$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145004.roa File: AS145004.roa (raw, json) Hash identifier: SuxFww14X0O5eXqnLjzftzlJDkwsr3pyeOCKXJKu+gM= Subject key identifier: 63:9C:D2:8C:94:4C:F6:CC:D7:8F:04:B8:30:6D:3C:88:07:BF:31:FE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 71E62DFACC7E37B59CDDA2816BE9749473D67EAC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145004.roa Signing time: Wed 04 Mar 2026 06:22:38 +0000 ROA not before: Wed 04 Mar 2026 06:17:38 +0000 ROA not after: Wed 03 Mar 2027 06:22:38 +0000 asID: 145004 IP address blocks: 240a:a932::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:e6:2d:fa:cc:7e:37:b5:9c:dd:a2:81:6b:e9:74:94:73:d6:7e:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:38 2026 GMT Not After : Mar 3 06:22:38 2027 GMT Subject: CN=639CD28C944CF6CCD78F04B8306D3C8807BF31FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f7:dd:37:26:ee:25:9e:1d:3f:e9:45:0d:36: 0e:e5:75:c8:b8:a3:dd:45:d7:08:b9:b5:e4:b0:8c: 43:8e:eb:1d:47:5a:09:9d:f9:44:1a:7f:a0:99:bf: 81:cd:e2:74:dd:e4:51:e2:a2:1e:ff:aa:25:ba:0e: 80:ed:44:a4:94:16:77:73:a6:7c:83:2a:2a:8e:e6: 83:5e:2d:72:fc:72:26:31:49:7e:60:d1:cc:d0:69: 6d:5b:77:15:f8:87:53:d2:93:84:3d:7e:0d:f1:d5: 98:6a:f9:a6:7d:4c:4b:49:bb:f0:dd:25:58:71:ba: 95:97:bb:8c:99:92:d2:92:d3:5b:49:05:0a:ac:91: b0:85:ae:43:18:44:11:1b:93:6e:5a:2a:eb:7c:ec: 02:54:e3:8e:a5:12:d1:34:2c:48:34:b6:a0:a4:46: 6a:a6:07:24:3e:d2:5f:bd:0f:4c:8e:2c:a8:ba:42: e5:2f:3c:d8:b0:e9:69:2f:f2:dd:7f:a8:83:66:05: 1b:7c:86:6f:02:99:38:04:f4:f9:f8:ce:03:f5:7d: 92:0a:69:c7:00:3a:d4:7b:b4:4c:04:75:77:29:12: 96:4f:6e:0b:55:eb:cb:bb:69:44:a1:a3:a9:9b:8b: 78:31:92:ed:cb:68:3c:28:2d:3e:d5:24:10:d0:dd: 72:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:9C:D2:8C:94:4C:F6:CC:D7:8F:04:B8:30:6D:3C:88:07:BF:31:FE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145004.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a932::/32 Signature Algorithm: sha256WithRSAEncryption 61:04:e5:c8:fc:7d:37:f6:b6:6e:94:a8:7c:c9:32:fb:c8:69: 28:06:1c:87:3f:e5:39:d8:cd:f7:04:24:56:c2:db:57:54:64: e3:eb:20:ad:62:36:b5:17:11:32:71:5a:63:6a:e8:78:a0:58: 19:dd:ca:6c:e0:58:37:3b:3d:71:79:58:bb:be:36:cf:56:fb: 7b:b4:0d:ad:04:40:38:3f:38:e5:6c:99:a0:6d:d1:87:c4:87: 34:c4:ca:38:cb:6f:e4:b9:3b:dd:b6:7d:80:5a:35:98:5b:86: 56:27:90:3a:eb:0b:1b:72:24:e9:67:21:75:a4:2c:11:71:35: ae:f9:14:05:f9:a5:33:9d:ce:c2:a8:5f:4e:cc:39:d0:a0:7c: 8b:57:3c:f2:5f:6e:b1:c7:58:e3:78:e3:59:37:3d:d2:ad:d4: ee:e9:2a:c5:ee:62:17:d9:cf:ee:d0:c1:49:12:8f:f6:44:99: 54:d2:3e:12:bb:18:0b:d9:c3:d5:0a:8d:4c:1e:1b:70:d9:55: 82:93:1c:3e:47:0b:de:13:03:be:08:08:2a:d8:c4:75:f2:84: 5b:f4:ac:f4:a0:d2:78:31:97:99:1c:4a:a3:b4:6d:35:4d:96: fe:08:54:75:4c:90:03:00:6e:2c:44:49:11:98:61:42:c6:db: 38:d9:0b:47 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUceYt+sx+N7Wc3aKBa+l0lHPWfqwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczOFoX DTI3MDMwMzA2MjIzOFowMzExMC8GA1UEAxMoNjM5Q0QyOEM5NDRDRjZDQ0Q3OEYw NEI4MzA2RDNDODgwN0JGMzFGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMr33Tcm7iWeHT/pRQ02DuV1yLij3UXXCLm15LCMQ47rHUdaCZ35RBp/oJm/ gc3idN3kUeKiHv+qJboOgO1EpJQWd3OmfIMqKo7mg14tcvxyJjFJfmDRzNBpbVt3 FfiHU9KThD1+DfHVmGr5pn1MS0m78N0lWHG6lZe7jJmS0pLTW0kFCqyRsIWuQxhE ERuTbloq63zsAlTjjqUS0TQsSDS2oKRGaqYHJD7SX70PTI4sqLpC5S882LDpaS/y 3X+og2YFG3yGbwKZOAT0+fjOA/V9kgppxwA61Hu0TAR1dykSlk9uC1Xry7tpRKGj qZuLeDGS7ctoPCgtPtUkENDdcmcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRjnNKM lEz2zNePBLgwbTyIB78x/jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qTIwDQYJKoZIhvcNAQELBQADggEBAGEE5cj8fTf2tm6UqHzJMvvIaSgGHIc/5TnY zfcEJFbC21dUZOPrIK1iNrUXETJxWmNq6HigWBndymzgWDc7PXF5WLu+Ns9W+3u0 Da0EQDg/OOVsmaBt0YfEhzTEyjjLb+S5O922fYBaNZhbhlYnkDrrCxtyJOlnIXWk LBFxNa75FAX5pTOdzsKoX07MOdCgfItXPPJfbrHHWON441k3PdKt1O7pKsXuYhfZ z+7QwUkSj/ZEmVTSPhK7GAvZw9UKjUweG3DZVYKTHD5HC94TA74ICCrYxHXyhFv0 rPSg0ngxl5kcSqO0bTVNlv4IVHVMkAMAbixESRGYYULG2zjZC0c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:18 2026 by rpki-client