$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144870.roa File: AS144870.roa (raw, json) Hash identifier: lD0nbbsQOXZSSI+tRWrsVk/6AaxhO3L9nnrSPA4AJiE= Subject key identifier: 95:35:01:E1:D9:76:BB:E1:DF:61:E4:BF:B0:FC:99:43:8F:EE:BE:10 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4B5AA8954AB6AD4AC85A6A9A4B7FC4A37C0F1552 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144870.roa Signing time: Wed 04 Mar 2026 06:20:09 +0000 ROA not before: Wed 04 Mar 2026 06:15:09 +0000 ROA not after: Wed 03 Mar 2027 06:20:09 +0000 asID: 144870 IP address blocks: 240a:a8ac::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:5a:a8:95:4a:b6:ad:4a:c8:5a:6a:9a:4b:7f:c4:a3:7c:0f:15:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:09 2026 GMT Not After : Mar 3 06:20:09 2027 GMT Subject: CN=953501E1D976BBE1DF61E4BFB0FC99438FEEBE10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3f:e3:bc:8f:77:33:da:2f:52:e9:72:7b:05: 4a:47:1f:65:af:f5:d1:f6:37:62:43:e1:58:7d:fc: d7:b6:b4:3e:01:7b:21:c4:bd:fc:5f:f1:65:04:90: 4c:cf:3a:79:5e:71:17:03:54:fe:ed:c1:47:61:78: 36:8d:87:98:8e:9c:d4:c0:e1:c7:0d:3c:a1:aa:c6: 1a:58:58:fd:d0:a5:f2:1d:f0:d9:28:88:04:8a:af: 4e:e5:db:e4:64:ae:c2:f2:52:92:bf:ac:f9:9a:17: 10:aa:a7:e2:61:6c:9c:92:db:4a:1a:a5:96:9e:5f: d6:27:16:ca:e8:4e:43:70:53:60:46:3c:44:3f:ff: e2:81:0e:e1:88:f3:a7:e5:d9:2c:4d:00:02:e2:d4: a0:aa:b7:f1:02:61:18:00:fc:b4:67:80:1b:95:5f: d8:60:80:5c:9a:22:d0:7a:0a:4f:ab:7f:04:30:7a: b9:32:d0:60:40:79:f6:17:10:a7:84:f3:4c:26:b6: 70:ba:63:ad:c8:2b:f1:b4:27:d1:a4:06:23:79:4e: f0:af:17:61:76:43:70:20:1f:39:6a:88:15:14:e9: 74:47:37:90:74:3f:3f:8d:0e:d1:9b:97:4e:09:32: 12:e9:b9:8c:97:08:24:76:86:86:9f:c6:34:54:be: 4a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:35:01:E1:D9:76:BB:E1:DF:61:E4:BF:B0:FC:99:43:8F:EE:BE:10 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144870.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8ac::/32 Signature Algorithm: sha256WithRSAEncryption a3:9d:8e:8e:24:46:05:2b:a4:d1:1e:23:97:9b:85:64:60:af: 02:c7:d4:8c:d5:9f:ec:89:f8:22:da:36:7c:35:f9:1a:dd:83: 25:c7:51:a2:8f:a2:af:75:da:29:cd:56:33:26:3b:96:57:c8: 06:ea:a0:f5:b2:ec:8e:06:38:9a:ce:dd:89:d0:5e:63:17:01: aa:1d:31:66:6e:98:d2:79:c6:d0:c9:c7:40:12:df:8d:dd:df: fb:5a:f9:18:a6:12:d8:0f:76:6d:b8:ab:b6:af:35:59:33:bf: 75:83:9c:39:a7:03:5f:ca:cb:03:27:df:5b:a3:a0:bc:24:62: 83:a3:3a:42:ec:08:25:13:50:65:6c:47:70:a7:d6:69:06:f6: 4d:9e:30:92:aa:15:c8:6a:f0:80:54:76:84:c0:43:54:a2:0a: 9f:ab:14:9f:a3:49:bb:61:63:6c:96:f0:4a:06:e8:9e:6a:de: a6:74:3a:e2:0a:19:68:95:ef:3a:89:b4:98:15:0f:eb:7d:fc: f6:73:e3:c1:ea:38:19:6c:eb:6d:15:50:dc:37:82:62:3b:38: 9e:eb:b1:ca:fe:ac:e7:e4:ee:ef:42:fa:c7:6c:1c:4d:fa:11: 8d:89:f8:50:83:b8:ee:7e:a5:1f:95:eb:fe:c9:7f:64:e1:b0: 4e:e7:ab:50 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUS1qolUq2rUrIWmqaS3/Eo3wPFVIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwOVoX DTI3MDMwMzA2MjAwOVowMzExMC8GA1UEAxMoOTUzNTAxRTFEOTc2QkJFMURGNjFF NEJGQjBGQzk5NDM4RkVFQkUxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMI/47yPdzPaL1LpcnsFSkcfZa/10fY3YkPhWH3817a0PgF7IcS9/F/xZQSQ TM86eV5xFwNU/u3BR2F4No2HmI6c1MDhxw08oarGGlhY/dCl8h3w2SiIBIqvTuXb 5GSuwvJSkr+s+ZoXEKqn4mFsnJLbShqllp5f1icWyuhOQ3BTYEY8RD//4oEO4Yjz p+XZLE0AAuLUoKq38QJhGAD8tGeAG5Vf2GCAXJoi0HoKT6t/BDB6uTLQYEB59hcQ p4TzTCa2cLpjrcgr8bQn0aQGI3lO8K8XYXZDcCAfOWqIFRTpdEc3kHQ/P40O0ZuX TgkyEum5jJcIJHaGhp/GNFS+StUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSVNQHh 2Xa74d9h5L+w/JlDj+6+EDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qKwwDQYJKoZIhvcNAQELBQADggEBAKOdjo4kRgUrpNEeI5ebhWRgrwLH1IzVn+yJ +CLaNnw1+RrdgyXHUaKPoq912inNVjMmO5ZXyAbqoPWy7I4GOJrO3YnQXmMXAaod MWZumNJ5xtDJx0AS343d3/ta+RimEtgPdm24q7avNVkzv3WDnDmnA1/KywMn31uj oLwkYoOjOkLsCCUTUGVsR3Cn1mkG9k2eMJKqFchq8IBUdoTAQ1SiCp+rFJ+jSbth Y2yW8EoG6J5q3qZ0OuIKGWiV7zqJtJgVD+t9/PZz48HqOBls620VUNw3gmI7OJ7r scr+rOfk7u9C+sdsHE36EY2J+FCDuO5+pR+V6/7Jf2ThsE7nq1A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:46 2026 by rpki-client