$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144943.roa File: AS144943.roa (raw, json) Hash identifier: AKwdhAzPlLRLbSoMI/wPN1Sod2FzRr0o2tJ4vqRbb2c= Subject key identifier: 1A:83:57:6D:0E:28:14:9D:C6:81:19:D5:E5:96:6C:31:63:05:AB:26 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1B14174EA3B22679390ACDFD728BC75732EB844A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144943.roa Signing time: Wed 04 Mar 2026 06:20:51 +0000 ROA not before: Wed 04 Mar 2026 06:15:51 +0000 ROA not after: Wed 03 Mar 2027 06:20:51 +0000 asID: 144943 IP address blocks: 240a:a8f5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:14:17:4e:a3:b2:26:79:39:0a:cd:fd:72:8b:c7:57:32:eb:84:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:51 2026 GMT Not After : Mar 3 06:20:51 2027 GMT Subject: CN=1A83576D0E28149DC68119D5E5966C316305AB26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e5:c1:fc:86:9d:f3:39:52:75:5c:b0:eb:3f: 9d:41:c8:4c:1d:a9:0d:f3:c5:69:3e:72:93:2d:5a: 39:75:f0:d2:64:13:f8:84:b5:ad:31:b1:7d:eb:99: 64:cd:1b:73:e7:42:23:5d:a5:e9:de:95:f4:45:8a: af:44:f8:aa:c9:fe:d0:52:57:93:1b:10:28:7b:72: d4:76:c9:0b:74:1f:28:64:63:bf:a6:cb:b2:46:04: 81:23:63:de:b4:e9:36:5c:62:c7:ad:54:51:6b:3d: 37:ea:31:cc:b9:9a:21:44:ef:95:3c:6e:83:40:ca: 58:e3:03:bc:56:73:f6:db:26:61:35:03:36:74:1d: d2:97:35:f0:73:28:bb:ab:b4:a1:bd:b4:07:1f:16: 7b:35:3f:f0:68:a4:59:89:73:55:41:3c:b7:6c:27: ee:24:03:77:52:92:9d:0b:76:8d:e2:81:33:3e:d7: d3:f6:8e:62:d9:f7:59:1c:19:96:70:8b:dd:7e:14: 71:88:7e:13:4e:90:9e:73:6a:9f:24:a5:a5:1a:82: c9:d7:7b:eb:31:b2:24:13:a4:95:78:1f:b1:77:45: db:74:c9:a7:5c:66:1e:4b:90:c1:ee:a6:20:62:70: 4a:53:11:c2:3a:0a:2c:10:32:a2:42:66:d7:1e:bc: ef:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:83:57:6D:0E:28:14:9D:C6:81:19:D5:E5:96:6C:31:63:05:AB:26 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144943.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8f5::/32 Signature Algorithm: sha256WithRSAEncryption cd:e4:79:d9:33:c3:d1:3b:5d:20:ad:2e:e2:91:3c:3c:19:53: 62:49:01:cb:7c:1a:94:74:bc:cc:49:d3:ee:2c:4c:e4:e8:5d: af:0f:88:af:b9:14:85:43:d2:ac:0f:2b:72:07:74:bd:7e:57: 2c:96:a1:ea:89:31:43:b4:11:22:ff:e5:6c:3b:b4:f4:36:8c: e4:81:fd:84:ba:37:c2:f6:34:5b:fb:ff:b6:bc:3a:5b:a8:7a: d0:13:0a:1c:0b:83:3e:8e:92:f5:1d:2a:6c:00:e0:f8:9e:3a: c2:4e:85:bc:0f:0c:23:dd:52:04:2a:ce:9d:38:6a:d0:5e:43: d6:37:10:ca:d0:a7:4b:c6:84:7c:69:6d:46:53:4f:ac:d0:bb: fa:1a:5d:ed:d2:d7:06:84:7d:9d:d4:75:29:5a:8e:b3:54:75: 76:72:08:eb:ef:56:48:83:0a:eb:e1:79:92:f4:d7:61:2a:c0: 0e:69:c5:af:75:17:04:c9:34:22:70:59:77:fd:0d:e8:62:02: 69:d8:d5:16:b7:6b:24:99:63:57:fb:a3:63:ab:21:14:b4:73: 60:db:6e:dd:31:d7:18:ec:12:20:fe:64:89:ea:05:b8:7b:cd: 3e:a7:81:b2:08:fa:ed:7b:bb:e8:51:dd:53:83:d3:d0:cf:ac: f2:77:4a:52 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGxQXTqOyJnk5Cs39covHVzLrhEowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1MVoX DTI3MDMwMzA2MjA1MVowMzExMC8GA1UEAxMoMUE4MzU3NkQwRTI4MTQ5REM2ODEx OUQ1RTU5NjZDMzE2MzA1QUIyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALXlwfyGnfM5UnVcsOs/nUHITB2pDfPFaT5yky1aOXXw0mQT+IS1rTGxfeuZ ZM0bc+dCI12l6d6V9EWKr0T4qsn+0FJXkxsQKHty1HbJC3QfKGRjv6bLskYEgSNj 3rTpNlxix61UUWs9N+oxzLmaIUTvlTxug0DKWOMDvFZz9tsmYTUDNnQd0pc18HMo u6u0ob20Bx8WezU/8GikWYlzVUE8t2wn7iQDd1KSnQt2jeKBMz7X0/aOYtn3WRwZ lnCL3X4UcYh+E06QnnNqnySlpRqCydd76zGyJBOklXgfsXdF23TJp1xmHkuQwe6m IGJwSlMRwjoKLBAyokJm1x687/ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQag1dt DigUncaBGdXllmwxYwWrJjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qPUwDQYJKoZIhvcNAQELBQADggEBAM3kedkzw9E7XSCtLuKRPDwZU2JJAct8GpR0 vMxJ0+4sTOToXa8PiK+5FIVD0qwPK3IHdL1+VyyWoeqJMUO0ESL/5Ww7tPQ2jOSB /YS6N8L2NFv7/7a8OluoetATChwLgz6OkvUdKmwA4PieOsJOhbwPDCPdUgQqzp04 atBeQ9Y3EMrQp0vGhHxpbUZTT6zQu/oaXe3S1waEfZ3UdSlajrNUdXZyCOvvVkiD CuvheZL012EqwA5pxa91FwTJNCJwWXf9DehiAmnY1Ra3aySZY1f7o2OrIRS0c2Db bt0x1xjsEiD+ZInqBbh7zT6ngbII+u17u+hR3VOD09DPrPJ3SlI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:08 2026 by rpki-client