$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144882.roa File: AS144882.roa (raw, json) Hash identifier: Jw7lcNpzj8d+wBgdRkeQnxbkZ1APnx8W3Ty8rCADPOY= Subject key identifier: 69:18:D2:E1:40:36:E3:72:57:09:AC:5C:E4:9A:01:02:A2:1A:39:EE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 31CD26151725F69CD7F37C35C63338CAD16C5A31 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144882.roa Signing time: Wed 04 Mar 2026 06:20:50 +0000 ROA not before: Wed 04 Mar 2026 06:15:50 +0000 ROA not after: Wed 03 Mar 2027 06:20:50 +0000 asID: 144882 IP address blocks: 240a:a8b8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:cd:26:15:17:25:f6:9c:d7:f3:7c:35:c6:33:38:ca:d1:6c:5a:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:50 2026 GMT Not After : Mar 3 06:20:50 2027 GMT Subject: CN=6918D2E14036E3725709AC5CE49A0102A21A39EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:8c:cd:8a:8d:cf:70:b0:9c:5a:57:30:e4:bd: 12:1f:26:b7:d7:ee:8f:f1:6c:fc:07:64:af:bd:3b: 8a:13:de:29:d3:8a:11:1e:a0:fe:c4:6d:c3:e9:52: 3a:8f:68:e6:11:6f:39:2c:a9:b3:f8:e2:cf:80:73: 01:5c:af:85:49:c4:64:3e:98:e9:94:d4:c4:0b:26: 8b:d2:88:6c:e5:41:9e:fa:5e:23:cb:d7:75:c8:04: 64:de:3d:f3:6c:c1:23:50:ed:fa:dd:2a:be:a5:91: b0:a5:39:09:78:e6:be:d1:54:52:76:2e:d2:ab:e3: 78:a9:74:0a:48:9b:fb:eb:c4:d8:91:6b:f4:69:1f: 93:3c:05:cd:76:3f:d6:69:ef:5e:9d:ec:e9:b5:df: c7:6a:a6:c7:44:6e:b4:e7:8b:ae:80:49:88:81:be: 39:db:60:a2:19:87:ef:05:6c:58:a1:9b:88:aa:96: df:e1:df:44:b5:6a:11:5a:31:38:86:42:9e:68:e3: cf:b4:70:96:dd:8d:e1:cf:21:7e:ca:3c:b8:ef:f2: 88:3a:17:60:5f:7e:48:1b:96:4d:62:b5:f9:eb:3c: d1:0e:e0:c4:2f:75:97:dd:fb:75:d3:39:14:8c:2b: 28:cd:2a:c7:e7:7b:0f:19:9a:4c:f5:f6:1d:c5:21: 8e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:18:D2:E1:40:36:E3:72:57:09:AC:5C:E4:9A:01:02:A2:1A:39:EE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144882.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8b8::/32 Signature Algorithm: sha256WithRSAEncryption 8c:56:31:5f:f7:04:ea:86:ca:0e:47:73:c2:d5:3e:7e:31:8d: 0c:af:13:bb:79:a3:a2:fd:59:14:ea:f6:e3:6e:9c:f2:f5:82: 39:2f:94:d6:9d:25:ea:87:d0:f9:8f:29:2f:84:45:97:9c:31: 9e:c1:75:3f:c5:2d:1d:07:e5:6d:a8:1a:a1:70:11:56:ac:76: 4b:9d:db:e5:5d:6e:6c:87:25:5f:e1:4f:7f:9a:78:0d:45:1e: 5b:db:b4:37:10:29:6e:b1:d5:3a:c6:66:03:f9:6f:9c:62:d8: 3f:b8:4e:84:5c:0c:22:5d:d0:fc:4d:7e:b2:6a:3f:e0:80:8a: 83:d2:a1:74:9d:49:47:0a:a1:6b:50:52:7b:c3:a8:eb:b9:ae: f0:18:a3:cc:b2:53:74:8a:e6:05:c0:6d:0f:41:6f:7b:4f:f2: e0:8b:e3:f1:39:56:75:50:db:03:f7:9c:0a:1b:c5:eb:25:22: 06:64:c7:cb:1c:4c:33:d5:11:ba:b3:21:16:60:d8:7b:dc:f6: 4d:b2:8d:c9:a7:25:b7:0f:51:9c:77:7f:bd:41:89:d1:a1:3d: 34:be:84:b0:d0:ca:3b:ee:33:11:31:9f:62:cb:dd:b2:f6:09: aa:07:42:23:2a:f3:36:0a:6c:ed:a3:73:9c:cc:5b:82:81:b0: d5:e6:e5:0f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMc0mFRcl9pzX83w1xjM4ytFsWjEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1MFoX DTI3MDMwMzA2MjA1MFowMzExMC8GA1UEAxMoNjkxOEQyRTE0MDM2RTM3MjU3MDlB QzVDRTQ5QTAxMDJBMjFBMzlFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKKMzYqNz3CwnFpXMOS9Eh8mt9fuj/Fs/Adkr707ihPeKdOKER6g/sRtw+lS Oo9o5hFvOSyps/jiz4BzAVyvhUnEZD6Y6ZTUxAsmi9KIbOVBnvpeI8vXdcgEZN49 82zBI1Dt+t0qvqWRsKU5CXjmvtFUUnYu0qvjeKl0Ckib++vE2JFr9GkfkzwFzXY/ 1mnvXp3s6bXfx2qmx0RutOeLroBJiIG+OdtgohmH7wVsWKGbiKqW3+HfRLVqEVox OIZCnmjjz7Rwlt2N4c8hfso8uO/yiDoXYF9+SBuWTWK1+es80Q7gxC91l937ddM5 FIwrKM0qx+d7DxmaTPX2HcUhjg8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRpGNLh QDbjclcJrFzkmgECoho57jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg4Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qLgwDQYJKoZIhvcNAQELBQADggEBAIxWMV/3BOqGyg5Hc8LVPn4xjQyvE7t5o6L9 WRTq9uNunPL1gjkvlNadJeqH0PmPKS+ERZecMZ7BdT/FLR0H5W2oGqFwEVasdkud 2+VdbmyHJV/hT3+aeA1FHlvbtDcQKW6x1TrGZgP5b5xi2D+4ToRcDCJd0PxNfrJq P+CAioPSoXSdSUcKoWtQUnvDqOu5rvAYo8yyU3SK5gXAbQ9Bb3tP8uCL4/E5VnVQ 2wP3nAobxeslIgZkx8scTDPVEbqzIRZg2Hvc9k2yjcmnJbcPUZx3f71BidGhPTS+ hLDQyjvuMxExn2LL3bL2CaoHQiMq8zYKbO2jc5zMW4KBsNXm5Q8= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:17 2026 by rpki-client