$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144984.roa File: AS144984.roa (raw, json) Hash identifier: gjv68kRMgIsLra9oo9c8TuvW7Fc+Chgujh3osKf10SI= Subject key identifier: 36:25:26:40:8A:00:06:4A:5B:63:FE:BE:C8:5B:56:86:D1:F6:D3:B4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2D257A7121B96C04D06E089B5FA84D0EB13C0E69 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144984.roa Signing time: Wed 04 Mar 2026 06:21:41 +0000 ROA not before: Wed 04 Mar 2026 06:16:41 +0000 ROA not after: Wed 03 Mar 2027 06:21:41 +0000 asID: 144984 IP address blocks: 240a:a91e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:25:7a:71:21:b9:6c:04:d0:6e:08:9b:5f:a8:4d:0e:b1:3c:0e:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:41 2026 GMT Not After : Mar 3 06:21:41 2027 GMT Subject: CN=362526408A00064A5B63FEBEC85B5686D1F6D3B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:60:f8:e5:56:3a:5b:df:87:ca:83:dd:de:3a: c1:fd:51:77:82:04:7b:fb:33:d0:a0:69:56:17:a4: fb:16:45:f6:c5:e2:fe:a8:cf:02:a0:54:92:b7:6f: f5:52:40:e9:66:b4:24:ed:f3:48:13:df:5d:6b:ab: 93:e1:4d:df:85:29:9e:91:56:ef:fa:48:63:4a:2b: 2a:bc:ae:28:bd:c3:97:a3:33:b3:51:a5:7d:8c:1e: b9:4f:c1:a8:76:11:b2:10:39:c7:a6:fc:3b:a0:f4: 58:36:2b:67:cf:73:fb:55:26:73:30:60:23:dd:11: ce:3e:aa:2f:4f:c5:87:fa:6f:44:50:67:db:10:e0: e0:96:61:81:b9:e2:65:11:e4:e7:b9:c5:50:70:5a: 5c:53:86:9c:85:85:2a:fb:76:0b:d9:6c:4b:c4:57: 88:bb:7f:2c:65:f3:af:da:bf:00:35:29:b5:fa:2b: 4f:fb:7e:8e:6e:74:74:df:94:67:07:3c:97:74:e6: 90:61:ee:c5:5d:bb:7e:bc:d1:f9:1e:b1:1b:b2:7e: 07:af:8a:05:b2:a7:fe:c0:d6:05:c8:e3:26:cd:d3: ec:a4:4e:60:8c:9f:5a:e0:49:7a:9d:2c:fb:ae:50: d5:8f:a0:73:ec:ff:27:53:87:18:86:4b:74:89:bb: 5a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:25:26:40:8A:00:06:4A:5B:63:FE:BE:C8:5B:56:86:D1:F6:D3:B4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144984.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a91e::/32 Signature Algorithm: sha256WithRSAEncryption 55:bd:41:90:4b:87:8d:02:94:54:53:cc:a1:92:99:d7:3e:40: 03:a3:78:01:bf:ce:18:fb:16:5d:5e:c3:1a:f0:28:4e:e6:37: 22:3e:cf:70:62:24:8b:9e:50:06:41:db:10:ed:09:73:3e:b8: 6a:d9:87:b0:c4:ac:9d:23:6b:4f:aa:ee:14:05:1d:44:35:7f: 05:66:6a:8e:54:89:b1:e6:6e:39:fe:73:02:33:45:d0:a1:1b: e5:ca:2d:89:ce:03:4f:df:d7:ca:ee:52:7a:3c:ce:fa:72:78: d9:5c:88:73:cf:f1:6f:f8:63:e5:ed:29:f6:07:8b:cd:25:3e: 99:b1:14:e8:a3:75:6c:45:1e:61:62:23:53:99:d8:e5:70:30: 9e:53:1e:1b:8f:2d:4c:02:41:d1:70:a5:d6:57:04:e0:d4:1e: bd:bc:62:b7:05:45:b0:a5:95:82:ec:15:a4:ac:f3:22:a3:61: a5:9b:b5:b2:8d:25:e6:ab:b5:48:bd:62:12:0f:5f:dc:98:74: a8:33:1f:d0:dc:2b:20:fc:6c:e6:76:13:9e:7e:7d:85:a6:62: 86:cd:a5:24:99:c7:3f:98:1c:5f:fb:fb:ad:e2:de:ea:ee:b6: be:64:e4:7b:4b:e7:17:b6:a4:a1:96:0b:e6:42:0a:bd:ef:40: 61:cf:8e:f0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULSV6cSG5bATQbgibX6hNDrE8DmkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0MVoX DTI3MDMwMzA2MjE0MVowMzExMC8GA1UEAxMoMzYyNTI2NDA4QTAwMDY0QTVCNjNG RUJFQzg1QjU2ODZEMUY2RDNCNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9g+OVWOlvfh8qD3d46wf1Rd4IEe/sz0KBpVhek+xZF9sXi/qjPAqBUkrdv 9VJA6Wa0JO3zSBPfXWurk+FN34UpnpFW7/pIY0orKryuKL3Dl6Mzs1GlfYweuU/B qHYRshA5x6b8O6D0WDYrZ89z+1UmczBgI90Rzj6qL0/Fh/pvRFBn2xDg4JZhgbni ZRHk57nFUHBaXFOGnIWFKvt2C9lsS8RXiLt/LGXzr9q/ADUptforT/t+jm50dN+U Zwc8l3TmkGHuxV27frzR+R6xG7J+B6+KBbKn/sDWBcjjJs3T7KROYIyfWuBJep0s +65Q1Y+gc+z/J1OHGIZLdIm7WrkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ2JSZA igAGSltj/r7IW1aG0fbTtDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qR4wDQYJKoZIhvcNAQELBQADggEBAFW9QZBLh40ClFRTzKGSmdc+QAOjeAG/zhj7 Fl1ewxrwKE7mNyI+z3BiJIueUAZB2xDtCXM+uGrZh7DErJ0ja0+q7hQFHUQ1fwVm ao5UibHmbjn+cwIzRdChG+XKLYnOA0/f18ruUno8zvpyeNlciHPP8W/4Y+XtKfYH i80lPpmxFOijdWxFHmFiI1OZ2OVwMJ5THhuPLUwCQdFwpdZXBODUHr28YrcFRbCl lYLsFaSs8yKjYaWbtbKNJeartUi9YhIPX9yYdKgzH9DcKyD8bOZ2E55+fYWmYobN pSSZxz+YHF/7+63i3urutr5k5HtL5xe2pKGWC+ZCCr3vQGHPjvA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:37 2026 by rpki-client