$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145127.roa File: AS145127.roa (raw, json) Hash identifier: J4o1sijHW5Jqyd0Wm7VAzeaOOBb3TA8I2PhIbrdGFi0= Subject key identifier: B3:58:50:D2:E1:43:48:E2:A3:AD:C3:67:CE:3C:FA:63:52:0D:A3:81 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 08A041FD5347B1575904CEA5D6471C791BE80D1E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145127.roa Signing time: Wed 04 Mar 2026 06:22:26 +0000 ROA not before: Wed 04 Mar 2026 06:17:26 +0000 ROA not after: Wed 03 Mar 2027 06:22:26 +0000 asID: 145127 IP address blocks: 240a:a9ad::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:a0:41:fd:53:47:b1:57:59:04:ce:a5:d6:47:1c:79:1b:e8:0d:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:26 2026 GMT Not After : Mar 3 06:22:26 2027 GMT Subject: CN=B35850D2E14348E2A3ADC367CE3CFA63520DA381 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:7b:df:e1:e0:2e:32:bf:83:b9:9e:4c:2d:d5: 1e:20:34:c9:d5:a6:9a:f1:5b:67:3a:23:6a:5d:0c: ce:21:3b:f0:01:4d:39:eb:d8:13:95:37:dd:0e:96: f9:6f:e4:4b:09:88:7f:f6:4c:a4:d4:d5:ca:15:4b: f5:8a:ae:c4:ae:3b:8b:73:7f:b2:67:79:d3:77:25: e9:0f:18:9a:14:01:20:34:cd:46:5b:5d:d2:6a:6d: 97:86:a5:54:46:3b:99:a1:45:b0:06:51:3b:2e:0d: 3c:e7:2b:9f:c6:89:02:f0:a8:6a:3d:b8:34:a1:68: c5:e1:e5:3d:41:e1:22:e8:e7:f2:be:98:86:06:ab: 99:7a:81:cb:df:96:b1:db:9c:f0:c2:59:56:aa:c7: fe:3b:dc:3d:6e:d0:06:41:6f:6e:6b:be:0e:8b:67: 75:c3:9b:ff:d3:4b:07:e0:83:62:2f:9f:ec:5f:3d: a0:65:a6:46:63:b2:32:1e:3c:8d:e3:d5:5c:7f:f7: 5e:07:4f:43:45:51:d0:23:e4:bc:6f:95:5e:c6:87: 18:49:6f:be:00:cc:9e:fe:5b:15:b2:45:72:82:39: 8f:7b:14:dd:84:73:12:9e:a1:da:ec:1f:c2:76:34: 77:59:aa:14:ea:3e:57:ad:70:39:95:8b:c7:00:fe: 9b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:58:50:D2:E1:43:48:E2:A3:AD:C3:67:CE:3C:FA:63:52:0D:A3:81 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145127.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9ad::/32 Signature Algorithm: sha256WithRSAEncryption 59:27:af:3e:3f:8c:43:69:ea:59:dc:9f:35:2d:ab:a6:a1:41: 22:c5:a8:3f:89:a7:f0:03:49:7e:a9:a6:8e:d5:57:f4:4b:ca: bc:36:6d:ab:77:45:c7:b3:b1:44:de:1e:a5:3e:8c:c8:b6:7a: c3:09:8e:f0:2b:53:91:31:f6:9b:44:91:a6:c9:99:53:51:b8: 31:65:83:7a:76:e8:69:93:e3:e2:db:60:6c:91:67:b6:ce:57: b6:c3:94:19:71:db:14:15:c9:fa:5a:8b:d8:20:4d:62:b8:69: 0f:79:45:7f:ea:96:86:b8:62:4d:94:06:d0:ed:9c:a2:06:5b: b1:38:7f:92:8e:1b:ea:57:6f:22:bb:6a:f8:ff:fd:ba:bb:c1: ee:ed:3a:a1:1e:b3:b5:cc:e0:c5:e6:5b:a4:38:2e:8d:0e:b3: 16:7e:f6:b1:e0:a7:4a:4b:fa:8c:91:f4:35:f4:9e:bd:f8:ef: ae:f0:5a:3f:c4:9e:e3:42:f5:99:ea:b1:76:94:07:1f:36:be: 5f:f2:97:91:ec:16:72:5c:a9:6f:a5:15:9b:42:b6:b9:3b:d3: 73:6d:fc:14:e3:e8:2f:5c:45:ad:3f:0b:3c:23:66:ed:e0:e6: 20:25:39:6d:1b:3a:28:79:51:ee:a2:2f:5a:eb:ca:06:07:d9: cf:7b:6d:d9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCKBB/VNHsVdZBM6l1kcceRvoDR4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyNloX DTI3MDMwMzA2MjIyNlowMzExMC8GA1UEAxMoQjM1ODUwRDJFMTQzNDhFMkEzQURD MzY3Q0UzQ0ZBNjM1MjBEQTM4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJ73+HgLjK/g7meTC3VHiA0ydWmmvFbZzojal0MziE78AFNOevYE5U33Q6W +W/kSwmIf/ZMpNTVyhVL9YquxK47i3N/smd503cl6Q8YmhQBIDTNRltd0mptl4al VEY7maFFsAZROy4NPOcrn8aJAvCoaj24NKFoxeHlPUHhIujn8r6YhgarmXqBy9+W sduc8MJZVqrH/jvcPW7QBkFvbmu+DotndcOb/9NLB+CDYi+f7F89oGWmRmOyMh48 jePVXH/3XgdPQ0VR0CPkvG+VXsaHGElvvgDMnv5bFbJFcoI5j3sU3YRzEp6h2uwf wnY0d1mqFOo+V61wOZWLxwD+m1UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSzWFDS 4UNI4qOtw2fOPPpjUg2jgTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qa0wDQYJKoZIhvcNAQELBQADggEBAFknrz4/jENp6lncnzUtq6ahQSLFqD+Jp/AD SX6ppo7VV/RLyrw2bat3RcezsUTeHqU+jMi2esMJjvArU5Ex9ptEkabJmVNRuDFl g3p26GmT4+LbYGyRZ7bOV7bDlBlx2xQVyfpai9ggTWK4aQ95RX/qloa4Yk2UBtDt nKIGW7E4f5KOG+pXbyK7avj//bq7we7tOqEes7XM4MXmW6Q4Lo0OsxZ+9rHgp0pL +oyR9DX0nr34767wWj/EnuNC9ZnqsXaUBx82vl/yl5HsFnJcqW+lFZtCtrk703Nt /BTj6C9cRa0/CzwjZu3g5iAlOW0bOih5Ue6iL1rrygYH2c97bdk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:51 2026 by rpki-client