$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144953.roa File: AS144953.roa (raw, json) Hash identifier: KtD80buNWwyIBzBhLq3tEITlaZ4g/OHmPDp4dSUujPw= Subject key identifier: 98:4B:53:CB:85:1E:DB:76:21:FC:7E:8F:19:76:E3:B8:F5:79:9E:50 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 411824B93278890163EAA73F356957E1DA631720 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144953.roa Signing time: Wed 04 Mar 2026 06:19:48 +0000 ROA not before: Wed 04 Mar 2026 06:14:48 +0000 ROA not after: Wed 03 Mar 2027 06:19:48 +0000 asID: 144953 IP address blocks: 240a:a8ff::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:18:24:b9:32:78:89:01:63:ea:a7:3f:35:69:57:e1:da:63:17:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:48 2026 GMT Not After : Mar 3 06:19:48 2027 GMT Subject: CN=984B53CB851EDB7621FC7E8F1976E3B8F5799E50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e5:2f:d1:7b:dd:9b:f1:19:73:8e:c9:97:9c: 0d:b5:90:8f:d0:bc:8a:40:42:bd:f5:cc:d2:b8:e5: 71:f9:e6:19:07:47:8a:85:19:74:51:49:ea:13:0d: 69:a1:46:fc:40:f8:2a:24:46:dc:8f:70:ea:cd:26: 62:ef:ed:8c:97:9d:82:3e:2c:77:be:20:b6:2c:f4: a3:e7:28:af:aa:2a:b6:6a:20:43:a9:23:59:30:f9: dc:a2:58:bb:04:87:c8:ad:f5:bd:cd:44:5b:f5:20: d1:57:6d:23:ca:1d:01:3b:66:b9:1b:fd:c6:ac:45: eb:62:28:79:11:ff:8b:7c:d5:c4:17:65:64:d0:5c: 23:32:72:fa:09:f4:8c:8f:fb:ee:24:6d:c0:18:79: 8a:4b:2d:8e:67:be:ee:0f:2e:82:ff:08:88:61:f5: 2b:b1:af:2f:ff:b4:90:92:e8:da:be:a8:ae:4a:d6: 7c:3f:25:ac:22:8b:84:e8:7c:f8:91:92:2c:58:ef: d7:99:3d:39:e9:51:15:74:bc:ea:84:cf:a5:b1:c3: ac:e2:1e:9b:1c:1a:06:62:77:d2:84:b7:3f:59:7f: 14:ce:78:c7:b8:9c:d7:43:8f:0a:4d:57:28:ac:c3: 7e:60:5a:49:c0:42:8b:4e:5d:6d:66:33:2f:4a:8d: f4:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:4B:53:CB:85:1E:DB:76:21:FC:7E:8F:19:76:E3:B8:F5:79:9E:50 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144953.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a8ff::/32 Signature Algorithm: sha256WithRSAEncryption 43:e9:f8:58:65:ca:07:6b:1d:69:b0:46:5a:ce:40:48:e4:03: a0:02:5a:68:cd:e9:49:b0:ef:b8:73:44:9f:da:6e:b1:42:6d: ff:db:a5:4a:58:47:6e:7f:4c:65:e7:8b:ec:4a:d7:3a:86:e4: 72:40:e2:b7:7c:f6:2f:27:ca:58:0f:ff:83:69:52:05:c1:ed: a7:96:33:94:5b:13:29:f7:6f:0e:3c:a7:50:38:65:c0:46:0d: d9:e5:3c:79:35:13:a6:e8:13:be:0c:b7:1a:b4:54:0b:45:ee: 30:bd:9f:8c:e2:ea:83:a5:59:3d:ae:a4:d9:85:4b:97:fa:c1: 55:91:c9:f6:e3:c4:eb:18:b7:64:93:f6:7d:c2:08:58:80:63: af:ce:d5:75:3f:cc:82:e6:8c:a0:58:2a:4f:f7:a9:69:9e:65: c8:3f:8c:54:19:d4:1d:e3:d8:51:d7:b7:dc:1f:53:5c:01:a4: f8:c6:a5:0b:6b:ec:79:64:de:bb:91:29:ed:f7:d8:03:31:2b: ec:42:49:4c:74:66:52:28:77:87:00:ae:44:cc:e5:c2:f4:db: db:a3:0b:75:bf:af:5b:6b:b0:a3:4b:f9:be:f0:98:a9:30:18: 6b:42:7e:9b:78:16:e0:f1:e9:eb:7f:c2:0f:bc:31:e7:bf:8b: 07:3a:66:c7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQRgkuTJ4iQFj6qc/NWlX4dpjFyAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0OFoX DTI3MDMwMzA2MTk0OFowMzExMC8GA1UEAxMoOTg0QjUzQ0I4NTFFREI3NjIxRkM3 RThGMTk3NkUzQjhGNTc5OUU1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHlL9F73ZvxGXOOyZecDbWQj9C8ikBCvfXM0rjlcfnmGQdHioUZdFFJ6hMN aaFG/ED4KiRG3I9w6s0mYu/tjJedgj4sd74gtiz0o+cor6oqtmogQ6kjWTD53KJY uwSHyK31vc1EW/Ug0VdtI8odATtmuRv9xqxF62IoeRH/i3zVxBdlZNBcIzJy+gn0 jI/77iRtwBh5ikstjme+7g8ugv8IiGH1K7GvL/+0kJLo2r6orkrWfD8lrCKLhOh8 +JGSLFjv15k9OelRFXS86oTPpbHDrOIemxwaBmJ30oS3P1l/FM54x7ic10OPCk1X KKzDfmBaScBCi05dbWYzL0qN9NcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSYS1PL hR7bdiH8fo8ZduO49XmeUDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qP8wDQYJKoZIhvcNAQELBQADggEBAEPp+FhlygdrHWmwRlrOQEjkA6ACWmjN6Umw 77hzRJ/abrFCbf/bpUpYR25/TGXni+xK1zqG5HJA4rd89i8nylgP/4NpUgXB7aeW M5RbEyn3bw48p1A4ZcBGDdnlPHk1E6boE74Mtxq0VAtF7jC9n4zi6oOlWT2upNmF S5f6wVWRyfbjxOsYt2ST9n3CCFiAY6/O1XU/zILmjKBYKk/3qWmeZcg/jFQZ1B3j 2FHXt9wfU1wBpPjGpQtr7Hlk3ruRKe332AMxK+xCSUx0ZlIod4cArkTM5cL029uj C3W/r1trsKNL+b7wmKkwGGtCfpt4FuDx6et/wg+8Mee/iwc6Zsc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:55 2026 by rpki-client