$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145018.roa File: AS145018.roa (raw, json) Hash identifier: F+PD7UBBmaaHpYJ1IcsSgH5J9aH3LhKaz6U6CG5d0BE= Subject key identifier: E4:70:2E:5F:E8:D0:5E:1E:F2:57:4D:A5:BF:64:FD:E3:8A:FF:0B:07 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 09335EAAF0C7E58B5809244246E9B5D13ACD03EE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145018.roa Signing time: Wed 04 Mar 2026 06:20:43 +0000 ROA not before: Wed 04 Mar 2026 06:15:43 +0000 ROA not after: Wed 03 Mar 2027 06:20:43 +0000 asID: 145018 IP address blocks: 240a:a940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:33:5e:aa:f0:c7:e5:8b:58:09:24:42:46:e9:b5:d1:3a:cd:03:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:43 2026 GMT Not After : Mar 3 06:20:43 2027 GMT Subject: CN=E4702E5FE8D05E1EF2574DA5BF64FDE38AFF0B07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:6b:53:a5:ae:45:f8:69:ae:52:16:7d:e4:22: ca:17:97:c4:80:d9:ce:4c:57:0e:a5:9c:5c:2b:e7: b5:11:72:28:14:3f:81:29:1e:24:ea:56:a1:32:f7: 16:36:54:be:5d:6e:3d:a3:7f:37:14:5e:04:29:af: fd:de:2c:a1:90:fd:64:1a:08:37:8d:25:44:ef:be: f7:05:fd:a3:a5:c7:c8:b3:9f:ed:92:fb:2e:d9:b4: c2:22:99:ef:a2:a8:e1:57:c4:87:8b:5a:f7:03:fc: c0:0f:f5:2f:6a:80:5f:58:f2:35:1f:87:60:97:a5: a9:48:63:06:3f:f9:fc:ae:e5:ce:42:00:d5:7b:49: 0f:85:0c:f8:34:f5:08:2e:82:54:42:a8:5b:ad:ed: e3:1f:e7:b6:27:e2:44:ef:56:2c:0b:86:aa:f6:d3: cf:d2:9e:35:2b:e2:02:13:76:c9:55:6e:b5:19:86: cd:42:94:b7:17:40:e5:d8:17:56:13:6a:cc:f9:d6: 5c:13:71:e8:5b:f8:25:2d:d1:b8:5d:11:f3:8a:80: 05:25:7b:00:47:1d:52:55:15:de:fd:1a:e0:36:42: d5:73:38:f7:37:a3:a2:7a:81:6d:4b:5f:35:37:f4: 1d:16:64:f9:64:ca:1c:62:b0:35:eb:bf:06:b7:52: 52:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:70:2E:5F:E8:D0:5E:1E:F2:57:4D:A5:BF:64:FD:E3:8A:FF:0B:07 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145018.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a940::/32 Signature Algorithm: sha256WithRSAEncryption 79:a8:47:a9:41:ac:a1:73:a4:fd:1f:23:43:a7:28:81:99:cc: a0:31:1a:a8:d1:57:f8:84:23:41:e2:e1:bf:63:a0:9c:62:c1: 25:65:ab:bb:10:4a:48:2b:0a:6d:8f:83:d2:70:8d:32:b6:20: 95:8c:8d:50:de:76:37:ba:c8:e3:8d:2b:c1:75:74:dc:c7:67: 20:fa:f1:5f:35:b7:3d:52:ce:fd:b2:1e:b5:50:ac:ad:f1:21: c2:68:45:99:21:16:d2:8f:ef:73:ad:7c:4a:57:61:8e:a7:b1: ff:f5:70:d9:b7:b1:f6:c4:15:02:92:70:3f:9f:ca:f6:53:08: 10:e7:03:e3:c4:72:37:a7:82:13:a7:af:ca:bc:38:34:9e:bc: b8:7f:44:05:4d:f9:68:05:3b:e1:17:bf:29:79:ce:14:ce:20: 86:be:cb:34:a1:a0:ca:be:96:99:e4:36:c3:62:d2:39:2e:c9: 87:c5:b6:85:d7:8e:b7:55:37:04:9f:eb:93:61:46:10:2c:77: c4:93:22:5c:03:88:ea:c0:59:d8:15:97:08:c5:41:2d:58:4f: 2e:8e:ba:e6:20:96:af:3f:00:17:ea:d5:b3:ee:14:fc:99:38: 57:7d:12:a9:60:bf:1b:6b:2b:a7:5d:e3:d3:4a:dc:0a:c7:13: 0b:33:35:53 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCTNeqvDH5YtYCSRCRum10TrNA+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0M1oX DTI3MDMwMzA2MjA0M1owMzExMC8GA1UEAxMoRTQ3MDJFNUZFOEQwNUUxRUYyNTc0 REE1QkY2NEZERTM4QUZGMEIwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK5rU6WuRfhprlIWfeQiyheXxIDZzkxXDqWcXCvntRFyKBQ/gSkeJOpWoTL3 FjZUvl1uPaN/NxReBCmv/d4soZD9ZBoIN40lRO++9wX9o6XHyLOf7ZL7Ltm0wiKZ 76Ko4VfEh4ta9wP8wA/1L2qAX1jyNR+HYJelqUhjBj/5/K7lzkIA1XtJD4UM+DT1 CC6CVEKoW63t4x/ntifiRO9WLAuGqvbTz9KeNSviAhN2yVVutRmGzUKUtxdA5dgX VhNqzPnWXBNx6Fv4JS3RuF0R84qABSV7AEcdUlUV3v0a4DZC1XM49zejonqBbUtf NTf0HRZk+WTKHGKwNeu/BrdSUoECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTkcC5f 6NBeHvJXTaW/ZP3jiv8LBzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qUAwDQYJKoZIhvcNAQELBQADggEBAHmoR6lBrKFzpP0fI0OnKIGZzKAxGqjRV/iE I0Hi4b9joJxiwSVlq7sQSkgrCm2Pg9JwjTK2IJWMjVDedje6yOONK8F1dNzHZyD6 8V81tz1Szv2yHrVQrK3xIcJoRZkhFtKP73OtfEpXYY6nsf/1cNm3sfbEFQKScD+f yvZTCBDnA+PEcjenghOnr8q8ODSevLh/RAVN+WgFO+EXvyl5zhTOIIa+yzShoMq+ lpnkNsNi0jkuyYfFtoXXjrdVNwSf65NhRhAsd8STIlwDiOrAWdgVlwjFQS1YTy6O uuYglq8/ABfq1bPuFPyZOFd9EqlgvxtrK6dd49NK3ArHEwszNVM= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:26 2026 by rpki-client