$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144863.roa File: AS144863.roa (raw, json) Hash identifier: YzkVSXlLfMT5gPcQUEKgGJpM/UANpDKjS322XyC+m44= Subject key identifier: 07:97:DE:80:7B:DD:80:6A:9F:F2:E7:3B:95:77:9F:96:E8:D6:7B:21 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 31CC9D4393C591ACC4950C6505C0482E9AF882D7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144863.roa Signing time: Wed 04 Mar 2026 06:19:45 +0000 ROA not before: Wed 04 Mar 2026 06:14:45 +0000 ROA not after: Wed 03 Mar 2027 06:19:45 +0000 asID: 144863 IP address blocks: 240a:a8a5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:cc:9d:43:93:c5:91:ac:c4:95:0c:65:05:c0:48:2e:9a:f8:82:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:45 2026 GMT Not After : Mar 3 06:19:45 2027 GMT Subject: CN=0797DE807BDD806A9FF2E73B95779F96E8D67B21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c1:f9:a1:21:97:a5:a2:dd:8b:c0:e6:39:1d: 8e:47:a7:4e:8c:af:ab:e4:b2:f6:98:28:b3:85:38: 3f:a4:b6:19:bc:99:4e:ce:b2:3a:54:b6:d8:e7:e6: 0d:ca:f8:aa:87:1a:6d:f6:04:48:de:a8:0e:8d:23: 3a:57:73:5a:f2:20:ff:fb:4d:2a:5f:9c:2b:c8:c9: 96:31:34:3d:20:b5:74:2d:19:f9:cc:05:c4:18:13: 7f:3b:e8:df:1d:da:d4:6e:18:1b:dd:0e:ee:0d:53: 65:85:b4:44:e0:39:1a:b8:47:55:e7:98:92:4f:0a: df:c1:6a:ad:d7:5e:61:04:46:30:cc:d5:b8:ae:d6: ab:9d:cb:89:58:bf:eb:09:c2:37:3e:40:a8:a3:c1: 8c:55:fd:69:1a:ec:df:f6:40:43:a8:cb:5c:69:47: 48:11:46:98:93:9b:b9:3d:8e:22:42:e1:97:90:f5: c6:7e:e7:13:ef:7d:be:23:dc:39:c7:5f:2f:29:0f: a4:5f:5c:20:5a:6e:ae:82:cb:b4:2d:26:4d:7d:86: 50:3a:df:be:ab:c2:5b:53:0d:c3:54:4e:c2:25:1e: ee:d0:61:c2:e3:0e:c1:b3:6d:cf:4d:06:ae:48:5a: ec:8b:4d:51:51:98:4c:48:c7:60:0a:f6:a9:45:2d: 14:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:97:DE:80:7B:DD:80:6A:9F:F2:E7:3B:95:77:9F:96:E8:D6:7B:21 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144863.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8a5::/32 Signature Algorithm: sha256WithRSAEncryption b9:69:01:fa:aa:ef:51:ee:12:92:11:44:b7:f5:14:de:14:1d: cb:87:b1:7d:e0:26:cc:c1:3b:4c:91:8e:a7:69:2e:6a:33:35: f1:de:68:40:a0:a5:2d:2d:98:17:d6:2d:a4:1c:90:ac:69:79: 17:0c:3e:61:5c:0b:a5:19:2d:7c:2d:40:89:70:7a:fe:d5:c8: 40:ea:25:33:db:f2:41:81:e2:d5:3b:43:9a:8c:9a:c6:33:b0: 14:bb:11:a4:76:31:ec:2b:72:7e:1f:dd:fd:b0:7d:56:08:fa: 32:96:e3:89:f6:68:4c:e0:ee:e2:44:80:0a:89:25:b0:84:5e: e1:56:ec:b7:b9:5b:4f:a9:5d:15:90:19:97:99:8a:53:3d:ff: 65:d4:f4:65:7b:80:4f:c0:3b:51:78:e1:a3:b1:8d:84:ee:c0: 19:b2:82:34:d2:f3:a8:6d:45:57:82:fa:61:f8:ba:25:95:a1: 35:f8:4b:b6:b9:3d:ac:32:e3:45:05:80:57:e9:4b:b6:53:c2: 3b:cf:a9:b8:0d:c9:0b:45:13:66:01:e7:0e:0d:73:4a:7c:4f: bb:49:ae:b3:79:57:2c:1d:99:15:1c:95:d2:cb:3e:56:df:57: 25:a0:64:9e:bb:49:0c:97:d7:9e:1c:1f:04:70:08:52:1c:ef: 39:8c:65:f1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMcydQ5PFkazElQxlBcBILpr4gtcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0NVoX DTI3MDMwMzA2MTk0NVowMzExMC8GA1UEAxMoMDc5N0RFODA3QkREODA2QTlGRjJF NzNCOTU3NzlGOTZFOEQ2N0IyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALLB+aEhl6Wi3YvA5jkdjkenToyvq+Sy9pgos4U4P6S2GbyZTs6yOlS22Ofm Dcr4qocabfYESN6oDo0jOldzWvIg//tNKl+cK8jJljE0PSC1dC0Z+cwFxBgTfzvo 3x3a1G4YG90O7g1TZYW0ROA5GrhHVeeYkk8K38FqrddeYQRGMMzVuK7Wq53LiVi/ 6wnCNz5AqKPBjFX9aRrs3/ZAQ6jLXGlHSBFGmJObuT2OIkLhl5D1xn7nE+99viPc OcdfLykPpF9cIFpuroLLtC0mTX2GUDrfvqvCW1MNw1ROwiUe7tBhwuMOwbNtz00G rkha7ItNUVGYTEjHYAr2qUUtFGcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQHl96A e92Aap/y5zuVd5+W6NZ7ITAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qKUwDQYJKoZIhvcNAQELBQADggEBALlpAfqq71HuEpIRRLf1FN4UHcuHsX3gJszB O0yRjqdpLmozNfHeaECgpS0tmBfWLaQckKxpeRcMPmFcC6UZLXwtQIlwev7VyEDq JTPb8kGB4tU7Q5qMmsYzsBS7EaR2Mewrcn4f3f2wfVYI+jKW44n2aEzg7uJEgAqJ JbCEXuFW7Le5W0+pXRWQGZeZilM9/2XU9GV7gE/AO1F44aOxjYTuwBmygjTS86ht RVeC+mH4uiWVoTX4S7a5Pawy40UFgFfpS7ZTwjvPqbgNyQtFE2YB5w4Nc0p8T7tJ rrN5VywdmRUcldLLPlbfVyWgZJ67SQyX154cHwRwCFIc7zmMZfE= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:35 2026 by rpki-client