$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144969.roa File: AS144969.roa (raw, json) Hash identifier: YsOFPltEzs+xTN8WeLxWfuZ03a6INM/EGdHtRCp04As= Subject key identifier: C6:BC:8A:90:CD:EC:6A:DC:08:87:39:AF:44:42:09:D8:6C:7E:8C:65 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 23E6DE0E2B7DFC26F21855C748D89474E588DB6E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144969.roa Signing time: Wed 04 Mar 2026 06:22:11 +0000 ROA not before: Wed 04 Mar 2026 06:17:11 +0000 ROA not after: Wed 03 Mar 2027 06:22:11 +0000 asID: 144969 IP address blocks: 240a:a90f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:e6:de:0e:2b:7d:fc:26:f2:18:55:c7:48:d8:94:74:e5:88:db:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:11 2026 GMT Not After : Mar 3 06:22:11 2027 GMT Subject: CN=C6BC8A90CDEC6ADC088739AF444209D86C7E8C65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e8:9f:ab:81:ad:63:a1:c1:e1:e0:56:35:8b: 76:34:67:ea:c3:28:81:79:4f:05:fd:65:4f:8f:d1: c2:5d:67:c5:eb:c2:76:e0:94:c6:d3:05:04:7b:9f: 39:8d:7f:01:25:95:07:f2:b6:58:c6:34:28:98:c4: c3:f8:40:4c:d1:95:da:f2:c7:dc:b8:fe:56:45:de: 03:ce:9a:ed:39:85:4d:c8:0a:2e:f6:65:2d:f1:9d: 1c:48:82:18:d2:b5:2c:d0:9a:ff:28:72:0d:7e:9d: b5:73:7c:1e:3a:3e:aa:76:54:01:80:5d:94:f0:6d: 72:30:95:8f:a1:a0:85:9e:52:85:fc:10:9f:36:94: b2:2b:4a:9a:f4:36:89:07:33:24:e1:9a:f0:6b:c4: 14:69:30:0a:5b:b3:1e:2e:05:e5:4e:69:2c:fe:b5: 25:05:7a:5a:d9:7e:a4:74:58:7c:d0:6a:4f:76:48: 73:7d:03:c6:cc:c9:db:86:a3:21:42:c1:51:73:02: 12:07:af:44:2a:9c:95:90:7c:ac:18:93:6c:e3:3e: 5b:bd:e4:ec:b3:5b:dc:7c:e2:c7:26:01:49:07:cd: ea:85:7d:70:c2:08:fd:10:c9:e7:be:82:7c:70:9f: 93:71:31:0b:95:69:09:36:ed:76:6e:4b:dc:00:ac: bb:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:BC:8A:90:CD:EC:6A:DC:08:87:39:AF:44:42:09:D8:6C:7E:8C:65 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144969.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a90f::/32 Signature Algorithm: sha256WithRSAEncryption cd:c8:4c:4a:f0:f8:77:30:9e:bb:aa:9b:26:2e:4e:6f:8d:8e: b7:25:7e:5d:db:c7:1a:cb:fb:86:d6:81:60:4d:23:32:36:9c: 08:84:79:1b:df:db:8b:7f:45:25:31:a6:da:cb:26:ad:68:09: 43:22:66:a6:dc:e3:95:b5:1e:c4:f3:e4:e8:1e:5e:e5:9e:1d: fb:1d:58:69:22:f0:df:16:3c:f8:63:19:d7:85:90:aa:b5:b0: c8:c5:e4:b6:ab:05:b4:8d:20:17:c6:0d:a7:fe:f8:64:a2:bf: 60:58:64:c7:71:87:a4:fb:92:7f:8f:17:e0:0c:7f:f9:ab:17: 96:a2:d9:16:ff:61:34:f8:e9:09:6c:6c:fb:53:65:e3:3c:e4: 6a:a9:26:62:f8:de:80:c8:21:a2:da:ad:b9:32:8c:08:aa:20: de:50:6b:7d:1e:7a:10:15:b4:26:21:a5:df:b3:9b:23:3d:e0: 18:eb:b2:27:9d:1b:cd:aa:83:c5:c5:1d:e2:8f:07:4a:0c:5f: 12:20:1f:fa:8d:d0:0b:46:42:cc:ea:36:8e:9b:25:f6:04:dc: 98:22:dd:0e:a7:c6:5c:67:36:fa:06:9a:31:51:db:64:5b:ff: e5:03:97:d5:e4:91:68:ed:04:c3:c9:ca:f6:d2:5f:0d:4c:65: e6:39:09:7b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI+beDit9/CbyGFXHSNiUdOWI224wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxMVoX DTI3MDMwMzA2MjIxMVowMzExMC8GA1UEAxMoQzZCQzhBOTBDREVDNkFEQzA4ODcz OUFGNDQ0MjA5RDg2QzdFOEM2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALXon6uBrWOhweHgVjWLdjRn6sMogXlPBf1lT4/Rwl1nxevCduCUxtMFBHuf OY1/ASWVB/K2WMY0KJjEw/hATNGV2vLH3Lj+VkXeA86a7TmFTcgKLvZlLfGdHEiC GNK1LNCa/yhyDX6dtXN8Hjo+qnZUAYBdlPBtcjCVj6GghZ5ShfwQnzaUsitKmvQ2 iQczJOGa8GvEFGkwCluzHi4F5U5pLP61JQV6Wtl+pHRYfNBqT3ZIc30DxszJ24aj IULBUXMCEgevRCqclZB8rBiTbOM+W73k7LNb3HzixyYBSQfN6oV9cMII/RDJ576C fHCfk3ExC5VpCTbtdm5L3ACsu/MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTGvIqQ zexq3AiHOa9EQgnYbH6MZTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qQ8wDQYJKoZIhvcNAQELBQADggEBAM3ITErw+HcwnruqmyYuTm+Njrclfl3bxxrL +4bWgWBNIzI2nAiEeRvf24t/RSUxptrLJq1oCUMiZqbc45W1HsTz5OgeXuWeHfsd WGki8N8WPPhjGdeFkKq1sMjF5LarBbSNIBfGDaf++GSiv2BYZMdxh6T7kn+PF+AM f/mrF5ai2Rb/YTT46QlsbPtTZeM85GqpJmL43oDIIaLarbkyjAiqIN5Qa30eehAV tCYhpd+zmyM94BjrsiedG82qg8XFHeKPB0oMXxIgH/qN0AtGQszqNo6bJfYE3Jgi 3Q6nxlxnNvoGmjFR22Rb/+UDl9XkkWjtBMPJyvbSXw1MZeY5CXs= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:34 2026 by rpki-client