$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144944.roa File: AS144944.roa (raw, json) Hash identifier: hWxgeTuMGm9ZgtCJ/qmLN2F9xLauN/7ghA6gOHRhL50= Subject key identifier: 8B:85:AB:8E:32:2F:1B:1E:6A:0D:B8:B1:83:17:76:40:29:B5:E9:3B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 19304C709B7445B5EF8FC62E948AA69526388647 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144944.roa Signing time: Wed 04 Mar 2026 06:20:23 +0000 ROA not before: Wed 04 Mar 2026 06:15:23 +0000 ROA not after: Wed 03 Mar 2027 06:20:23 +0000 asID: 144944 IP address blocks: 240a:a8f6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:30:4c:70:9b:74:45:b5:ef:8f:c6:2e:94:8a:a6:95:26:38:86:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:23 2026 GMT Not After : Mar 3 06:20:23 2027 GMT Subject: CN=8B85AB8E322F1B1E6A0DB8B18317764029B5E93B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7f:cf:36:fd:57:af:23:62:e9:51:41:e0:ad: 63:99:f2:47:be:5d:92:71:77:1c:d7:79:55:d3:a1: e5:35:a2:84:4c:2e:75:c2:6f:53:89:98:40:08:a8: 87:8d:d3:e0:f9:44:91:71:51:79:98:fa:78:bd:1e: 45:de:71:b5:81:63:e9:1d:d6:8d:08:c4:2b:d8:5e: 3b:04:82:75:22:05:b9:61:00:55:40:2e:90:a2:e2: 62:55:87:74:15:7d:b3:61:83:86:6e:26:99:43:22: 94:23:12:2c:fd:f9:c7:03:a5:8b:fd:93:18:ba:f6: 7e:9e:ee:90:c1:8b:10:34:92:bc:ab:33:82:ee:e9: 25:ce:f5:35:25:09:71:0d:e9:c3:bc:bc:81:33:ab: dc:37:7e:73:ed:a8:11:a3:67:a9:78:76:fc:31:97: 11:92:fc:5a:bf:bf:1b:7e:be:20:43:7d:07:46:11: 6c:c9:1f:03:d7:d1:d9:39:a4:f3:23:da:cb:cc:c1: ad:bb:12:30:49:40:fa:d1:86:53:5b:18:f7:fb:8a: dd:7e:5c:94:05:f2:97:2f:5d:ca:22:7f:09:81:77: 4d:e7:7e:c6:64:28:be:5a:9d:a7:e1:00:b7:df:b6: c9:3e:62:5e:9c:29:27:ae:ea:d1:4e:e9:be:c3:e1: 83:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:85:AB:8E:32:2F:1B:1E:6A:0D:B8:B1:83:17:76:40:29:B5:E9:3B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144944.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8f6::/32 Signature Algorithm: sha256WithRSAEncryption 2f:ba:b7:59:6b:b8:1a:1d:5b:4b:d5:06:01:36:9f:93:92:58: 91:9a:37:2e:b3:34:0f:c1:7a:d6:46:20:4c:94:70:ce:7e:79: 07:e8:ed:d9:c5:c6:51:4c:e8:da:0b:d9:f9:7b:be:43:17:0e: f0:f7:7a:47:c5:eb:13:44:be:b4:28:12:56:bc:0a:48:f6:ac: 19:a7:15:b4:a4:49:4c:45:26:c5:82:a2:a3:36:f5:57:b6:c7: 18:44:6b:e8:d3:01:13:07:69:c1:17:18:be:f7:9b:aa:e3:46: ef:7b:a6:83:a8:75:a2:f6:a9:c8:02:a3:ce:35:28:ca:43:9b: 54:2e:46:da:16:ae:d0:51:00:0d:6f:16:28:69:f2:81:72:14: cf:1d:aa:b3:cc:4c:37:ca:39:2d:3b:10:d7:5c:ed:9d:fa:cf: 82:02:60:3e:bc:c8:c6:b0:a6:ff:7d:eb:20:ec:23:a7:15:5c: 5f:82:06:42:38:cd:f8:1a:5e:2f:94:90:76:08:88:72:05:60: 87:46:0d:af:10:35:45:8f:5d:5e:57:50:ef:1e:05:53:b5:81: df:63:2b:c6:4c:43:06:41:69:9e:31:c8:b0:a3:eb:5b:29:6a: f1:3e:cf:a3:4e:2e:85:75:dc:ca:7b:99:aa:52:b9:a2:27:16: f1:c7:73:ca -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGTBMcJt0RbXvj8YulIqmlSY4hkcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyM1oX DTI3MDMwMzA2MjAyM1owMzExMC8GA1UEAxMoOEI4NUFCOEUzMjJGMUIxRTZBMERC OEIxODMxNzc2NDAyOUI1RTkzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANd/zzb9V68jYulRQeCtY5nyR75dknF3HNd5VdOh5TWihEwudcJvU4mYQAio h43T4PlEkXFReZj6eL0eRd5xtYFj6R3WjQjEK9heOwSCdSIFuWEAVUAukKLiYlWH dBV9s2GDhm4mmUMilCMSLP35xwOli/2TGLr2fp7ukMGLEDSSvKszgu7pJc71NSUJ cQ3pw7y8gTOr3Dd+c+2oEaNnqXh2/DGXEZL8Wr+/G36+IEN9B0YRbMkfA9fR2Tmk 8yPay8zBrbsSMElA+tGGU1sY9/uK3X5clAXyly9dyiJ/CYF3Ted+xmQovlqdp+EA t9+2yT5iXpwpJ67q0U7pvsPhg0UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSLhauO Mi8bHmoNuLGDF3ZAKbXpOzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qPYwDQYJKoZIhvcNAQELBQADggEBAC+6t1lruBodW0vVBgE2n5OSWJGaNy6zNA/B etZGIEyUcM5+eQfo7dnFxlFM6NoL2fl7vkMXDvD3ekfF6xNEvrQoEla8Ckj2rBmn FbSkSUxFJsWCoqM29Ve2xxhEa+jTARMHacEXGL73m6rjRu97poOodaL2qcgCo841 KMpDm1QuRtoWrtBRAA1vFihp8oFyFM8dqrPMTDfKOS07ENdc7Z36z4ICYD68yMaw pv996yDsI6cVXF+CBkI4zfgaXi+UkHYIiHIFYIdGDa8QNUWPXV5XUO8eBVO1gd9j K8ZMQwZBaZ4xyLCj61spavE+z6NOLoV13Mp7mapSuaInFvHHc8o= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:22 2026 by rpki-client