$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144963.roa File: AS144963.roa (raw, json) Hash identifier: mMxKoLlXAWVC50RvO79GlAk1enl6TWfx0S9PYIVN7Pk= Subject key identifier: 19:0A:93:C1:CA:02:BA:F0:72:EA:93:EA:0A:A2:5E:40:0A:2D:76:1E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E88E64A5C3FB18331BCA28C3AC6E37981B335C7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144963.roa Signing time: Wed 04 Mar 2026 06:20:15 +0000 ROA not before: Wed 04 Mar 2026 06:15:15 +0000 ROA not after: Wed 03 Mar 2027 06:20:15 +0000 asID: 144963 IP address blocks: 240a:a909::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:88:e6:4a:5c:3f:b1:83:31:bc:a2:8c:3a:c6:e3:79:81:b3:35:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:15 2026 GMT Not After : Mar 3 06:20:15 2027 GMT Subject: CN=190A93C1CA02BAF072EA93EA0AA25E400A2D761E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:95:6e:d8:20:cb:4a:76:eb:89:2f:77:0e:85: d4:ab:01:03:e6:5e:55:bb:15:82:bf:9b:c1:d8:26: f7:c5:fc:27:b0:5c:f0:3e:49:3c:c2:31:25:a0:f1: d3:df:cd:5e:f2:3c:c7:1b:75:c2:85:0c:72:50:25: ef:3e:79:1a:ae:23:51:07:f5:44:00:27:29:79:9b: a4:9a:78:30:12:8a:6f:0e:39:6d:c0:76:c4:b8:c5: 55:78:4e:f6:59:a7:6d:cb:45:9a:02:af:7d:c3:e9: 87:db:1d:0c:8e:5d:1e:66:f2:4b:15:0c:fc:64:95: 74:1b:d7:e3:77:bf:7b:f1:76:83:55:d5:de:8f:c0: 42:b2:6f:f8:1f:eb:00:5b:c7:21:87:4f:e7:9d:bf: 57:c2:64:6d:81:e6:3e:b2:82:06:23:88:fa:e9:bb: 00:2b:72:96:ed:fc:89:39:dc:c2:38:ea:3c:65:24: 29:68:8f:90:4c:1e:d0:7c:e7:9c:b2:23:12:81:84: a9:4a:22:97:7a:af:85:99:79:1c:00:c2:9f:3e:fc: fa:d6:f2:c7:b1:9d:36:43:96:00:21:0d:4f:f1:88: 55:20:7b:1f:1a:60:f1:17:3c:ce:f6:22:3d:84:30: 93:a9:f4:f5:d9:b5:d5:0c:81:f4:97:c6:08:a2:5c: 49:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:0A:93:C1:CA:02:BA:F0:72:EA:93:EA:0A:A2:5E:40:0A:2D:76:1E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144963.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a909::/32 Signature Algorithm: sha256WithRSAEncryption 34:47:f9:e8:93:ca:6b:63:30:1f:52:f6:75:3b:c4:8d:69:09: d2:c9:9e:53:95:51:55:8f:1d:e3:cb:d1:70:6d:08:de:e4:16: 52:be:68:fc:7a:5f:61:9d:2c:ed:07:a4:12:bd:ff:aa:a2:6a: ed:24:bf:eb:f9:fd:b6:ac:64:ae:84:81:2a:b7:61:a7:3f:c5: 3f:e7:6c:88:30:9d:b1:91:bf:ee:e2:be:ac:c6:ff:05:d0:c5: d8:44:c6:b7:0e:28:7f:f3:70:f7:e3:4a:e0:1b:06:df:d4:35: 0d:05:2b:90:16:a5:07:c5:ea:c9:92:57:3d:98:0b:56:ab:83: 03:60:ab:c4:b5:9d:be:4d:f1:49:2e:3b:a8:01:68:c3:5f:4d: 85:14:5b:94:a7:f2:9a:dd:b3:ec:07:66:65:01:ff:e2:cc:f6: 3f:06:55:73:7f:99:af:22:b5:35:64:66:e2:4a:8b:c0:ad:4a: fa:80:61:59:c9:cf:5c:1a:ab:26:24:60:ee:ce:44:6a:1d:af: 4d:7a:b4:38:c1:23:45:85:18:a2:09:75:db:9a:7a:ed:ee:1a: 93:ec:01:a5:d3:46:f3:45:b7:d5:89:21:70:93:61:57:8f:97: 7f:0e:56:48:b2:4c:56:ad:28:44:d2:8e:db:51:ef:53:d8:ef: 01:bb:ae:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHojmSlw/sYMxvKKMOsbjeYGzNccwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxNVoX DTI3MDMwMzA2MjAxNVowMzExMC8GA1UEAxMoMTkwQTkzQzFDQTAyQkFGMDcyRUE5 M0VBMEFBMjVFNDAwQTJENzYxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+Vbtggy0p264kvdw6F1KsBA+ZeVbsVgr+bwdgm98X8J7Bc8D5JPMIxJaDx 09/NXvI8xxt1woUMclAl7z55Gq4jUQf1RAAnKXmbpJp4MBKKbw45bcB2xLjFVXhO 9lmnbctFmgKvfcPph9sdDI5dHmbySxUM/GSVdBvX43e/e/F2g1XV3o/AQrJv+B/r AFvHIYdP552/V8JkbYHmPrKCBiOI+um7ACtylu38iTncwjjqPGUkKWiPkEwe0Hzn nLIjEoGEqUoil3qvhZl5HADCnz78+tbyx7GdNkOWACENT/GIVSB7Hxpg8Rc8zvYi PYQwk6n09dm11QyB9JfGCKJcSbsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQZCpPB ygK68HLqk+oKol5ACi12HjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qQkwDQYJKoZIhvcNAQELBQADggEBADRH+eiTymtjMB9S9nU7xI1pCdLJnlOVUVWP HePL0XBtCN7kFlK+aPx6X2GdLO0HpBK9/6qiau0kv+v5/basZK6EgSq3Yac/xT/n bIgwnbGRv+7ivqzG/wXQxdhExrcOKH/zcPfjSuAbBt/UNQ0FK5AWpQfF6smSVz2Y C1argwNgq8S1nb5N8UkuO6gBaMNfTYUUW5Sn8prds+wHZmUB/+LM9j8GVXN/ma8i tTVkZuJKi8CtSvqAYVnJz1waqyYkYO7ORGodr016tDjBI0WFGKIJdduaeu3uGpPs AaXTRvNFt9WJIXCTYVePl38OVkiyTFatKETSjttR71PY7wG7rgg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:19 2026 by rpki-client