$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144868.roa File: AS144868.roa (raw, json) Hash identifier: lT0dSCU7jkRDKbKBD8MwZ8qvEvfQlTh821kWiLzx/NE= Subject key identifier: 58:97:91:4F:B7:2D:CC:DD:4D:A8:51:D6:45:38:5E:E8:D5:D9:6A:1E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 56AA680289BF80E2DA43A7DE51056417B60CCD0F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144868.roa Signing time: Wed 04 Mar 2026 06:20:03 +0000 ROA not before: Wed 04 Mar 2026 06:15:03 +0000 ROA not after: Wed 03 Mar 2027 06:20:03 +0000 asID: 144868 IP address blocks: 240a:a8aa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:aa:68:02:89:bf:80:e2:da:43:a7:de:51:05:64:17:b6:0c:cd:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:03 2026 GMT Not After : Mar 3 06:20:03 2027 GMT Subject: CN=5897914FB72DCCDD4DA851D645385EE8D5D96A1E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ba:50:5d:f8:32:33:bf:95:9a:b8:1f:50:f7: 07:7b:3d:c5:18:0a:b8:25:50:87:ad:85:16:d0:df: c1:bd:9e:85:12:c7:66:83:ce:c6:ea:e1:3a:ab:98: a7:a6:d3:f2:07:39:af:95:d0:62:76:10:0e:ec:5e: d9:4a:3f:14:53:01:fc:3c:65:7b:53:aa:b9:7c:cb: ad:de:2a:0a:14:29:e6:70:2d:88:ab:45:3f:fc:8c: b3:02:c4:55:37:95:48:1e:ce:2a:79:3d:88:72:09: b2:3c:f2:46:7f:2e:78:61:00:76:08:f6:43:5d:f9: d6:5f:20:f6:45:9e:34:f6:69:75:d1:4d:d9:c5:3f: a6:51:6c:ba:17:f9:ec:77:59:38:60:77:a7:9b:d3: 4b:d6:b8:e2:64:c8:df:d1:50:39:41:b0:37:31:5a: 6d:d9:a5:e0:8f:8e:15:de:c2:20:44:02:86:a8:aa: 74:69:7c:a8:1d:ac:21:79:b0:ac:a9:7e:e0:50:2e: 20:c0:a4:eb:ec:25:57:05:2b:53:31:32:a6:80:d7: 4f:72:65:3b:65:7b:ba:72:12:01:05:d6:35:ba:91: 23:ea:2f:5d:b0:e1:b4:67:61:43:06:28:a7:77:c8: 44:4b:18:38:c4:6e:5d:83:a1:a3:6c:71:ee:07:f0: c5:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:97:91:4F:B7:2D:CC:DD:4D:A8:51:D6:45:38:5E:E8:D5:D9:6A:1E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144868.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8aa::/32 Signature Algorithm: sha256WithRSAEncryption ca:a7:78:2c:7a:c7:bc:44:9d:eb:4d:57:9a:ed:01:17:86:97: 7c:50:0a:2b:10:44:2b:b8:ab:a7:da:99:c3:30:67:53:30:a6: a7:26:39:f2:18:05:92:25:85:9f:cd:b2:77:a3:74:c1:c6:5b: 2d:e7:8f:2e:2b:06:ce:95:5a:63:2c:55:69:94:d3:c5:a7:98: 1e:0a:c5:79:d4:ff:3e:fa:8c:fc:7f:2b:06:fc:4c:11:06:44: a1:ce:d3:72:48:52:85:8b:43:21:b3:81:34:10:09:48:4e:68: bc:18:38:a8:f7:c0:43:9b:15:54:97:51:cb:29:ea:e4:74:0c: 7c:38:0c:d2:b1:c2:bd:a0:6b:c0:fb:30:5b:6b:f7:fc:1d:ac: 93:ed:0d:ff:58:8e:7e:4f:0a:52:24:be:70:32:06:35:05:f4: 09:36:71:bd:d2:ed:90:cb:26:cd:d8:b1:da:89:ad:b7:2b:76: 07:25:0e:70:77:f6:d4:ff:11:5b:f9:63:80:b8:4a:1c:6b:81: 84:c0:40:13:e0:f4:3d:80:b7:49:b7:5d:62:97:8e:a5:ac:8f: 12:34:c3:e7:41:cc:13:74:5f:d0:5f:34:59:70:e7:36:32:f5: a7:9f:7d:40:20:80:2d:5a:78:27:99:94:a6:e9:46:fc:7b:a5: 13:e0:9f:a1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVqpoAom/gOLaQ6feUQVkF7YMzQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwM1oX DTI3MDMwMzA2MjAwM1owMzExMC8GA1UEAxMoNTg5NzkxNEZCNzJEQ0NERDREQTg1 MUQ2NDUzODVFRThENUQ5NkExRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJy6UF34MjO/lZq4H1D3B3s9xRgKuCVQh62FFtDfwb2ehRLHZoPOxurhOquY p6bT8gc5r5XQYnYQDuxe2Uo/FFMB/Dxle1OquXzLrd4qChQp5nAtiKtFP/yMswLE VTeVSB7OKnk9iHIJsjzyRn8ueGEAdgj2Q1351l8g9kWeNPZpddFN2cU/plFsuhf5 7HdZOGB3p5vTS9a44mTI39FQOUGwNzFabdml4I+OFd7CIEQChqiqdGl8qB2sIXmw rKl+4FAuIMCk6+wlVwUrUzEypoDXT3JlO2V7unISAQXWNbqRI+ovXbDhtGdhQwYo p3fIREsYOMRuXYOho2xx7gfwxWMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRYl5FP ty3M3U2oUdZFOF7o1dlqHjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qKowDQYJKoZIhvcNAQELBQADggEBAMqneCx6x7xEnetNV5rtAReGl3xQCisQRCu4 q6famcMwZ1MwpqcmOfIYBZIlhZ/NsnejdMHGWy3njy4rBs6VWmMsVWmU08WnmB4K xXnU/z76jPx/Kwb8TBEGRKHO03JIUoWLQyGzgTQQCUhOaLwYOKj3wEObFVSXUcsp 6uR0DHw4DNKxwr2ga8D7MFtr9/wdrJPtDf9Yjn5PClIkvnAyBjUF9Ak2cb3S7ZDL Js3YsdqJrbcrdgclDnB39tT/EVv5Y4C4ShxrgYTAQBPg9D2At0m3XWKXjqWsjxI0 w+dBzBN0X9BfNFlw5zYy9aeffUAggC1aeCeZlKbpRvx7pRPgn6E= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:35 2026 by rpki-client