$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144987.roa File: AS144987.roa (raw, json) Hash identifier: 7PBU8wLkUpDqwtvAyGHdTyJRsARQZnTDiJDzqlfv4ok= Subject key identifier: C8:C4:EF:0F:D6:55:F6:E8:C6:57:F4:B9:3C:95:52:06:7E:BC:0D:DF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 32656FAE14A69443D8E76975F70FA5955E040939 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144987.roa Signing time: Wed 04 Mar 2026 06:19:18 +0000 ROA not before: Wed 04 Mar 2026 06:14:18 +0000 ROA not after: Wed 03 Mar 2027 06:19:18 +0000 asID: 144987 IP address blocks: 240a:a921::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:65:6f:ae:14:a6:94:43:d8:e7:69:75:f7:0f:a5:95:5e:04:09:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:18 2026 GMT Not After : Mar 3 06:19:18 2027 GMT Subject: CN=C8C4EF0FD655F6E8C657F4B93C9552067EBC0DDF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:32:96:28:00:e1:04:54:04:c9:f5:77:89:b8: ae:f1:e0:ff:38:6e:ff:b0:48:4d:b3:76:12:b8:05: 73:07:6a:cc:a9:e1:cc:97:d1:f4:1c:fa:e4:2f:f0: cb:72:e4:d0:02:83:55:b7:25:2a:3a:ea:e2:ab:52: 04:fe:50:00:1f:8c:7f:26:56:de:a8:d5:77:3c:fe: 3f:c2:77:b4:9a:32:b3:bd:e7:6a:89:41:a5:02:f4: 84:1a:a7:c4:98:4f:fa:f6:12:ce:4c:57:1c:0e:27: 23:ae:00:fa:74:5f:c0:7e:b6:ae:bd:20:82:7d:90: 82:87:b9:c2:d3:a8:6f:17:e5:04:54:81:20:46:f0: 90:4c:5c:80:47:52:00:ca:d0:a0:3b:e6:30:67:79: 57:e5:3e:ce:07:64:d2:2c:55:73:16:92:92:6d:e9: 1f:f3:75:e4:b5:4e:9e:76:25:59:06:3d:98:36:08: dc:77:00:cc:60:43:c1:52:24:b5:81:c2:cc:22:7e: c4:df:76:59:ca:ca:ef:05:74:a2:c7:3f:44:89:c7: fc:d0:bf:26:18:71:ee:2b:c6:08:78:fa:6f:6e:86: 1f:15:f9:96:02:c9:2e:50:10:86:33:83:a4:53:c6: 78:bc:bf:50:7e:34:ac:04:c6:89:ba:33:5f:e0:1a: 8c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:C4:EF:0F:D6:55:F6:E8:C6:57:F4:B9:3C:95:52:06:7E:BC:0D:DF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144987.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a921::/32 Signature Algorithm: sha256WithRSAEncryption 5f:27:3b:38:17:08:29:f4:a7:29:69:24:8b:38:4e:7b:08:d1: 98:6e:d2:62:56:d1:b4:fa:4c:81:f6:56:89:13:bd:b9:e7:07: 1f:f0:4d:46:73:b6:4f:68:81:c5:5e:2b:49:35:7b:cb:24:cb: db:f7:f0:cc:fc:d8:c9:d9:b6:8a:bc:1c:ff:90:38:d3:04:7d: ac:7c:0c:cf:9c:27:b1:d2:41:6c:b2:0a:18:28:25:5b:4c:d2: 7e:f3:71:04:7f:53:8e:61:8b:fe:36:52:b5:80:df:58:ab:36: 86:2e:4b:6f:c4:d5:42:c6:0b:c9:4d:d1:44:2f:19:94:07:0c: fe:16:d4:0c:fb:54:da:cc:9a:8b:5b:9d:3d:aa:63:b2:17:96: b7:7e:81:59:54:f9:e4:90:b8:04:68:f2:34:f0:3d:78:9a:71: 2a:42:13:28:58:c8:7d:63:23:8b:e0:b4:92:12:88:b6:50:f1: e8:3c:8c:0e:89:e3:80:4d:d9:70:db:c9:08:c3:7f:6b:96:27: 06:9e:b5:a2:90:80:9c:6f:a9:6c:a3:5a:e0:d0:ea:bf:24:0f: 61:1e:1b:66:e0:85:dd:f3:91:31:f9:1e:b5:c8:f3:5c:ed:46: 82:df:29:1c:0d:88:24:b7:1a:09:7f:0f:de:54:83:94:7c:cd: e4:f9:3e:4e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMmVvrhSmlEPY52l19w+llV4ECTkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQxOFoX DTI3MDMwMzA2MTkxOFowMzExMC8GA1UEAxMoQzhDNEVGMEZENjU1RjZFOEM2NTdG NEI5M0M5NTUyMDY3RUJDMERERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKoyligA4QRUBMn1d4m4rvHg/zhu/7BITbN2ErgFcwdqzKnhzJfR9Bz65C/w y3Lk0AKDVbclKjrq4qtSBP5QAB+MfyZW3qjVdzz+P8J3tJoys73naolBpQL0hBqn xJhP+vYSzkxXHA4nI64A+nRfwH62rr0ggn2Qgoe5wtOobxflBFSBIEbwkExcgEdS AMrQoDvmMGd5V+U+zgdk0ixVcxaSkm3pH/N15LVOnnYlWQY9mDYI3HcAzGBDwVIk tYHCzCJ+xN92WcrK7wV0osc/RInH/NC/Jhhx7ivGCHj6b26GHxX5lgLJLlAQhjOD pFPGeLy/UH40rATGibozX+AajF0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTIxO8P 1lX26MZX9Lk8lVIGfrwN3zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDk4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qSEwDQYJKoZIhvcNAQELBQADggEBAF8nOzgXCCn0pylpJIs4TnsI0Zhu0mJW0bT6 TIH2VokTvbnnBx/wTUZztk9ogcVeK0k1e8sky9v38Mz82MnZtoq8HP+QONMEfax8 DM+cJ7HSQWyyChgoJVtM0n7zcQR/U45hi/42UrWA31irNoYuS2/E1ULGC8lN0UQv GZQHDP4W1Az7VNrMmotbnT2qY7IXlrd+gVlU+eSQuARo8jTwPXiacSpCEyhYyH1j I4vgtJISiLZQ8eg8jA6J44BN2XDbyQjDf2uWJwaetaKQgJxvqWyjWuDQ6r8kD2Ee G2bghd3zkTH5HrXI81ztRoLfKRwNiCS3Ggl/D95Ug5R8zeT5Pk4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:14 2026 by rpki-client