$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144889.roa File: AS144889.roa (raw, json) Hash identifier: mDp/X08bSmbQN/ml0aCsT+8wMbdgRF2cIQTMszQgIuI= Subject key identifier: 7A:87:6F:55:90:43:7B:8D:4D:5A:73:6E:3A:E8:02:5E:D7:7D:1D:F2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 57F5B189111C56FAD9DB3029C6C9E1264CE7047F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144889.roa Signing time: Wed 04 Mar 2026 06:20:38 +0000 ROA not before: Wed 04 Mar 2026 06:15:38 +0000 ROA not after: Wed 03 Mar 2027 06:20:38 +0000 asID: 144889 IP address blocks: 240a:a8bf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:f5:b1:89:11:1c:56:fa:d9:db:30:29:c6:c9:e1:26:4c:e7:04:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:38 2026 GMT Not After : Mar 3 06:20:38 2027 GMT Subject: CN=7A876F5590437B8D4D5A736E3AE8025ED77D1DF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:8d:bb:d3:26:06:33:79:bf:22:90:fd:82:c1: 0c:9e:7a:6d:11:e1:27:68:a1:73:0f:c6:d4:d7:30: 0e:ed:0f:5d:38:ca:59:98:60:3b:cf:8f:15:a7:76: 95:29:94:27:39:ae:a0:3d:2e:ee:e9:80:00:f8:6f: be:60:fe:19:0a:1a:9e:ed:47:ec:d4:50:f8:bc:40: d2:5d:7a:71:27:86:c9:a5:2b:06:f3:cc:84:4d:84: 91:76:49:d0:95:ed:be:01:41:4f:d9:c3:b6:93:5c: 42:34:e7:2d:3b:5f:6a:81:49:71:63:4e:46:8e:43: 11:8b:fb:f2:17:63:3f:25:8a:1f:03:14:32:fb:d4: 00:61:fd:62:0a:c6:3d:6f:43:b3:06:51:54:e4:7b: 4c:d0:85:2f:0a:93:38:02:83:01:d1:f3:5e:3d:2b: ad:99:35:0c:2c:10:d6:be:61:c3:e4:be:2d:f7:b8: ee:08:ea:4d:2f:2b:c1:78:12:b0:ad:33:9b:78:86: d6:4a:4c:f9:8b:bf:2d:db:85:e5:43:fb:e7:3a:91: bb:6b:0d:e9:13:ef:f2:f5:1a:6b:1b:48:8f:78:9d: 4e:ab:fa:82:4e:63:db:49:53:dc:51:b1:28:88:19: db:7d:74:90:cd:80:73:c7:ec:5c:3b:3f:51:24:46: 7f:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:87:6F:55:90:43:7B:8D:4D:5A:73:6E:3A:E8:02:5E:D7:7D:1D:F2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144889.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8bf::/32 Signature Algorithm: sha256WithRSAEncryption 95:8b:53:80:4d:5d:3c:d3:87:63:83:84:07:c1:2e:b4:93:52: a7:ff:49:3b:ab:bd:be:a2:e9:5d:f5:a8:39:11:ea:20:68:c8: 40:6b:c0:84:db:b5:ad:d2:20:82:76:b7:60:27:37:e2:84:62: ad:c3:1d:7c:2e:d2:1d:93:cf:ba:54:cc:1f:02:d2:1c:5e:e1: a6:c1:ae:70:93:c7:12:bf:b5:1a:23:3c:7c:61:82:ca:31:e9: 59:4a:d1:19:ba:80:d5:54:ed:7c:98:41:f2:cb:41:a5:62:5c: 0b:1e:51:e3:b6:df:95:84:cb:70:f3:47:75:5e:b6:92:37:6f: 52:28:53:30:1a:63:e5:52:15:ba:03:eb:d6:70:2e:c4:9c:b9: 84:0d:72:ee:ce:07:7c:a9:c4:b3:cf:ce:c6:91:a8:01:e3:57: 03:23:09:9a:2a:d8:ed:f5:93:2c:56:b8:aa:08:77:c1:98:7d: 19:55:6f:ea:ad:63:d5:65:43:4e:06:be:0e:fd:e9:da:bc:45: 7a:ac:6a:a4:ee:4b:5c:18:a3:dc:51:a9:67:8c:31:27:05:51: 91:07:43:2c:72:0d:e9:5d:e1:90:36:6f:67:2e:b9:cf:91:3d: ff:7b:55:52:3d:e1:e9:dc:b3:19:1c:c3:2b:83:96:6b:e0:e0: 90:ae:da:ad -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUV/WxiREcVvrZ2zApxsnhJkznBH8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzOFoX DTI3MDMwMzA2MjAzOFowMzExMC8GA1UEAxMoN0E4NzZGNTU5MDQzN0I4RDRENUE3 MzZFM0FFODAyNUVENzdEMURGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOWNu9MmBjN5vyKQ/YLBDJ56bRHhJ2ihcw/G1NcwDu0PXTjKWZhgO8+PFad2 lSmUJzmuoD0u7umAAPhvvmD+GQoanu1H7NRQ+LxA0l16cSeGyaUrBvPMhE2EkXZJ 0JXtvgFBT9nDtpNcQjTnLTtfaoFJcWNORo5DEYv78hdjPyWKHwMUMvvUAGH9YgrG PW9DswZRVOR7TNCFLwqTOAKDAdHzXj0rrZk1DCwQ1r5hw+S+Lfe47gjqTS8rwXgS sK0zm3iG1kpM+Yu/LduF5UP75zqRu2sN6RPv8vUaaxtIj3idTqv6gk5j20lT3FGx KIgZ2310kM2Ac8fsXDs/USRGfxsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR6h29V kEN7jU1ac2466AJe130d8jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qL8wDQYJKoZIhvcNAQELBQADggEBAJWLU4BNXTzTh2ODhAfBLrSTUqf/STurvb6i 6V31qDkR6iBoyEBrwITbta3SIIJ2t2AnN+KEYq3DHXwu0h2Tz7pUzB8C0hxe4abB rnCTxxK/tRojPHxhgsox6VlK0Rm6gNVU7XyYQfLLQaViXAseUeO235WEy3DzR3Ve tpI3b1IoUzAaY+VSFboD69ZwLsScuYQNcu7OB3ypxLPPzsaRqAHjVwMjCZoq2O31 kyxWuKoId8GYfRlVb+qtY9VlQ04Gvg796dq8RXqsaqTuS1wYo9xRqWeMMScFUZEH QyxyDeld4ZA2b2cuuc+RPf97VVI94encsxkcwyuDlmvg4JCu2q0= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:31 2026 by rpki-client