$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144902.roa File: AS144902.roa (raw, json) Hash identifier: K4GzUK/OoNR4gbvmTEon7SltdbTiJBeBSmaJSBfvjdc= Subject key identifier: 9D:0B:7F:5A:34:69:42:47:01:C3:9C:6A:AD:E0:66:9A:64:D6:84:20 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 26857E8DF1C0CEBAE4355FD0F3508EFC1B88CD74 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144902.roa Signing time: Wed 04 Mar 2026 06:20:57 +0000 ROA not before: Wed 04 Mar 2026 06:15:57 +0000 ROA not after: Wed 03 Mar 2027 06:20:57 +0000 asID: 144902 IP address blocks: 240a:a8cc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:85:7e:8d:f1:c0:ce:ba:e4:35:5f:d0:f3:50:8e:fc:1b:88:cd:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:57 2026 GMT Not After : Mar 3 06:20:57 2027 GMT Subject: CN=9D0B7F5A3469424701C39C6AADE0669A64D68420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:16:cb:2c:7b:63:58:1e:91:71:7f:a8:97:39: 15:e6:d5:4b:e9:4b:b4:e2:be:b9:ae:f5:a1:e2:d2: 87:5e:37:92:c7:54:13:12:ba:bc:d5:38:ea:4a:0e: 22:ff:f5:c8:59:08:04:fa:55:08:5b:37:c1:81:41: 30:5e:08:7a:f8:f9:70:fc:24:a3:07:da:b6:e7:78: 92:3c:43:c0:43:04:48:00:9f:22:9d:e4:74:8b:8d: 37:50:c8:59:73:98:d6:e7:fa:59:31:fd:8c:0f:fc: 79:0b:8a:a6:09:1a:52:f9:ab:72:88:dc:b6:76:d1: 20:74:b7:ec:49:e6:bd:e9:bc:aa:09:75:fb:c9:8c: e0:20:b2:ca:0d:ab:c6:7e:6e:d2:72:c5:e0:28:27: 1d:a0:96:21:ea:0f:bd:4e:57:33:a8:62:b3:3f:0c: f9:82:20:6e:63:74:9b:06:3a:9e:3e:30:11:b9:9f: 1d:a3:3e:0d:85:bb:df:98:e8:40:01:2a:3e:ab:b0: 6e:2c:21:84:96:cd:73:c3:f2:24:d9:d6:4f:cb:fb: ff:d1:f9:bb:5a:89:5a:00:3c:e9:fe:d5:ef:54:d2: 1e:4e:e7:b6:6f:fd:e2:17:25:ca:29:78:65:4b:9d: ce:cf:ad:40:e8:c2:fc:ef:e4:a8:de:74:b6:35:56: 38:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:0B:7F:5A:34:69:42:47:01:C3:9C:6A:AD:E0:66:9A:64:D6:84:20 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144902.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8cc::/32 Signature Algorithm: sha256WithRSAEncryption d3:50:d7:6a:be:ed:93:83:d4:12:67:67:ea:9d:82:63:e7:3a: cd:58:b6:ee:2f:0d:82:1d:81:c3:c4:fb:b7:c3:fd:65:3f:b3: 89:e9:2f:c6:a4:ce:e9:07:2c:d3:d8:65:55:da:4b:1c:05:62: 8a:32:7a:1c:8e:b9:5c:b3:0d:90:8c:e3:49:a0:85:cc:fe:25: 1d:f4:bb:e9:8f:f7:bf:c0:17:78:d4:24:c0:8d:c1:7e:44:08: 77:95:a0:a1:d6:dc:e0:5a:13:f5:40:9e:ea:52:c3:f2:37:4b: a5:5e:74:38:1b:7d:94:cc:d9:8e:4a:e6:72:2c:81:16:84:d7: 96:b0:da:ca:40:75:f0:89:51:68:87:f1:c9:76:9d:63:88:74: ef:d5:1e:65:2f:3f:77:28:bb:e0:9a:ea:03:fe:f9:91:17:75: d3:a9:a0:b0:63:df:d5:88:8b:d2:8b:5c:57:fb:3d:70:d4:48: bd:12:00:2d:b4:ca:36:dc:4d:a9:f4:6a:8e:cc:03:c1:04:52: 68:14:0c:a6:38:15:1f:ee:88:4d:4a:53:6f:24:98:f1:0c:8c: e9:b1:10:8f:37:72:55:a8:88:cc:d9:57:78:3a:b0:4c:2c:e0: fe:74:ba:7f:17:76:53:5d:e5:d9:29:21:6f:d4:0d:60:9a:0b: 27:fc:66:e7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJoV+jfHAzrrkNV/Q81CO/BuIzXQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1N1oX DTI3MDMwMzA2MjA1N1owMzExMC8GA1UEAxMoOUQwQjdGNUEzNDY5NDI0NzAxQzM5 QzZBQURFMDY2OUE2NEQ2ODQyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4Wyyx7Y1gekXF/qJc5FebVS+lLtOK+ua71oeLSh143ksdUExK6vNU46koO Iv/1yFkIBPpVCFs3wYFBMF4Ievj5cPwkowfatud4kjxDwEMESACfIp3kdIuNN1DI WXOY1uf6WTH9jA/8eQuKpgkaUvmrcojctnbRIHS37Enmvem8qgl1+8mM4CCyyg2r xn5u0nLF4CgnHaCWIeoPvU5XM6hisz8M+YIgbmN0mwY6nj4wEbmfHaM+DYW735jo QAEqPquwbiwhhJbNc8PyJNnWT8v7/9H5u1qJWgA86f7V71TSHk7ntm/94hclyil4 ZUudzs+tQOjC/O/kqN50tjVWOE0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSdC39a NGlCRwHDnGqt4GaaZNaEIDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qMwwDQYJKoZIhvcNAQELBQADggEBANNQ12q+7ZOD1BJnZ+qdgmPnOs1Ytu4vDYId gcPE+7fD/WU/s4npL8akzukHLNPYZVXaSxwFYooyehyOuVyzDZCM40mghcz+JR30 u+mP97/AF3jUJMCNwX5ECHeVoKHW3OBaE/VAnupSw/I3S6VedDgbfZTM2Y5K5nIs gRaE15aw2spAdfCJUWiH8cl2nWOIdO/VHmUvP3cou+Ca6gP++ZEXddOpoLBj39WI i9KLXFf7PXDUSL0SAC20yjbcTan0ao7MA8EEUmgUDKY4FR/uiE1KU28kmPEMjOmx EI83clWoiMzZV3g6sEws4P50un8XdlNd5dkpIW/UDWCaCyf8Zuc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:22 2026 by rpki-client