$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144859.roa File: AS144859.roa (raw, json) Hash identifier: J7492+m92RUoPpsPTCRLUxQjDqILdBCzpwZEf7VE/k4= Subject key identifier: 96:72:D0:36:E8:40:A5:A0:CB:70:C2:79:69:D2:32:79:0B:CB:D4:C5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 27C1FC3CE3E3D9E0851B0E7FD383EFC4CC83108A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144859.roa Signing time: Wed 04 Mar 2026 06:21:38 +0000 ROA not before: Wed 04 Mar 2026 06:16:38 +0000 ROA not after: Wed 03 Mar 2027 06:21:38 +0000 asID: 144859 IP address blocks: 240a:a8a1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:c1:fc:3c:e3:e3:d9:e0:85:1b:0e:7f:d3:83:ef:c4:cc:83:10:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:38 2026 GMT Not After : Mar 3 06:21:38 2027 GMT Subject: CN=9672D036E840A5A0CB70C27969D232790BCBD4C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:35:21:4c:2b:fc:91:76:c4:f9:40:9c:48:56: 7c:e2:4c:64:e1:a1:b7:f2:84:31:8c:a0:8e:6f:24: d7:f6:6e:a5:e9:ec:96:76:26:a0:f4:fa:f9:cf:12: a6:02:92:71:e3:94:25:e8:c4:94:c0:cb:1f:39:37: 40:0a:62:12:8e:b6:3e:a2:1a:0b:d3:90:55:d9:07: 36:94:db:f9:cc:2b:f2:51:d5:7c:4d:a1:10:df:b9: 60:c5:c8:8b:b9:78:b7:a0:32:08:5f:f6:3b:fd:d4: e7:8b:1d:a5:d6:ca:fd:70:a8:08:03:cf:8a:f7:51: 7b:9e:9b:5b:7e:46:65:15:de:a7:05:3a:22:2f:0f: 17:73:37:3f:3c:0b:15:d8:dc:b9:8d:f4:a0:f3:fd: e4:db:65:8d:6e:4c:28:ae:35:18:cb:55:22:d9:f9: 98:f7:7c:1d:0e:01:ef:c3:1e:8e:7d:e6:5c:7f:4d: 54:d3:29:5d:63:d2:41:55:1d:f5:99:ad:bf:a4:f0: 90:bf:ba:17:7c:49:26:8c:6b:4a:53:74:33:8c:c3: d2:de:58:50:e6:9a:1c:5c:71:02:a3:e8:df:f1:cc: 3b:a1:35:f5:e6:6d:22:06:cb:cf:03:87:47:86:10: 19:86:78:a0:1b:bf:f3:17:28:e2:26:a1:21:65:e5: 33:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:72:D0:36:E8:40:A5:A0:CB:70:C2:79:69:D2:32:79:0B:CB:D4:C5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144859.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8a1::/32 Signature Algorithm: sha256WithRSAEncryption 54:bb:2a:56:e3:c5:b0:b0:91:c7:6d:ed:07:6e:2c:0c:5c:3c: 86:38:a9:52:37:11:29:1a:f8:c1:df:06:01:0c:53:61:83:35: 14:04:a6:ea:8f:c4:de:83:d6:f8:58:3b:99:68:bf:8a:bc:ec: 77:96:a6:08:ad:31:71:88:88:3c:4e:ef:3a:33:bd:14:d4:70: 2e:9f:bb:29:da:ff:0b:18:cf:43:4d:f2:aa:0f:85:1e:83:cd: 6f:93:20:56:ee:71:f8:f3:99:b3:eb:d8:90:b2:5d:01:dc:bc: 13:45:f8:e6:fb:1a:74:45:4c:41:4f:f1:6e:38:43:f5:22:32: 17:c7:ba:4c:d7:d4:19:d5:ad:71:26:0c:7e:07:bc:12:b6:d8: 12:40:60:a3:fa:a6:10:cb:6e:29:ba:54:61:38:c6:4b:da:32: 28:95:b6:dc:58:79:61:98:34:6f:44:c5:ca:4e:4c:99:dd:f0: 32:3b:bb:49:c0:7e:ac:54:99:1a:96:dd:7f:df:33:7a:ae:c5: 52:bf:71:ab:cb:cd:b4:5e:0a:09:d5:28:bb:de:2f:02:2e:9f: 17:ae:3e:57:53:85:37:f9:4e:9c:1e:c0:fd:35:29:33:f7:c7: ce:db:14:1a:ab:95:31:51:94:80:f8:d0:9e:5f:41:1f:da:79: 2a:23:08:97 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJ8H8POPj2eCFGw5/04PvxMyDEIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYzOFoX DTI3MDMwMzA2MjEzOFowMzExMC8GA1UEAxMoOTY3MkQwMzZFODQwQTVBMENCNzBD Mjc5NjlEMjMyNzkwQkNCRDRDNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN81IUwr/JF2xPlAnEhWfOJMZOGht/KEMYygjm8k1/ZupenslnYmoPT6+c8S pgKSceOUJejElMDLHzk3QApiEo62PqIaC9OQVdkHNpTb+cwr8lHVfE2hEN+5YMXI i7l4t6AyCF/2O/3U54sdpdbK/XCoCAPPivdRe56bW35GZRXepwU6Ii8PF3M3PzwL FdjcuY30oPP95NtljW5MKK41GMtVItn5mPd8HQ4B78Mejn3mXH9NVNMpXWPSQVUd 9Zmtv6TwkL+6F3xJJoxrSlN0M4zD0t5YUOaaHFxxAqPo3/HMO6E19eZtIgbLzwOH R4YQGYZ4oBu/8xco4iahIWXlMyMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSWctA2 6ECloMtwwnlp0jJ5C8vUxTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qKEwDQYJKoZIhvcNAQELBQADggEBAFS7KlbjxbCwkcdt7QduLAxcPIY4qVI3ESka +MHfBgEMU2GDNRQEpuqPxN6D1vhYO5lov4q87HeWpgitMXGIiDxO7zozvRTUcC6f uyna/wsYz0NN8qoPhR6DzW+TIFbucfjzmbPr2JCyXQHcvBNF+Ob7GnRFTEFP8W44 Q/UiMhfHukzX1BnVrXEmDH4HvBK22BJAYKP6phDLbim6VGE4xkvaMiiVttxYeWGY NG9ExcpOTJnd8DI7u0nAfqxUmRqW3X/fM3quxVK/cavLzbReCgnVKLveLwIunxeu PldThTf5TpwewP01KTP3x87bFBqrlTFRlID40J5fQR/aeSojCJc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:42 2026 by rpki-client