$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144930.roa File: AS144930.roa (raw, json) Hash identifier: WlRfC9CUaKFeD9QN3OIpPuSEESuMKofAh0kFSpQW0HA= Subject key identifier: DE:33:1D:F8:4A:67:B2:42:AE:8A:12:16:8B:AD:95:6B:2F:42:80:66 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 035816F8C40860CD49F9874468B7F71C20FD5246 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144930.roa Signing time: Wed 04 Mar 2026 06:21:19 +0000 ROA not before: Wed 04 Mar 2026 06:16:19 +0000 ROA not after: Wed 03 Mar 2027 06:21:19 +0000 asID: 144930 IP address blocks: 240a:a8e8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:58:16:f8:c4:08:60:cd:49:f9:87:44:68:b7:f7:1c:20:fd:52:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:19 2026 GMT Not After : Mar 3 06:21:19 2027 GMT Subject: CN=DE331DF84A67B242AE8A12168BAD956B2F428066 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:32:3b:6e:43:15:a6:1a:96:e1:d7:97:30:0d: be:ec:84:29:8f:1a:3f:eb:5d:f7:d9:ed:d8:aa:11: 3c:de:16:7e:53:31:9e:81:a7:87:9d:2d:ac:97:2d: 43:10:36:e7:60:40:85:a9:35:9e:26:a3:c3:02:2d: 17:12:ec:68:66:61:52:63:95:24:2b:0e:4e:55:96: 8c:ed:5d:f4:db:bb:8d:2b:fa:54:51:2b:69:45:14: ce:a9:a2:d9:3f:08:c3:41:1f:3e:c8:0b:39:82:27: 58:5b:11:4f:de:0b:1f:29:65:23:a5:0d:3f:2b:4b: 03:a4:e9:62:0f:72:f7:44:1a:fe:e1:20:5f:1a:4c: 24:c7:09:8b:b8:9d:39:9c:68:15:8e:f5:ef:9c:12: f6:a7:2a:4c:28:4c:e0:d1:d1:12:d6:83:ce:a6:be: 4e:1e:f2:34:4f:66:84:00:5f:65:44:11:d1:a3:1a: 37:57:37:a6:01:52:58:83:6c:c4:2a:1e:f5:7f:74: 17:9e:ae:13:73:b6:32:af:a1:1d:2d:ba:3b:ef:5b: 91:99:eb:05:81:64:76:81:6d:d0:bc:60:b3:50:6c: 00:8c:48:75:71:f3:ab:c0:76:e4:ed:bf:75:cd:13: 01:c8:c2:fa:46:81:60:ab:50:a1:19:e8:bc:64:d2: f5:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:33:1D:F8:4A:67:B2:42:AE:8A:12:16:8B:AD:95:6B:2F:42:80:66 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144930.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8e8::/32 Signature Algorithm: sha256WithRSAEncryption c6:4f:2a:05:da:fe:2b:86:f6:36:39:2d:43:6f:6c:04:b3:8e: a6:0f:b8:50:f2:23:0b:72:07:b3:51:26:44:e8:05:0c:0b:3d: 6b:3a:ab:8b:bd:0e:e6:be:a8:63:dc:da:95:49:5f:fb:45:bf: 02:03:78:4f:e1:91:89:f7:95:f6:7a:48:ac:37:61:63:44:30: 5d:d8:ae:aa:f9:ef:a8:45:10:ac:3d:bf:f6:4b:29:f2:8b:e7: f4:13:e8:fb:13:34:a3:51:d3:6f:9f:85:25:29:07:17:06:e2: 9c:ea:1d:46:bb:45:05:cb:fb:ac:ee:37:0b:95:5e:6c:70:e9: dd:07:e5:85:40:b9:d1:86:b9:55:0c:ae:64:32:d4:20:0f:fe: df:49:18:ee:26:60:dc:c5:56:14:51:c4:31:ac:ef:92:06:90: 38:96:92:df:66:c4:31:de:7b:53:37:2c:f8:55:d0:4b:42:c9: 11:74:64:d2:e4:ee:8c:35:43:06:50:3b:9d:75:77:7e:ca:02: c3:65:ae:02:97:1c:56:30:52:23:e4:d3:c6:ea:96:52:d1:53: 4d:f9:06:76:98:ce:9a:7b:b8:4c:88:6a:57:3b:1e:ff:10:09: 1e:c6:28:95:2e:bd:4a:7f:7e:92:55:58:20:7e:b2:f0:07:25: 87:eb:b5:af -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA1gW+MQIYM1J+YdEaLf3HCD9UkYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxOVoX DTI3MDMwMzA2MjExOVowMzExMC8GA1UEAxMoREUzMzFERjg0QTY3QjI0MkFFOEEx MjE2OEJBRDk1NkIyRjQyODA2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcyO25DFaYaluHXlzANvuyEKY8aP+td99nt2KoRPN4WflMxnoGnh50trJct QxA252BAhak1niajwwItFxLsaGZhUmOVJCsOTlWWjO1d9Nu7jSv6VFEraUUUzqmi 2T8Iw0EfPsgLOYInWFsRT94LHyllI6UNPytLA6TpYg9y90Qa/uEgXxpMJMcJi7id OZxoFY7175wS9qcqTChM4NHREtaDzqa+Th7yNE9mhABfZUQR0aMaN1c3pgFSWINs xCoe9X90F56uE3O2Mq+hHS26O+9bkZnrBYFkdoFt0Lxgs1BsAIxIdXHzq8B25O2/ dc0TAcjC+kaBYKtQoRnovGTS9d8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTeMx34 SmeyQq6KEhaLrZVrL0KAZjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDkzMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qOgwDQYJKoZIhvcNAQELBQADggEBAMZPKgXa/iuG9jY5LUNvbASzjqYPuFDyIwty B7NRJkToBQwLPWs6q4u9Dua+qGPc2pVJX/tFvwIDeE/hkYn3lfZ6SKw3YWNEMF3Y rqr576hFEKw9v/ZLKfKL5/QT6PsTNKNR02+fhSUpBxcG4pzqHUa7RQXL+6zuNwuV Xmxw6d0H5YVAudGGuVUMrmQy1CAP/t9JGO4mYNzFVhRRxDGs75IGkDiWkt9mxDHe e1M3LPhV0EtCyRF0ZNLk7ow1QwZQO511d37KAsNlrgKXHFYwUiPk08bqllLRU035 BnaYzpp7uEyIalc7Hv8QCR7GKJUuvUp/fpJVWCB+svAHJYfrta8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:58 2026 by rpki-client