$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144950.roa File: AS144950.roa (raw, json) Hash identifier: bhfZdV6ISjxPt5QMPNEAyKvF1QUa8jNpc3RRJFw7hUc= Subject key identifier: 4B:31:FA:D6:63:10:10:3F:49:EA:A7:F2:52:8B:A7:90:AA:DB:ED:D4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 39CE7B168F8017AB6FC21A5B788490A433107687 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144950.roa Signing time: Wed 04 Mar 2026 06:20:14 +0000 ROA not before: Wed 04 Mar 2026 06:15:14 +0000 ROA not after: Wed 03 Mar 2027 06:20:14 +0000 asID: 144950 IP address blocks: 240a:a8fc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:ce:7b:16:8f:80:17:ab:6f:c2:1a:5b:78:84:90:a4:33:10:76:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:14 2026 GMT Not After : Mar 3 06:20:14 2027 GMT Subject: CN=4B31FAD66310103F49EAA7F2528BA790AADBEDD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:a7:09:7a:16:9d:7c:23:6d:71:ed:29:fc:ec: f2:a6:f7:d3:12:67:f8:6c:41:0e:21:3a:35:1f:e9: 55:88:79:ff:79:0e:56:21:fb:7d:f0:d6:31:9b:27: 6a:55:df:9d:9f:f7:9b:58:12:1a:b5:e8:b2:df:05: 37:a3:62:4c:84:bb:e6:ba:19:92:d6:f0:67:ad:d8: 06:06:5b:75:9b:44:d5:b8:35:a7:78:1b:a3:5b:4f: 17:f5:98:0f:ad:bf:29:9e:63:9d:a0:b9:37:9f:65: f3:bd:dd:8f:c2:4a:a3:e6:4a:39:7b:97:a3:b5:7a: 58:93:14:d7:d8:cd:ea:34:d5:0f:15:d7:74:06:43: 96:2b:ba:71:b3:2c:34:1c:25:f0:b2:80:72:97:74: 36:a8:e2:74:e3:35:e6:03:b0:73:e1:f0:e2:66:be: 02:de:52:48:32:cf:68:32:c4:f6:44:bc:31:51:16: 6a:70:16:44:f2:67:77:6f:46:d6:db:2c:69:77:cd: c6:33:83:89:81:87:ab:b3:2f:b6:bc:bd:09:c6:97: c6:bd:45:7f:74:e2:1a:51:3b:80:91:09:8e:35:01: 36:c2:d3:ed:c2:66:1c:1e:a1:4a:ad:7e:94:d2:b1: 75:07:6b:69:cf:6e:c1:09:e1:19:35:8f:fd:07:99: 18:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:31:FA:D6:63:10:10:3F:49:EA:A7:F2:52:8B:A7:90:AA:DB:ED:D4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144950.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8fc::/32 Signature Algorithm: sha256WithRSAEncryption 77:ec:0c:84:28:29:0b:05:3e:b7:e9:3b:36:27:08:4e:33:bb: fe:a1:a5:e9:7f:63:3c:35:7e:c2:e7:19:b8:2c:ac:1b:96:b9: 5d:1c:76:a7:b6:a9:4c:bb:28:1e:9d:b4:6e:50:95:91:e2:c0: af:75:86:fb:56:56:2a:94:3e:b6:83:6f:a2:4c:30:52:e4:f6: ba:26:b7:89:cb:d7:e7:31:77:94:6a:dc:d5:f0:f6:29:79:67: ac:9b:ae:b4:86:a2:98:9e:a1:2b:ac:7c:6f:26:c6:85:50:bc: d5:6f:8a:64:4b:ff:dd:b2:fb:4f:f1:14:c5:99:90:40:88:9c: e9:ee:ea:ce:f3:f5:ff:9d:ed:e5:b1:5e:a1:8c:bf:93:0c:cf: 43:9a:ae:95:89:34:0f:44:b4:51:e0:1e:c1:8e:63:4d:60:e3: f1:94:0d:05:b8:66:68:ab:bd:a6:47:67:9b:99:a6:0c:fd:72: 72:6f:6d:7e:6a:96:85:bf:e8:ff:7d:3b:35:90:3e:3c:e1:ca: 44:c1:26:54:d2:cf:5e:45:04:e3:91:34:d2:2c:71:77:c1:81: 7b:9a:76:9c:58:0c:cf:2e:16:eb:5d:c9:a3:ed:95:36:b7:5a: 7a:22:66:c5:70:bd:c3:6c:39:b8:47:1e:2a:73:c2:fd:ed:6d: 62:0b:11:c2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOc57Fo+AF6tvwhpbeISQpDMQdocwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxNFoX DTI3MDMwMzA2MjAxNFowMzExMC8GA1UEAxMoNEIzMUZBRDY2MzEwMTAzRjQ5RUFB N0YyNTI4QkE3OTBBQURCRURENDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOynCXoWnXwjbXHtKfzs8qb30xJn+GxBDiE6NR/pVYh5/3kOViH7ffDWMZsn alXfnZ/3m1gSGrXost8FN6NiTIS75roZktbwZ63YBgZbdZtE1bg1p3gbo1tPF/WY D62/KZ5jnaC5N59l873dj8JKo+ZKOXuXo7V6WJMU19jN6jTVDxXXdAZDliu6cbMs NBwl8LKAcpd0NqjidOM15gOwc+Hw4ma+At5SSDLPaDLE9kS8MVEWanAWRPJnd29G 1tssaXfNxjODiYGHq7Mvtry9CcaXxr1Ff3TiGlE7gJEJjjUBNsLT7cJmHB6hSq1+ lNKxdQdrac9uwQnhGTWP/QeZGNkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRLMfrW YxAQP0nqp/JSi6eQqtvt1DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qPwwDQYJKoZIhvcNAQELBQADggEBAHfsDIQoKQsFPrfpOzYnCE4zu/6hpel/Yzw1 fsLnGbgsrBuWuV0cdqe2qUy7KB6dtG5QlZHiwK91hvtWViqUPraDb6JMMFLk9rom t4nL1+cxd5Rq3NXw9il5Z6ybrrSGopieoSusfG8mxoVQvNVvimRL/92y+0/xFMWZ kECInOnu6s7z9f+d7eWxXqGMv5MMz0OarpWJNA9EtFHgHsGOY01g4/GUDQW4Zmir vaZHZ5uZpgz9cnJvbX5qloW/6P99OzWQPjzhykTBJlTSz15FBOORNNIscXfBgXua dpxYDM8uFutdyaPtlTa3WnoiZsVwvcNsObhHHipzwv3tbWILEcI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:54 2026 by rpki-client