$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144927.roa File: AS144927.roa (raw, json) Hash identifier: s1tfu8VsauHH0sEQISoQqSc4SnKxK3v5CPfXnTftbLM= Subject key identifier: 8A:3A:83:04:89:04:B2:DA:48:2A:8C:94:A0:4F:1B:E4:40:3F:A4:DC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 791399467F2B7454C2BDC559F39F3EC4B85DE251 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144927.roa Signing time: Wed 04 Mar 2026 06:20:49 +0000 ROA not before: Wed 04 Mar 2026 06:15:49 +0000 ROA not after: Wed 03 Mar 2027 06:20:49 +0000 asID: 144927 IP address blocks: 240a:a8e5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:13:99:46:7f:2b:74:54:c2:bd:c5:59:f3:9f:3e:c4:b8:5d:e2:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:49 2026 GMT Not After : Mar 3 06:20:49 2027 GMT Subject: CN=8A3A83048904B2DA482A8C94A04F1BE4403FA4DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:31:6e:bb:03:61:92:61:51:78:fe:34:ba:c0: 1f:a3:1d:47:9a:65:55:7d:fa:89:59:dc:82:23:e6: 07:3d:67:d6:17:78:27:b6:cc:34:ed:d8:6b:26:cb: 28:45:0e:c8:12:83:f9:02:e6:53:08:18:16:94:44: 5f:27:ef:dd:dc:21:48:3f:45:10:69:ce:97:cb:2a: 6a:93:67:bf:e0:b4:2b:e3:d1:11:f6:6b:06:98:62: a0:00:2d:31:08:11:1c:7f:7a:bd:4f:4c:a3:15:53: d1:c4:7a:b1:96:b2:91:85:fe:7c:9a:8b:64:61:b5: bf:af:db:cb:b8:bb:7e:85:6c:7b:af:52:88:c8:90: cf:e2:d7:96:48:a4:4a:1a:ff:68:84:20:79:51:de: a3:3e:5a:d0:2c:c1:82:5f:86:a7:eb:9c:eb:4e:b6: 2d:94:ac:33:01:e1:cf:d4:ff:90:9f:32:2b:77:d8: bb:8a:eb:34:34:54:7e:86:83:09:f3:d8:3d:d2:75: 55:82:a4:83:77:2f:23:b5:55:22:4e:21:8a:3c:7b: 79:6f:1c:b1:d3:0f:10:89:62:d4:36:de:47:d5:0e: e3:3b:c4:ae:55:0a:a6:ab:92:3a:4b:a6:6e:92:1e: 0d:04:a6:55:fe:de:a0:4f:01:ee:a6:b3:8e:0d:61: c6:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:3A:83:04:89:04:B2:DA:48:2A:8C:94:A0:4F:1B:E4:40:3F:A4:DC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144927.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8e5::/32 Signature Algorithm: sha256WithRSAEncryption 96:29:4d:98:58:fe:cd:7d:58:24:8f:58:62:30:a9:ba:57:66: be:d1:f6:18:89:27:51:30:86:f1:4d:09:73:d8:59:e7:8c:f5: 3a:ae:42:c3:4f:99:07:87:c2:0d:84:f6:93:e8:65:f1:51:3e: 07:1a:53:bc:d5:1a:a8:31:19:6a:8e:13:02:dd:20:d8:d0:96: 8a:be:89:a7:ce:7b:79:56:81:ca:1f:d2:a7:42:d8:cc:f6:1b: de:b8:e1:6e:f6:62:d8:0c:7e:c9:7e:28:65:1b:71:10:41:f2: 00:fe:ad:aa:bd:5f:31:82:aa:a6:a3:05:26:1b:54:5c:33:a2: bf:a5:73:14:1d:60:db:e1:b1:56:9d:1d:a4:5b:74:9f:b7:18: 45:a7:94:64:30:58:b2:77:6f:95:e6:a1:6f:21:29:fd:09:66: 31:78:46:a7:c6:79:3f:c1:f5:b8:91:65:5b:0f:af:c2:77:90: aa:98:b4:fe:00:12:51:d2:ec:b3:52:ff:42:49:59:c6:31:dd: 3f:dd:71:a4:22:94:eb:6e:c2:ae:0b:f5:4d:fe:f3:f2:dc:15: 0d:4b:97:ec:80:12:1a:40:e2:20:a5:0d:25:0f:70:1b:52:d6: e9:d0:d0:3e:15:fc:7b:73:19:5b:d7:cf:9b:67:63:a1:a1:de: ce:c4:ed:99 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeROZRn8rdFTCvcVZ858+xLhd4lEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0OVoX DTI3MDMwMzA2MjA0OVowMzExMC8GA1UEAxMoOEEzQTgzMDQ4OTA0QjJEQTQ4MkE4 Qzk0QTA0RjFCRTQ0MDNGQTREQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgxbrsDYZJhUXj+NLrAH6MdR5plVX36iVncgiPmBz1n1hd4J7bMNO3YaybL KEUOyBKD+QLmUwgYFpREXyfv3dwhSD9FEGnOl8sqapNnv+C0K+PREfZrBphioAAt MQgRHH96vU9MoxVT0cR6sZaykYX+fJqLZGG1v6/by7i7foVse69SiMiQz+LXlkik Shr/aIQgeVHeoz5a0CzBgl+Gp+uc6062LZSsMwHhz9T/kJ8yK3fYu4rrNDRUfoaD CfPYPdJ1VYKkg3cvI7VVIk4hijx7eW8csdMPEIli1DbeR9UO4zvErlUKpquSOkum bpIeDQSmVf7eoE8B7qazjg1hxoECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSKOoME iQSy2kgqjJSgTxvkQD+k3DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qOUwDQYJKoZIhvcNAQELBQADggEBAJYpTZhY/s19WCSPWGIwqbpXZr7R9hiJJ1Ew hvFNCXPYWeeM9TquQsNPmQeHwg2E9pPoZfFRPgcaU7zVGqgxGWqOEwLdINjQloq+ iafOe3lWgcof0qdC2Mz2G9644W72YtgMfsl+KGUbcRBB8gD+raq9XzGCqqajBSYb VFwzor+lcxQdYNvhsVadHaRbdJ+3GEWnlGQwWLJ3b5XmoW8hKf0JZjF4RqfGeT/B 9biRZVsPr8J3kKqYtP4AElHS7LNS/0JJWcYx3T/dcaQilOtuwq4L9U3+8/LcFQ1L l+yAEhpA4iClDSUPcBtS1unQ0D4V/HtzGVvXz5tnY6Gh3s7E7Zk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:00 2026 by rpki-client