$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144876.roa File: AS144876.roa (raw, json) Hash identifier: +21r899NB9DpJp9TCWdbyXtwxN1jROso27429pEKhGs= Subject key identifier: 0C:3F:BF:22:3E:C5:A7:5A:86:22:50:10:01:85:41:3B:4B:B0:5D:39 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7EB8DA01D3A270EC16C2D07644E97E84F1259617 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144876.roa Signing time: Wed 04 Mar 2026 06:20:43 +0000 ROA not before: Wed 04 Mar 2026 06:15:43 +0000 ROA not after: Wed 03 Mar 2027 06:20:43 +0000 asID: 144876 IP address blocks: 240a:a8b2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:b8:da:01:d3:a2:70:ec:16:c2:d0:76:44:e9:7e:84:f1:25:96:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:43 2026 GMT Not After : Mar 3 06:20:43 2027 GMT Subject: CN=0C3FBF223EC5A75A862250100185413B4BB05D39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6f:69:63:bb:d7:5d:70:30:20:59:ac:24:be: 7d:df:67:02:e5:12:24:7e:59:96:81:a2:36:98:d2: 18:4d:93:ff:97:bb:a0:83:b1:bb:26:37:1f:ac:ab: f6:51:8c:48:31:c5:7d:2f:49:35:31:60:55:5c:78: d6:ce:a0:28:67:db:91:9d:39:fe:66:77:df:6d:37: 23:eb:19:f6:be:c1:7b:08:0d:eb:07:9d:65:71:d8: 17:d0:54:6b:7a:52:b5:82:2c:06:98:ec:31:c9:a0: c0:02:02:4b:a3:50:84:07:58:ba:42:c0:92:10:5e: be:ef:fd:e0:6c:ad:73:3a:27:e3:65:7a:45:49:ab: 13:de:6b:40:47:60:06:86:52:ec:fd:92:8d:31:65: cc:da:22:4b:f8:16:6f:bb:40:50:4c:ae:0c:20:0f: b9:a6:16:65:ef:7f:12:7d:1b:72:e0:41:86:66:60: ce:bd:0a:73:01:11:bc:74:19:fe:57:1b:76:0e:21: 61:97:2b:ee:c7:bb:31:5d:6d:40:53:c2:ea:83:e8: 0b:31:28:30:7e:ed:ed:d1:a6:a2:4f:53:ba:50:13: e5:16:2f:9a:90:89:0e:4f:4c:ef:c5:40:2e:cb:28: 72:d7:13:0a:fa:be:ac:a0:a2:dc:43:65:87:0d:e9: ab:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:3F:BF:22:3E:C5:A7:5A:86:22:50:10:01:85:41:3B:4B:B0:5D:39 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144876.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8b2::/32 Signature Algorithm: sha256WithRSAEncryption 02:5e:81:51:e3:45:66:8c:3c:58:3f:6e:4a:c7:71:76:6d:cc: 3e:32:63:ac:30:4e:00:cf:a1:5e:95:26:78:c5:f6:0c:e0:fc: a6:2d:14:f4:b4:08:b0:a8:1f:07:c9:ed:63:a5:b9:79:c1:c4: 6b:6a:10:66:ae:c6:02:54:bc:6f:01:8c:9d:d7:1f:f5:23:a2: 30:57:71:ec:f3:2a:bb:5e:2d:7c:eb:a2:de:2b:e8:9e:74:a6: c0:60:20:3b:be:b2:92:8f:80:ee:e6:3a:f4:0f:85:93:12:e5: 95:bc:9a:02:ce:df:a2:ce:b7:3f:0a:15:f9:51:a0:9b:de:57: bb:18:1c:60:d5:19:04:16:73:28:42:6d:e7:2e:aa:d9:07:97: 17:52:55:e3:3d:e9:18:4e:a0:7a:29:5c:35:ba:c1:4d:17:37: 58:f0:b7:77:1a:37:30:39:7c:08:b2:df:18:97:83:b8:5e:63: b1:13:84:ea:47:c8:11:a7:11:d9:36:8d:f5:50:e6:50:0e:35: 8f:1c:80:e0:26:05:6e:84:11:60:60:9d:f8:44:62:49:1d:f2: 9e:df:19:b2:a6:6b:4f:eb:79:7a:b5:e7:a0:7b:cd:bb:3e:e8: 83:b9:55:8e:ad:2a:c0:d8:36:f3:71:49:0f:d1:a8:cf:88:fe: 47:d5:0e:af -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfrjaAdOicOwWwtB2ROl+hPEllhcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0M1oX DTI3MDMwMzA2MjA0M1owMzExMC8GA1UEAxMoMEMzRkJGMjIzRUM1QTc1QTg2MjI1 MDEwMDE4NTQxM0I0QkIwNUQzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNvaWO7111wMCBZrCS+fd9nAuUSJH5ZloGiNpjSGE2T/5e7oIOxuyY3H6yr 9lGMSDHFfS9JNTFgVVx41s6gKGfbkZ05/mZ33203I+sZ9r7BewgN6wedZXHYF9BU a3pStYIsBpjsMcmgwAICS6NQhAdYukLAkhBevu/94Gytczon42V6RUmrE95rQEdg BoZS7P2SjTFlzNoiS/gWb7tAUEyuDCAPuaYWZe9/En0bcuBBhmZgzr0KcwERvHQZ /lcbdg4hYZcr7se7MV1tQFPC6oPoCzEoMH7t7dGmok9TulAT5RYvmpCJDk9M78VA LssoctcTCvq+rKCi3ENlhw3pq0cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQMP78i PsWnWoYiUBABhUE7S7BdOTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qLIwDQYJKoZIhvcNAQELBQADggEBAAJegVHjRWaMPFg/bkrHcXZtzD4yY6wwTgDP oV6VJnjF9gzg/KYtFPS0CLCoHwfJ7WOluXnBxGtqEGauxgJUvG8BjJ3XH/UjojBX cezzKrteLXzrot4r6J50psBgIDu+spKPgO7mOvQPhZMS5ZW8mgLO36LOtz8KFflR oJveV7sYHGDVGQQWcyhCbecuqtkHlxdSVeM96RhOoHopXDW6wU0XN1jwt3caNzA5 fAiy3xiXg7heY7EThOpHyBGnEdk2jfVQ5lAONY8cgOAmBW6EEWBgnfhEYkkd8p7f GbKma0/reXq156B7zbs+6IO5VY6tKsDYNvNxSQ/RqM+I/kfVDq8= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:36 2026 by rpki-client