$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145135.roa File: AS145135.roa (raw, json) Hash identifier: jr9CZBsQOj4sfz33JQS9zPkvSYWv/Xcg1COGZKkkHDw= Subject key identifier: 27:07:62:9D:09:28:FF:12:F8:73:DB:E2:99:70:EC:B8:91:93:D9:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 06A316BEF4F2C464AB619025C51D8E6DCB0DC8F5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145135.roa Signing time: Wed 04 Mar 2026 06:19:35 +0000 ROA not before: Wed 04 Mar 2026 06:14:35 +0000 ROA not after: Wed 03 Mar 2027 06:19:35 +0000 asID: 145135 IP address blocks: 240a:a9b5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:a3:16:be:f4:f2:c4:64:ab:61:90:25:c5:1d:8e:6d:cb:0d:c8:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:35 2026 GMT Not After : Mar 3 06:19:35 2027 GMT Subject: CN=2707629D0928FF12F873DBE29970ECB89193D9F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:37:f6:d5:42:29:0d:4e:60:9a:df:c6:03:e0: 38:11:9f:d9:3a:45:67:41:53:4e:b8:b2:62:d2:91: aa:05:a2:83:e5:7c:e5:e6:94:29:1d:e3:4d:d2:fc: c3:d2:47:43:db:15:08:e0:83:6c:59:43:dc:cb:27: 71:4c:63:37:ea:39:9f:b6:11:1f:f8:41:f9:c8:e3: 45:74:f3:fd:03:bb:49:a7:e0:c3:9d:db:94:90:14: 53:0b:7d:5d:82:4c:de:9a:10:e7:0c:41:6f:7d:de: 9d:b4:4c:6d:76:a5:f3:40:f4:c5:5a:0d:7a:be:8c: 84:0b:71:02:f3:1d:c8:1e:97:67:ed:39:b1:3d:f1: ec:39:91:f3:4d:8d:d8:d6:5a:2a:2e:29:33:d2:10: 32:05:28:2b:ac:7a:8b:80:69:d7:a2:6a:cd:0d:9e: 13:5c:bb:e5:3e:78:f6:23:d6:42:b6:bd:f6:0d:39: 81:f7:e9:fa:3b:5d:d4:e7:c0:48:12:12:1e:3b:e2: f0:2d:1b:7b:98:a4:c3:96:a1:90:2b:a3:83:b1:47: 93:8a:88:81:00:50:20:f6:22:35:aa:ca:6b:6d:ef: 48:54:57:78:06:82:82:f2:6e:2a:c8:25:c1:1c:fa: 76:4f:be:4d:ae:c4:ef:ef:d5:55:56:dc:bc:06:1c: 69:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:07:62:9D:09:28:FF:12:F8:73:DB:E2:99:70:EC:B8:91:93:D9:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145135.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9b5::/32 Signature Algorithm: sha256WithRSAEncryption dc:c1:e9:1c:76:55:15:ba:10:e8:8a:8f:d2:8e:7c:d0:bb:79: 04:1c:cb:18:f7:6e:25:b6:dd:1c:84:08:e2:14:ec:ca:d6:82: 12:8f:b2:ed:d8:a4:d8:f4:ba:9a:58:63:bf:12:af:73:cb:65: 48:5a:b6:2e:54:c3:44:4f:86:fb:73:1b:23:aa:bf:6b:67:e1: 9c:78:05:bd:c8:6b:e7:98:ef:d9:dd:8b:53:a2:93:de:12:02: 0e:68:e3:2f:05:bb:45:7c:9d:9e:c6:65:54:7a:4d:07:4b:12: 0e:c7:45:23:ff:15:5f:cd:f9:88:f6:87:7e:1e:c2:ed:70:59: 1e:95:36:3e:ca:76:86:1a:b9:07:c6:c2:05:ff:cf:2a:57:f2: 14:49:79:23:82:c1:e5:d5:0b:17:6c:ee:7b:06:79:09:b2:df: 8e:fc:74:28:a8:6c:06:91:23:48:6b:5c:44:d7:64:cf:2f:8c: 7a:9a:6a:71:62:21:62:19:45:66:8a:99:26:fd:63:9b:f5:90: d8:b6:c2:49:d7:a9:6d:5d:d2:31:1a:1b:99:4c:f1:a2:bf:d6: c0:fb:a4:bb:73:b6:cf:3d:9e:0b:9b:87:79:2c:b0:63:ea:d8: 20:81:b2:d3:0d:a3:1b:57:cd:fd:b2:3f:ac:99:0d:5e:06:61: 2f:0b:30:8a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBqMWvvTyxGSrYZAlxR2ObcsNyPUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzNVoX DTI3MDMwMzA2MTkzNVowMzExMC8GA1UEAxMoMjcwNzYyOUQwOTI4RkYxMkY4NzNE QkUyOTk3MEVDQjg5MTkzRDlGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALs39tVCKQ1OYJrfxgPgOBGf2TpFZ0FTTriyYtKRqgWig+V85eaUKR3jTdL8 w9JHQ9sVCOCDbFlD3MsncUxjN+o5n7YRH/hB+cjjRXTz/QO7Safgw53blJAUUwt9 XYJM3poQ5wxBb33enbRMbXal80D0xVoNer6MhAtxAvMdyB6XZ+05sT3x7DmR802N 2NZaKi4pM9IQMgUoK6x6i4Bp16JqzQ2eE1y75T549iPWQra99g05gffp+jtd1OfA SBISHjvi8C0be5ikw5ahkCujg7FHk4qIgQBQIPYiNarKa23vSFRXeAaCgvJuKsgl wRz6dk++Ta7E7+/VVVbcvAYcaVECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQnB2Kd CSj/Evhz2+KZcOy4kZPZ9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEzNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qbUwDQYJKoZIhvcNAQELBQADggEBANzB6Rx2VRW6EOiKj9KOfNC7eQQcyxj3biW2 3RyECOIU7MrWghKPsu3YpNj0uppYY78Sr3PLZUhati5Uw0RPhvtzGyOqv2tn4Zx4 Bb3Ia+eY79ndi1Oik94SAg5o4y8Fu0V8nZ7GZVR6TQdLEg7HRSP/FV/N+Yj2h34e wu1wWR6VNj7KdoYauQfGwgX/zypX8hRJeSOCweXVCxds7nsGeQmy3478dCiobAaR I0hrXETXZM8vjHqaanFiIWIZRWaKmSb9Y5v1kNi2wknXqW1d0jEaG5lM8aK/1sD7 pLtzts89ngubh3kssGPq2CCBstMNoxtXzf2yP6yZDV4GYS8LMIo= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:43 2026 by rpki-client