$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144872.roa File: AS144872.roa (raw, json) Hash identifier: 2QKCCAtwpb7fFDsI4rLqgIJhaYm3+fNIqFE16PxriOQ= Subject key identifier: 05:9F:5B:19:02:4A:3F:E8:4A:C9:58:33:93:B6:6D:EF:0A:12:4D:28 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 123A3CE569EF2149C9E01A2D2FC6EC1C5D76974C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144872.roa Signing time: Wed 04 Mar 2026 06:20:17 +0000 ROA not before: Wed 04 Mar 2026 06:15:17 +0000 ROA not after: Wed 03 Mar 2027 06:20:17 +0000 asID: 144872 IP address blocks: 240a:a8ae::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:3a:3c:e5:69:ef:21:49:c9:e0:1a:2d:2f:c6:ec:1c:5d:76:97:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:17 2026 GMT Not After : Mar 3 06:20:17 2027 GMT Subject: CN=059F5B19024A3FE84AC9583393B66DEF0A124D28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:a0:46:5c:17:65:d7:d3:82:e6:09:e0:9b:34: 8b:c5:58:43:a4:c7:6b:2e:c7:63:1c:c2:9c:4b:e9: 4f:d2:5a:cf:7f:a8:45:40:a0:87:cb:f0:3e:b4:95: e0:0d:0e:86:24:c8:da:dc:b7:8c:9a:04:f4:80:b0: 24:3d:1b:12:df:7a:5f:00:c2:79:c7:c8:58:36:53: 58:33:c0:27:a0:61:b6:5e:c0:29:97:50:e4:a2:7d: 14:49:f0:3c:86:83:94:f9:d2:dd:b0:cf:72:30:a7: 15:c2:bd:5b:c7:99:af:58:b3:52:4c:eb:f0:a7:da: db:4d:49:3f:10:e6:4e:b1:51:8c:7b:42:2f:f2:fc: 10:c8:0d:a0:05:cf:bb:3b:7d:af:f4:ad:05:01:57: 35:a2:ef:d0:3a:0a:d5:99:6e:56:95:72:73:fb:27: 0d:88:8c:61:44:84:89:6a:50:60:cd:32:61:1a:98: 5e:50:e2:39:cd:74:c6:a9:23:05:87:21:17:b9:a1: 3a:28:7b:a7:95:8b:7c:30:84:3e:37:53:e8:5e:0f: 47:f6:b5:d5:36:75:9f:48:2b:ac:fe:e5:08:4f:76: be:70:a6:9d:a8:33:7d:3f:2c:3b:82:d7:c4:38:03: b2:94:90:f0:66:1c:3b:d6:c9:c0:d6:ad:e4:de:14: c1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:9F:5B:19:02:4A:3F:E8:4A:C9:58:33:93:B6:6D:EF:0A:12:4D:28 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144872.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8ae::/32 Signature Algorithm: sha256WithRSAEncryption c4:c4:37:1a:56:fc:70:fd:83:b6:ef:73:a4:0b:af:99:29:1d: da:9e:e2:5f:f8:c7:fc:3d:c2:ae:f0:ea:43:d9:76:ae:65:87: 34:7a:94:0c:ee:a6:46:1d:8b:20:14:c4:23:a0:88:d5:c8:8b: 6e:46:24:b0:70:60:a8:aa:56:f2:34:10:c7:27:13:e9:12:16: 72:c7:cb:8e:32:52:30:79:29:18:a3:a1:22:f7:80:c2:60:ec: 48:f5:0f:c5:00:1f:f9:a4:b6:fe:94:39:d7:71:dd:48:e8:f5: 39:05:f1:b9:41:60:b9:fe:2b:e1:aa:66:f4:aa:50:16:5b:77: 6f:ae:29:ab:1f:22:aa:d1:e7:67:7a:4f:bc:e9:65:00:1e:c3: 53:93:1b:ce:06:30:b0:8a:67:24:80:0a:1b:64:a8:05:54:ae: f7:f2:6c:ee:c7:89:99:47:48:04:9b:bd:25:b0:04:5d:0b:04: d6:38:47:7b:27:ea:d2:69:46:49:2d:7f:56:30:71:a5:8d:52: 9e:5f:97:7e:5b:2b:15:b3:46:1b:84:f2:24:21:09:76:2a:37: 68:72:d7:3c:01:20:0a:f7:07:5e:9c:7b:06:61:fc:45:7a:d7: 2b:07:27:db:56:ba:49:bd:9f:56:04:0f:1e:e2:5e:47:6f:b5: 4f:06:f8:f0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEjo85WnvIUnJ4BotL8bsHF12l0wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxN1oX DTI3MDMwMzA2MjAxN1owMzExMC8GA1UEAxMoMDU5RjVCMTkwMjRBM0ZFODRBQzk1 ODMzOTNCNjZERUYwQTEyNEQyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOqgRlwXZdfTguYJ4Js0i8VYQ6THay7HYxzCnEvpT9Jaz3+oRUCgh8vwPrSV 4A0OhiTI2ty3jJoE9ICwJD0bEt96XwDCecfIWDZTWDPAJ6Bhtl7AKZdQ5KJ9FEnw PIaDlPnS3bDPcjCnFcK9W8eZr1izUkzr8Kfa201JPxDmTrFRjHtCL/L8EMgNoAXP uzt9r/StBQFXNaLv0DoK1ZluVpVyc/snDYiMYUSEiWpQYM0yYRqYXlDiOc10xqkj BYchF7mhOih7p5WLfDCEPjdT6F4PR/a11TZ1n0grrP7lCE92vnCmnagzfT8sO4LX xDgDspSQ8GYcO9bJwNat5N4UwZUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQFn1sZ Ako/6ErJWDOTtm3vChJNKDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qK4wDQYJKoZIhvcNAQELBQADggEBAMTENxpW/HD9g7bvc6QLr5kpHdqe4l/4x/w9 wq7w6kPZdq5lhzR6lAzupkYdiyAUxCOgiNXIi25GJLBwYKiqVvI0EMcnE+kSFnLH y44yUjB5KRijoSL3gMJg7Ej1D8UAH/mktv6UOddx3Ujo9TkF8blBYLn+K+GqZvSq UBZbd2+uKasfIqrR52d6T7zpZQAew1OTG84GMLCKZySAChtkqAVUrvfybO7HiZlH SASbvSWwBF0LBNY4R3sn6tJpRkktf1YwcaWNUp5fl35bKxWzRhuE8iQhCXYqN2hy 1zwBIAr3B16cewZh/EV61ysHJ9tWukm9n1YEDx7iXkdvtU8G+PA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:19 2026 by rpki-client