$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144907.roa File: AS144907.roa (raw, json) Hash identifier: Xc0KyKZ5N+nn1HNrYjlQnsnwVqzEHEXDRLpaxRxbr70= Subject key identifier: 23:3A:38:8E:F9:07:E5:50:6C:8C:E4:0E:42:FF:F4:0C:4C:EC:76:08 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 39896C09AA73B8274B94C2A8AC6CF231022171B2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144907.roa Signing time: Wed 04 Mar 2026 06:20:18 +0000 ROA not before: Wed 04 Mar 2026 06:15:18 +0000 ROA not after: Wed 03 Mar 2027 06:20:18 +0000 asID: 144907 IP address blocks: 240a:a8d1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:89:6c:09:aa:73:b8:27:4b:94:c2:a8:ac:6c:f2:31:02:21:71:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:18 2026 GMT Not After : Mar 3 06:20:18 2027 GMT Subject: CN=233A388EF907E5506C8CE40E42FFF40C4CEC7608 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b1:f8:dd:31:0e:a5:93:99:43:b0:1e:5c:a0: 6e:2a:b7:67:cf:65:28:ac:92:c7:bd:8e:1b:04:f7: 1d:99:36:3a:9d:ad:31:5a:29:82:e2:58:34:5a:13: 8f:45:59:29:98:d0:f3:10:18:c4:85:a6:62:d4:92: 70:8c:c0:90:0e:43:c6:4d:4b:73:00:11:92:c1:a9: 38:b3:ff:da:56:07:63:bc:98:bc:95:52:8b:78:4b: 69:55:73:84:8b:10:24:30:7e:52:a0:b7:37:71:28: 1c:62:60:1f:42:fc:28:49:c5:9c:36:91:48:3c:fc: ef:38:87:f3:12:c3:fa:24:87:04:5d:02:39:b2:b7: 7d:3e:26:45:0f:8c:68:34:4e:93:16:3a:63:4d:9c: 32:78:c7:85:6d:3c:d8:88:90:4f:eb:4f:78:32:76: 34:69:80:52:d6:b9:3b:bd:fa:67:ea:70:2c:dd:3a: 1b:0f:74:2b:76:58:ec:b7:cf:d3:4d:7b:d6:53:ca: 69:ac:f9:9c:ba:65:6b:fa:2a:ae:49:90:ca:ab:71: ac:5e:5a:3c:5e:fa:6d:08:3f:02:a2:66:2e:d4:18: 48:cd:ea:25:7b:d5:94:f7:ea:c8:6a:32:c6:73:59: cb:17:c5:d2:f6:13:44:82:ae:c3:9f:62:41:42:b8: 96:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:3A:38:8E:F9:07:E5:50:6C:8C:E4:0E:42:FF:F4:0C:4C:EC:76:08 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144907.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8d1::/32 Signature Algorithm: sha256WithRSAEncryption 82:a6:88:8c:d1:48:35:d8:2f:06:c5:05:81:79:8f:de:12:57: 55:a9:40:79:2f:69:6b:a8:53:1a:1f:00:4b:05:72:f2:0b:92: fc:18:06:62:ab:95:b6:b5:46:4d:65:8a:bc:c1:d0:b0:c2:59: ac:09:c0:1d:85:dd:a6:1d:c9:35:7b:29:14:5f:da:28:e6:3f: 2f:de:af:f8:1e:c3:1e:94:76:10:b1:c6:0d:5a:72:62:86:6d: 35:7f:90:4e:c8:02:07:12:07:6d:5b:d5:12:0d:0b:c2:62:4a: 58:41:6a:ee:7f:76:d0:b0:1c:16:04:6a:27:96:68:23:ad:ad: 3d:b0:0c:0e:e4:c9:4b:cf:aa:3c:0c:34:9d:34:fb:6d:af:26: ff:96:c2:f8:e2:f8:0f:bb:a2:96:d3:25:fe:c7:8f:6d:40:31: 31:e7:87:26:f0:5c:e3:fe:71:36:ba:97:dc:3a:50:16:6a:d0: 7e:31:93:4f:31:fd:9e:31:ee:a1:ff:55:48:b1:82:f6:b1:fc: 15:a0:b5:35:f2:aa:87:9e:cb:5d:6e:30:76:81:f3:f5:c7:7a: 84:fb:5a:6e:94:e8:77:12:80:35:11:50:03:89:ac:22:1c:b2: c9:dd:5d:55:38:97:8e:c8:57:6d:f1:c8:fa:93:25:e9:2f:aa: 51:f3:27:d2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOYlsCapzuCdLlMKorGzyMQIhcbIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxOFoX DTI3MDMwMzA2MjAxOFowMzExMC8GA1UEAxMoMjMzQTM4OEVGOTA3RTU1MDZDOENF NDBFNDJGRkY0MEM0Q0VDNzYwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKqx+N0xDqWTmUOwHlygbiq3Z89lKKySx72OGwT3HZk2Op2tMVopguJYNFoT j0VZKZjQ8xAYxIWmYtSScIzAkA5Dxk1LcwARksGpOLP/2lYHY7yYvJVSi3hLaVVz hIsQJDB+UqC3N3EoHGJgH0L8KEnFnDaRSDz87ziH8xLD+iSHBF0CObK3fT4mRQ+M aDROkxY6Y02cMnjHhW082IiQT+tPeDJ2NGmAUta5O736Z+pwLN06Gw90K3ZY7LfP 00171lPKaaz5nLpla/oqrkmQyqtxrF5aPF76bQg/AqJmLtQYSM3qJXvVlPfqyGoy xnNZyxfF0vYTRIKuw59iQUK4llcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQjOjiO +QflUGyM5A5C//QMTOx2CDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkwNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qNEwDQYJKoZIhvcNAQELBQADggEBAIKmiIzRSDXYLwbFBYF5j94SV1WpQHkvaWuo UxofAEsFcvILkvwYBmKrlba1Rk1lirzB0LDCWawJwB2F3aYdyTV7KRRf2ijmPy/e r/gewx6UdhCxxg1acmKGbTV/kE7IAgcSB21b1RINC8JiSlhBau5/dtCwHBYEaieW aCOtrT2wDA7kyUvPqjwMNJ00+22vJv+Wwvji+A+7opbTJf7Hj21AMTHnhybwXOP+ cTa6l9w6UBZq0H4xk08x/Z4x7qH/VUixgvax/BWgtTXyqoeey11uMHaB8/XHeoT7 Wm6U6HcSgDURUAOJrCIcssndXVU4l47IV23xyPqTJekvqlHzJ9I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:50 2026 by rpki-client