$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144888.roa File: AS144888.roa (raw, json) Hash identifier: R8iTGed4F8lA2yVfuNC+0BMbfTXkHCXigUGAqBgvVeI= Subject key identifier: 5A:26:F3:07:E3:5C:52:3D:14:23:39:84:D7:2E:A2:91:82:79:D1:6C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 541D22CE0AD2198D3494DF1402C85DA54DB69A0E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144888.roa Signing time: Wed 04 Mar 2026 06:21:11 +0000 ROA not before: Wed 04 Mar 2026 06:16:11 +0000 ROA not after: Wed 03 Mar 2027 06:21:11 +0000 asID: 144888 IP address blocks: 240a:a8be::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:1d:22:ce:0a:d2:19:8d:34:94:df:14:02:c8:5d:a5:4d:b6:9a:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:11 2026 GMT Not After : Mar 3 06:21:11 2027 GMT Subject: CN=5A26F307E35C523D14233984D72EA2918279D16C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:32:8d:7e:79:06:11:f0:4e:31:a2:15:f4:61: 99:14:76:c2:b9:92:9d:03:25:11:0a:5b:29:fc:c9: d5:bd:a3:cf:fc:52:0b:47:43:84:7a:6d:5d:83:cd: b8:92:81:a2:74:3f:07:16:ca:5e:1f:c2:21:ff:2f: a2:c3:4e:18:50:c9:b6:1d:f8:71:5a:4a:1f:29:b4: a3:88:0b:7c:9e:bb:84:a3:58:84:a5:18:3b:4b:28: 5a:30:20:b0:06:e1:42:42:c2:1a:af:ff:08:5b:8b: d9:1e:55:11:f9:9d:39:99:e9:9b:71:cf:c8:dd:9a: 06:4e:83:99:3d:1c:fb:37:a5:2a:1c:18:ec:35:ca: dc:b3:20:52:f3:b8:43:7a:76:fa:b0:5c:13:33:68: 84:38:06:2c:24:0b:4d:e9:85:35:37:10:b9:05:44: 78:54:ef:31:e8:6f:3a:ed:b0:76:f0:e3:e8:f4:fe: 77:f3:53:ca:8a:6b:b0:44:0e:43:25:3e:2a:39:c4: 9a:52:eb:15:cb:ca:34:c5:f9:e8:e7:52:14:dc:92: 5d:c5:c3:fe:2e:ee:45:79:c2:40:b3:78:e9:3e:41: 2b:aa:1e:9f:0e:d3:a1:6c:f0:48:09:4f:15:b0:c5: 1f:41:f7:b4:ee:f9:55:ce:ce:41:90:09:49:9d:16: 03:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:26:F3:07:E3:5C:52:3D:14:23:39:84:D7:2E:A2:91:82:79:D1:6C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144888.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8be::/32 Signature Algorithm: sha256WithRSAEncryption 78:d6:49:46:03:c2:19:cc:9d:c7:2d:70:f9:12:9e:9e:53:a1: 3f:fa:69:46:a1:09:b5:8a:9a:e7:ee:3d:42:e4:c9:de:2d:1b: 90:d3:77:52:80:c1:77:28:4d:dc:7f:e6:b7:38:f2:1e:83:13: 4a:13:7a:ed:a8:96:1d:0a:62:d2:d8:ca:6f:55:b4:9d:d7:1c: 35:ba:ed:79:97:73:6f:7c:37:b4:ef:48:e0:89:81:71:1e:36: b4:b4:71:68:e8:87:ac:af:ad:75:e6:a5:9d:25:39:27:c5:e7: ec:d5:9d:ce:10:69:ec:4f:79:28:91:23:d7:df:5a:be:05:c0: 98:03:76:75:c7:29:e8:29:b6:b2:6e:a6:f5:e3:d6:4a:18:fd: 8f:ec:93:14:59:d9:84:ca:9f:17:43:24:ed:48:2f:e9:24:ad: c2:5b:af:55:57:0f:d6:cf:87:47:a9:86:24:f9:36:c8:1b:dd: 09:fa:43:97:81:7b:f5:28:5f:80:29:61:9a:a8:6a:52:de:f4: fc:09:86:06:1a:75:f6:e0:e6:98:33:ae:b7:94:23:6c:58:a1: 08:c5:80:7b:57:3f:9f:d5:f5:6b:3d:dc:d5:6e:b6:8f:02:9c: f3:d2:b3:43:95:50:19:c6:b7:f4:e5:41:3f:9d:a7:69:23:16: 41:5c:d5:9f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVB0izgrSGY00lN8UAshdpU22mg4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxMVoX DTI3MDMwMzA2MjExMVowMzExMC8GA1UEAxMoNUEyNkYzMDdFMzVDNTIzRDE0MjMz OTg0RDcyRUEyOTE4Mjc5RDE2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI0yjX55BhHwTjGiFfRhmRR2wrmSnQMlEQpbKfzJ1b2jz/xSC0dDhHptXYPN uJKBonQ/BxbKXh/CIf8vosNOGFDJth34cVpKHym0o4gLfJ67hKNYhKUYO0soWjAg sAbhQkLCGq//CFuL2R5VEfmdOZnpm3HPyN2aBk6DmT0c+zelKhwY7DXK3LMgUvO4 Q3p2+rBcEzNohDgGLCQLTemFNTcQuQVEeFTvMehvOu2wdvDj6PT+d/NTyoprsEQO QyU+KjnEmlLrFcvKNMX56OdSFNySXcXD/i7uRXnCQLN46T5BK6oenw7ToWzwSAlP FbDFH0H3tO75Vc7OQZAJSZ0WA3sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRaJvMH 41xSPRQjOYTXLqKRgnnRbDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qL4wDQYJKoZIhvcNAQELBQADggEBAHjWSUYDwhnMncctcPkSnp5ToT/6aUahCbWK mufuPULkyd4tG5DTd1KAwXcoTdx/5rc48h6DE0oTeu2olh0KYtLYym9VtJ3XHDW6 7XmXc298N7TvSOCJgXEeNrS0cWjoh6yvrXXmpZ0lOSfF5+zVnc4QaexPeSiRI9ff Wr4FwJgDdnXHKegptrJupvXj1koY/Y/skxRZ2YTKnxdDJO1IL+kkrcJbr1VXD9bP h0ephiT5Nsgb3Qn6Q5eBe/UoX4ApYZqoalLe9PwJhgYadfbg5pgzrreUI2xYoQjF gHtXP5/V9Ws93NVuto8CnPPSs0OVUBnGt/TlQT+dp2kjFkFc1Z8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:45 2026 by rpki-client