2: 8e:f7:7f:7e:0a:2c:a9:8a:7e:5c:ff:88:0d:70:ef: 23:bf:29:18:4c:0a:78:8b:fc:e9:06:77:15:45:ae: 0e:bd:ec:57:9a:91:ed:15:a2:8a:42:20:2d:ae:53: 0d:f5:20:98:78:a6:90:e5:3d:66:da:10:e0:26:0b: 68:60:12:d6:8c:15:ac:4d:3f:d6:b9:df:14:f8:ae: c1:bf:fd:97:9a:07:15:dc:94:4b:83:f1:3a:85:92: bb:cc:ac:8d:75:53:5a:74:af:c1:40:ab:4d:fe:0a: 89:2d:f0:2c:5f:80:f9:57:84:f4:dd:35:45:ed:0e: 96:b4:ae:65:06:0b:8a:fd:6f:a0:36:76:d7:d6:e0: 09:69:92:77:be:95:85:7e:a5:36:b2:22:34:35:65: 64:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:87:21:35:0E:A1:94:D9:FB:76:43:A2:C6:0F:31:94:09:24:15:4A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144852.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a89a::/32 Signature Algorithm: sha256WithRSAEncryption 6c:dc:cd:01:47:8e:5e:44:1a:45:90:b9:67:a0:93:a3:84:92: e5:42:bc:e8:45:39:b9:e1:38:57:bc:f4:d3:8a:d6:a5:c9:18: 3e:86:8d:8b:25:e4:fc:b5:77:8a:1e:ca:f8:14:61:4c:27:78: 26:94:e4:17:ee:b9:c5:48:62:54:74:65:98:78:2d:00:1a:db: 90:77:2c:73:09:40:71:3e:2e:d2:09:ad:7d:87:d4:ae:15:e8: 34:1c:52:0c:9b:52:d8:21:7f:c4:e3:40:28:4b:a6:29:a1:26: 78:85:b4:98:38:9d:9b:46:28:94:b8:1b:18:67:ab:b9:fe:00: 98:aa:9a:6d:4b:ba:c4:37:92:a6:50:d6:91:3d:a6:59:20:e7: 90:31:7e:f6:ad:3c:68:a9:2c:23:ff:ac:29:04:4d:dc:7a:98: 02:d0:fe:b7:b4:64:a1:0c:d6:2e:7e:86:18:47:d6:d6:d8:55: f5:ea:b6:81:10:a6:13:c6:be:34:ac:bf:14:4c:f5:75:9c:e2: 55:0e:b1:7f:45:98:c4:c1:e9:5d:7d:d2:54:a4:af:25:0f:2a: 69:22:83:86:0d:0b:cb:8e:33:df:ce:89:02:24:a2:54:48:10: f9:18:30:40:12:1d:d4:e8:69:16:c0:b5:c5:f3:f8:79:d9:f2: 5f:0c:7d:7c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJzdJi6HHgBFZl+QYdS0yi5qFWMkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyOVoX DTI3MDMwMzA2MjAyOVowMzExMC8GA1UEAxMoRTA4NzIxMzUwRUExOTREOUZCNzY0 M0EyQzYwRjMxOTQwOTI0MTU0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnJCuCmtTxeY/qWSeKGtshWSofYH5yamcVbJxtEWDUhWcqsey0lTxAYLv3n 9yhNu8+eZzGtVXpaBXGEe5H4geek3dJAVt4PHFpNmvSBglkbhiCUC2fKz600kl19 KQej4PJhhWnHjzzSjvd/fgosqYp+XP+IDXDvI78pGEwKeIv86QZ3FUWuDr3sV5qR 7RWiikIgLa5TDfUgmHimkOU9ZtoQ4CYLaGAS1owVrE0/1rnfFPiuwb/9l5oHFdyU S4PxOoWSu8ysjXVTWnSvwUCrTf4KiS3wLF+A+VeE9N01Re0OlrSuZQYLiv1voDZ2 19bgCWmSd76VhX6lNrIiNDVlZH0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTghyE1 DqGU2ft2Q6LGDzGUCSQVSjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qJowDQYJKoZIhvcNAQELBQADggEBAGzczQFHjl5EGkWQuWegk6OEkuVCvOhFObnh OFe89NOK1qXJGD6GjYsl5Py1d4oeyvgUYUwneCaU5BfuucVIYlR0ZZh4LQAa25B3 LHMJQHE+LtIJrX2H1K4V6DQcUgybUtghf8TjQChLpimhJniFtJg4nZtGKJS4Gxhn q7n+AJiqmm1LusQ3kqZQ1pE9plkg55AxfvatPGipLCP/rCkETdx6mALQ/re0ZKEM 1i5+hhhH1tbYVfXqtoEQphPGvjSsvxRM9XWc4lUOsX9FmMTB6V190lSkryUPKmki g4YNC8uOM9/OiQIkolRIEPkYMEASHdToaRbAtcXz+HnZ8l8MfXw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:29 2026 by rpki-client