$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144986.roa File: AS144986.roa (raw, json) Hash identifier: ayyxn/9/fv2h99+Xmxzjp29ZLYwzyuQkVTNagCvaUeM= Subject key identifier: 03:F5:88:5E:E7:6A:A7:81:10:10:C5:D4:AA:97:15:5F:72:24:0E:D4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 01B811BB1941CA626F13A294044251ED3C3E5BFA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144986.roa Signing time: Wed 04 Mar 2026 06:20:18 +0000 ROA not before: Wed 04 Mar 2026 06:15:18 +0000 ROA not after: Wed 03 Mar 2027 06:20:18 +0000 asID: 144986 IP address blocks: 240a:a920::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:b8:11:bb:19:41:ca:62:6f:13:a2:94:04:42:51:ed:3c:3e:5b:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:18 2026 GMT Not After : Mar 3 06:20:18 2027 GMT Subject: CN=03F5885EE76AA7811010C5D4AA97155F72240ED4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:23:35:51:79:6c:ea:22:0c:92:46:a3:19:58: e9:45:6f:34:07:f9:a5:e2:42:a2:e2:1d:35:5c:8d: 06:c9:5f:c1:cc:90:53:2f:8e:47:2d:3a:43:6d:88: 3a:0a:8a:8c:7f:6a:84:8c:f5:db:83:fe:61:10:03: 44:6a:3d:b3:d2:42:6c:6d:10:d1:ae:0b:fe:2b:24: 37:6b:16:a3:d3:f2:de:22:8b:7d:82:b7:af:e0:d6: 23:dd:df:52:51:70:8a:63:06:af:8c:ee:12:37:38: df:cb:ec:84:f2:7a:ea:11:87:e9:db:3e:fd:3d:5c: d8:84:3a:2b:bb:36:1a:8f:72:f5:ca:83:87:5a:3a: 77:07:0d:99:7b:c6:b1:05:6c:23:9e:97:8f:12:31: ff:2c:61:77:8e:c2:36:b3:18:50:fa:85:f0:1f:59: b5:6c:47:8c:3a:29:6a:6e:33:cb:d3:6e:1d:2f:f8: b6:b6:31:4e:2e:6d:52:6d:0e:6a:1f:60:fe:ad:56: d0:81:8d:1e:38:92:07:0d:47:c3:e5:bc:ee:2f:4d: 4d:32:31:11:9c:64:1f:d5:4f:9e:87:f9:1c:c5:48: 36:ff:08:07:cd:ce:62:01:3d:a4:fd:44:2d:ca:60: 9a:99:77:b7:9c:f2:44:76:14:f9:c6:68:2b:72:6e: 7c:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:F5:88:5E:E7:6A:A7:81:10:10:C5:D4:AA:97:15:5F:72:24:0E:D4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144986.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a920::/32 Signature Algorithm: sha256WithRSAEncryption 02:96:30:19:a2:ab:14:bc:18:b5:88:d5:1b:0e:07:2a:e6:2e: 8a:4f:0a:0a:10:a8:0b:4b:92:34:62:41:6f:2f:56:64:71:21: 1c:43:78:8d:cd:fe:a7:02:94:6c:c9:8d:a2:73:42:b7:02:75: f0:5f:d3:60:ec:51:f8:39:f1:0a:c5:df:33:71:5c:9f:29:dd: b2:bc:8d:50:d9:76:17:b3:8f:3e:cd:41:eb:cc:14:20:47:84: 2c:18:8b:a9:43:24:14:30:b8:21:23:31:e8:3d:72:c1:d6:00: 43:1b:5d:d6:1d:bd:8a:aa:03:ee:e3:c6:4f:b5:8b:fe:9e:1d: 59:71:e5:85:3b:50:24:e4:cb:00:e6:d2:0f:20:ff:ca:90:c8: a5:f4:a5:77:a6:0a:6c:d3:d2:d5:2e:ed:04:ba:94:91:48:9d: 9d:4c:dc:42:55:d5:09:0f:bc:09:a7:15:2a:46:df:95:d7:be: fc:4e:11:0a:78:08:81:74:42:21:89:3a:af:c9:17:42:f0:02: e5:2f:4a:dd:f0:06:e1:dd:19:cf:1b:22:f4:fb:27:fe:79:91: dc:98:f7:5f:ee:4d:24:86:1c:32:25:5e:c1:22:d4:41:3d:26: 2a:50:43:fe:9c:22:c0:0b:d2:71:0a:a4:33:ff:41:41:34:23: 6d:87:59:bc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAbgRuxlBymJvE6KUBEJR7Tw+W/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxOFoX DTI3MDMwMzA2MjAxOFowMzExMC8GA1UEAxMoMDNGNTg4NUVFNzZBQTc4MTEwMTBD NUQ0QUE5NzE1NUY3MjI0MEVENDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcjNVF5bOoiDJJGoxlY6UVvNAf5peJCouIdNVyNBslfwcyQUy+ORy06Q22I OgqKjH9qhIz124P+YRADRGo9s9JCbG0Q0a4L/iskN2sWo9Py3iKLfYK3r+DWI93f UlFwimMGr4zuEjc438vshPJ66hGH6ds+/T1c2IQ6K7s2Go9y9cqDh1o6dwcNmXvG sQVsI56XjxIx/yxhd47CNrMYUPqF8B9ZtWxHjDopam4zy9NuHS/4trYxTi5tUm0O ah9g/q1W0IGNHjiSBw1Hw+W87i9NTTIxEZxkH9VPnof5HMVINv8IB83OYgE9pP1E Lcpgmpl3t5zyRHYU+cZoK3JufBkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQD9Yhe 52qngRAQxdSqlxVfciQO1DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qSAwDQYJKoZIhvcNAQELBQADggEBAAKWMBmiqxS8GLWI1RsOByrmLopPCgoQqAtL kjRiQW8vVmRxIRxDeI3N/qcClGzJjaJzQrcCdfBf02DsUfg58QrF3zNxXJ8p3bK8 jVDZdhezjz7NQevMFCBHhCwYi6lDJBQwuCEjMeg9csHWAEMbXdYdvYqqA+7jxk+1 i/6eHVlx5YU7UCTkywDm0g8g/8qQyKX0pXemCmzT0tUu7QS6lJFInZ1M3EJV1QkP vAmnFSpG35XXvvxOEQp4CIF0QiGJOq/JF0LwAuUvSt3wBuHdGc8bIvT7J/55kdyY 91/uTSSGHDIlXsEi1EE9JipQQ/6cIsAL0nEKpDP/QUE0I22HWbw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:04 2026 by rpki-client