$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144929.roa File: AS144929.roa (raw, json) Hash identifier: oy61tIklmSLt7Pv+mcv/TJ5lMKpT+ygyJj9FFRRuYeg= Subject key identifier: 4F:F5:E0:1B:84:85:A1:B5:A9:3B:A0:E3:3D:6B:4A:1A:72:CC:56:BD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3986573CADBAB1BB7809C2FE17D257236C89C8B1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144929.roa Signing time: Wed 04 Mar 2026 06:22:32 +0000 ROA not before: Wed 04 Mar 2026 06:17:32 +0000 ROA not after: Wed 03 Mar 2027 06:22:32 +0000 asID: 144929 IP address blocks: 240a:a8e7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:86:57:3c:ad:ba:b1:bb:78:09:c2:fe:17:d2:57:23:6c:89:c8:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:32 2026 GMT Not After : Mar 3 06:22:32 2027 GMT Subject: CN=4FF5E01B8485A1B5A93BA0E33D6B4A1A72CC56BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:86:07:87:a1:dc:f5:84:d6:71:70:27:12:0b: ab:c9:6e:32:ee:43:9c:6f:c4:db:1b:4d:f5:56:eb: 21:f5:58:c5:aa:3a:3e:98:f2:01:94:32:b2:15:f4: 27:40:4f:1f:dd:e5:b1:66:32:03:08:ea:af:1e:12: 3a:0e:37:3f:b0:23:7d:e0:44:74:8e:b3:4f:3f:8e: cc:88:7c:2b:0e:62:30:69:e3:29:c0:0b:e2:be:b4: 44:91:97:1e:58:8f:69:97:88:d7:6d:e5:7d:0b:cf: 9c:29:32:0e:bb:ef:af:40:63:84:6a:fa:a9:c7:ab: 7a:5e:1f:92:df:99:e0:f0:a2:5c:86:23:ec:d0:27: 80:b3:cf:93:9c:fe:f9:b2:35:ff:42:09:07:80:68: 6a:7f:9b:d7:12:40:b1:67:31:c9:9d:0c:0a:c3:49: 02:d4:df:a1:bb:c9:a6:04:d8:56:8e:1f:07:54:da: 6b:1c:f2:b8:aa:b9:72:ae:be:5e:43:28:09:47:71: e2:f9:51:09:8f:88:e0:eb:3e:e0:3b:e7:9f:7c:6a: 99:e7:48:af:8a:84:04:5b:1d:1e:f2:d4:e0:db:5d: c0:cb:bb:33:71:6e:57:90:1f:e6:5c:ff:24:53:1c: d4:ff:30:48:b4:06:63:3d:9e:0f:02:3b:e4:8b:88: 42:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:F5:E0:1B:84:85:A1:B5:A9:3B:A0:E3:3D:6B:4A:1A:72:CC:56:BD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144929.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8e7::/32 Signature Algorithm: sha256WithRSAEncryption 23:d1:9d:54:b6:74:3a:a4:a9:ca:54:3c:d8:d9:07:29:bb:65: aa:48:4d:0d:34:e1:3c:e9:4a:50:7a:6b:ae:a5:4c:5b:c3:9c: 18:61:41:7c:62:b0:75:42:5e:70:a0:d7:b7:54:64:b6:58:a0: 1e:89:87:eb:1b:ae:cc:88:62:6d:ed:c3:71:73:3c:92:dc:85: c9:78:9d:17:5e:24:5c:93:49:a1:64:0e:1e:a9:3b:13:c2:68: 9e:ec:e6:db:e6:e7:90:99:37:b6:87:60:70:a2:64:88:7a:36: 1c:c6:58:68:0d:60:30:9c:a3:29:92:03:4f:04:a9:64:2b:68: 3f:2e:c6:b3:05:99:8e:66:55:70:74:54:c5:14:0d:d1:e6:c9: 08:48:aa:0b:50:fe:d0:f1:57:fd:0e:a2:ea:0f:67:a7:a1:94: c0:a4:0f:37:33:b4:ac:8f:0d:e9:7a:c8:29:77:b5:51:36:d8: 02:04:47:36:85:35:ea:96:0a:70:85:ca:ba:c1:a8:1d:94:85: 15:b9:fc:9f:db:c9:a5:18:e4:ac:87:44:30:82:3b:7e:76:70: 01:ca:fa:7f:4b:84:28:b5:37:54:98:e0:3b:38:b2:d4:be:e1: 50:45:0c:0d:6e:06:18:32:9c:95:b0:e7:71:9b:42:3b:38:43: ca:f2:01:42 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOYZXPK26sbt4CcL+F9JXI2yJyLEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczMloX DTI3MDMwMzA2MjIzMlowMzExMC8GA1UEAxMoNEZGNUUwMUI4NDg1QTFCNUE5M0JB MEUzM0Q2QjRBMUE3MkNDNTZCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWGB4eh3PWE1nFwJxILq8luMu5DnG/E2xtN9VbrIfVYxao6PpjyAZQyshX0 J0BPH93lsWYyAwjqrx4SOg43P7AjfeBEdI6zTz+OzIh8Kw5iMGnjKcAL4r60RJGX HliPaZeI123lfQvPnCkyDrvvr0BjhGr6qcerel4fkt+Z4PCiXIYj7NAngLPPk5z+ +bI1/0IJB4Boan+b1xJAsWcxyZ0MCsNJAtTfobvJpgTYVo4fB1TaaxzyuKq5cq6+ XkMoCUdx4vlRCY+I4Os+4Dvnn3xqmedIr4qEBFsdHvLU4NtdwMu7M3FuV5Af5lz/ JFMc1P8wSLQGYz2eDwI75IuIQpECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRP9eAb hIWhtak7oOM9a0oacsxWvTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qOcwDQYJKoZIhvcNAQELBQADggEBACPRnVS2dDqkqcpUPNjZBym7ZapITQ004Tzp SlB6a66lTFvDnBhhQXxisHVCXnCg17dUZLZYoB6Jh+sbrsyIYm3tw3FzPJLchcl4 nRdeJFyTSaFkDh6pOxPCaJ7s5tvm55CZN7aHYHCiZIh6NhzGWGgNYDCcoymSA08E qWQraD8uxrMFmY5mVXB0VMUUDdHmyQhIqgtQ/tDxV/0OouoPZ6ehlMCkDzcztKyP Del6yCl3tVE22AIERzaFNeqWCnCFyrrBqB2UhRW5/J/byaUY5KyHRDCCO352cAHK +n9LhCi1N1SY4Ds4stS+4VBFDA1uBhgynJWw53GbQjs4Q8ryAUI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:38 2026 by rpki-client