$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145137.roa File: AS145137.roa (raw, json) Hash identifier: XW1OCY+JQ1Lpei6Un73Dr68UeXKRjoaixl7huyY7USk= Subject key identifier: 2A:20:A4:08:CB:B4:9F:E3:8C:28:F1:10:5B:7E:B2:7D:B9:3A:2F:19 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1FBA21FEA4D2E0311A95150235A42A1E8A7F0B4D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145137.roa Signing time: Wed 04 Mar 2026 06:20:18 +0000 ROA not before: Wed 04 Mar 2026 06:15:18 +0000 ROA not after: Wed 03 Mar 2027 06:20:18 +0000 asID: 145137 IP address blocks: 240a:a9b7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:ba:21:fe:a4:d2:e0:31:1a:95:15:02:35:a4:2a:1e:8a:7f:0b:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:18 2026 GMT Not After : Mar 3 06:20:18 2027 GMT Subject: CN=2A20A408CBB49FE38C28F1105B7EB27DB93A2F19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:10:98:51:ae:58:0c:c4:1a:9a:89:a7:a3:e0: b2:b9:1b:c9:e5:3a:a0:3d:8d:72:64:a0:e6:5a:b8: 62:79:9c:cd:e2:87:d1:29:38:36:5d:2c:3c:87:16: c0:e2:da:c4:c5:89:9c:86:fc:48:d3:12:65:ff:2d: 7a:38:4c:4b:ed:2a:93:e5:49:d6:74:50:4b:4d:c6: ab:fe:ec:6b:ce:d6:db:e9:3d:b0:5a:5a:a7:94:c8: ff:ca:95:9c:60:68:13:06:ef:a5:e2:fd:cd:d1:df: 56:78:2e:6a:01:18:58:c7:b5:bf:fe:4f:de:4b:00: 01:7f:51:ad:55:16:c3:68:75:33:33:28:54:ca:e0: e0:cd:51:a3:e4:23:81:d0:86:ba:1c:99:04:9d:7d: 45:36:c2:f1:01:8d:33:c5:96:8b:e4:b9:41:9e:d5: 4e:38:75:84:fc:a7:d7:3c:cf:f2:df:db:63:d0:54: c5:b1:b8:04:81:45:43:2f:9c:27:1a:79:b3:5d:c8: ff:94:19:0b:a8:80:4a:d2:3a:73:26:25:67:44:80: 06:50:43:40:c9:bf:5e:40:3e:2f:da:05:48:a8:4b: f1:a3:b6:5c:0a:04:df:e2:f7:ae:03:ad:7c:54:15: 5d:9c:a0:4a:80:b4:eb:f6:c3:26:e4:de:fc:d4:a3: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:20:A4:08:CB:B4:9F:E3:8C:28:F1:10:5B:7E:B2:7D:B9:3A:2F:19 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145137.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9b7::/32 Signature Algorithm: sha256WithRSAEncryption b4:1e:ff:f5:a2:de:66:d2:f6:19:e7:f7:b8:fe:1e:33:8f:29: 1c:df:ce:80:5c:9c:f8:77:69:f7:c2:5e:81:b5:c8:6e:35:11: bd:e5:e5:b5:37:87:75:f5:64:9e:9f:69:c6:79:fd:e5:62:d8: 92:a2:44:47:54:ee:c0:d8:f6:a4:e6:5e:43:69:93:3f:86:16: 17:2e:6e:8e:25:4c:eb:a8:80:2a:d5:34:fa:b2:d5:68:54:6a: bf:00:94:cb:2c:ea:37:5c:8c:fb:e2:20:d0:c0:f0:a8:98:32: 89:2c:14:5d:c3:a9:af:d6:58:f9:9a:a9:14:52:0f:12:be:0d: 2d:93:11:f5:9a:ba:f6:08:e9:1c:47:f7:06:7e:0e:f1:dc:18: 85:1b:f6:16:89:62:8d:8f:66:92:88:f4:e9:c2:a8:48:08:da: 79:19:01:72:7d:fd:bb:f8:b4:5b:df:0c:de:91:66:de:e6:51: 3e:a1:b7:31:1e:04:c0:19:96:05:a9:a8:27:d6:71:ff:8d:a0: 1e:d8:b7:0c:1a:fc:12:c8:56:71:6e:99:5c:dd:1e:8e:25:c0: 64:a0:d1:74:af:4c:c2:39:30:34:6d:04:ca:db:e5:08:8e:8d: cf:29:81:8f:73:ca:9b:db:1f:8c:f1:56:8e:0c:30:99:6d:f5: af:10:b7:d3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUH7oh/qTS4DEalRUCNaQqHop/C00wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxOFoX DTI3MDMwMzA2MjAxOFowMzExMC8GA1UEAxMoMkEyMEE0MDhDQkI0OUZFMzhDMjhG MTEwNUI3RUIyN0RCOTNBMkYxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJUQmFGuWAzEGpqJp6PgsrkbyeU6oD2NcmSg5lq4YnmczeKH0Sk4Nl0sPIcW wOLaxMWJnIb8SNMSZf8tejhMS+0qk+VJ1nRQS03Gq/7sa87W2+k9sFpap5TI/8qV nGBoEwbvpeL9zdHfVnguagEYWMe1v/5P3ksAAX9RrVUWw2h1MzMoVMrg4M1Ro+Qj gdCGuhyZBJ19RTbC8QGNM8WWi+S5QZ7VTjh1hPyn1zzP8t/bY9BUxbG4BIFFQy+c Jxp5s13I/5QZC6iAStI6cyYlZ0SABlBDQMm/XkA+L9oFSKhL8aO2XAoE3+L3rgOt fFQVXZygSoC06/bDJuTe/NSjuTECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQqIKQI y7Sf44wo8RBbfrJ9uTovGTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qbcwDQYJKoZIhvcNAQELBQADggEBALQe//Wi3mbS9hnn97j+HjOPKRzfzoBcnPh3 affCXoG1yG41Eb3l5bU3h3X1ZJ6facZ5/eVi2JKiREdU7sDY9qTmXkNpkz+GFhcu bo4lTOuogCrVNPqy1WhUar8AlMss6jdcjPviINDA8KiYMoksFF3Dqa/WWPmaqRRS DxK+DS2TEfWauvYI6RxH9wZ+DvHcGIUb9haJYo2PZpKI9OnCqEgI2nkZAXJ9/bv4 tFvfDN6RZt7mUT6htzEeBMAZlgWpqCfWcf+NoB7Ytwwa/BLIVnFumVzdHo4lwGSg 0XSvTMI5MDRtBMrb5QiOjc8pgY9zypvbH4zxVo4MMJlt9a8Qt9M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:17 2026 by rpki-client