$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145171.roa File: AS145171.roa (raw, json) Hash identifier: azXw1prU8OmzKNx9eeaMRDVEtgA4NKeyEtYy3Olg40A= Subject key identifier: 7F:C0:0F:67:01:68:07:DE:77:70:D1:9E:63:49:BC:72:10:77:8A:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 722BC5F377916604BE3502CCA1586B2567F26C11 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145171.roa Signing time: Wed 04 Mar 2026 06:22:22 +0000 ROA not before: Wed 04 Mar 2026 06:17:22 +0000 ROA not after: Wed 03 Mar 2027 06:22:22 +0000 asID: 145171 IP address blocks: 240a:a9d9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:2b:c5:f3:77:91:66:04:be:35:02:cc:a1:58:6b:25:67:f2:6c:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:22 2026 GMT Not After : Mar 3 06:22:22 2027 GMT Subject: CN=7FC00F67016807DE7770D19E6349BC7210778A13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a0:54:f1:84:1f:3c:e7:2c:08:e4:d3:9f:12: 00:23:9a:01:55:f2:00:9a:08:10:b8:ae:bd:6f:53: af:62:ba:23:04:a5:5e:71:b9:be:f0:b4:de:01:89: df:95:2d:84:f9:ab:4e:32:48:b0:35:4d:a2:14:b1: 07:64:28:64:3a:22:84:b0:df:c7:ad:0c:e4:26:1b: 23:18:a7:6f:a3:c9:64:f5:0c:14:8e:cd:0e:75:45: b5:ca:91:78:fa:a2:bf:80:17:7e:08:5e:17:de:50: 69:fe:7b:ee:93:13:e7:2f:23:57:cb:80:bd:ec:16: a3:a3:a7:dd:c2:c5:fd:6b:10:70:bd:0b:a6:72:4f: 4a:ed:52:72:b4:0a:bb:7e:03:7c:aa:c4:f5:d6:4c: f2:53:c3:d4:45:00:e0:f4:d0:68:c3:71:99:30:0b: b1:09:ab:a0:da:11:6a:c2:74:d7:32:68:d6:d4:39: 58:80:d3:80:6e:2c:8a:c0:b8:46:44:2c:06:e8:78: df:de:29:7b:2b:6c:bf:23:6a:86:d2:ec:5f:89:f0: 2a:83:f5:83:41:20:c3:4d:9a:1f:de:30:89:95:bf: 93:75:2f:c0:d4:65:45:ba:e0:d2:a5:60:fe:de:fb: 44:1a:7a:76:74:d3:b0:a6:19:50:95:df:ef:e7:94: 1b:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:C0:0F:67:01:68:07:DE:77:70:D1:9E:63:49:BC:72:10:77:8A:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145171.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9d9::/32 Signature Algorithm: sha256WithRSAEncryption 63:80:79:2c:dc:c9:48:fd:e4:a6:9a:7c:08:62:64:db:19:79: e7:ab:ee:9f:dd:d4:c7:fd:b3:62:14:9c:5b:28:a3:f4:26:0b: 50:f9:28:6e:a0:bc:4a:65:50:bb:ca:ef:a2:ea:81:da:8e:4f: 1a:9b:8d:57:75:8b:3d:c8:18:8f:04:40:cf:0d:69:75:3c:04: 99:99:77:32:21:58:3a:bc:25:bb:f8:d7:91:4a:7a:b1:9b:12: 76:a1:f6:b3:ff:91:8d:29:0f:06:6f:70:98:1e:07:59:3d:8e: fd:cc:8c:9f:4b:07:78:d5:31:a1:3d:e2:3e:b1:6a:18:79:72: 5b:ad:4b:a1:0c:f2:a7:92:12:9f:a3:f4:93:2f:42:31:80:0c: 23:bb:8a:b7:09:ab:b1:96:78:38:83:3b:26:24:ce:71:ed:3e: f8:97:40:b6:c7:26:8d:a0:6d:2b:3b:bd:52:3a:e6:27:26:b6: 23:30:e2:6c:29:17:a6:54:09:ac:5c:10:9e:cf:01:b4:ec:f3: ae:ba:6c:43:63:62:40:cf:91:01:6f:94:ec:aa:9a:70:e0:9d: af:0c:5b:41:bf:91:50:97:80:9d:04:4e:56:ac:79:80:02:64: ab:96:bb:04:af:6c:32:ae:ae:e7:d9:0f:69:c9:52:73:e5:c0: 6b:ad:df:8c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcivF83eRZgS+NQLMoVhrJWfybBEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyMloX DTI3MDMwMzA2MjIyMlowMzExMC8GA1UEAxMoN0ZDMDBGNjcwMTY4MDdERTc3NzBE MTlFNjM0OUJDNzIxMDc3OEExMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMOgVPGEHzznLAjk058SACOaAVXyAJoIELiuvW9Tr2K6IwSlXnG5vvC03gGJ 35UthPmrTjJIsDVNohSxB2QoZDoihLDfx60M5CYbIxinb6PJZPUMFI7NDnVFtcqR ePqiv4AXfgheF95Qaf577pMT5y8jV8uAvewWo6On3cLF/WsQcL0LpnJPSu1ScrQK u34DfKrE9dZM8lPD1EUA4PTQaMNxmTALsQmroNoRasJ01zJo1tQ5WIDTgG4sisC4 RkQsBuh4394peytsvyNqhtLsX4nwKoP1g0Egw02aH94wiZW/k3UvwNRlRbrg0qVg /t77RBp6dnTTsKYZUJXf7+eUGysCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR/wA9n AWgH3ndw0Z5jSbxyEHeKEzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTE3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qdkwDQYJKoZIhvcNAQELBQADggEBAGOAeSzcyUj95KaafAhiZNsZeeer7p/d1Mf9 s2IUnFsoo/QmC1D5KG6gvEplULvK76LqgdqOTxqbjVd1iz3IGI8EQM8NaXU8BJmZ dzIhWDq8Jbv415FKerGbEnah9rP/kY0pDwZvcJgeB1k9jv3MjJ9LB3jVMaE94j6x ahh5clutS6EM8qeSEp+j9JMvQjGADCO7ircJq7GWeDiDOyYkznHtPviXQLbHJo2g bSs7vVI65icmtiMw4mwpF6ZUCaxcEJ7PAbTs8666bENjYkDPkQFvlOyqmnDgna8M W0G/kVCXgJ0ETlaseYACZKuWuwSvbDKurufZD2nJUnPlwGut34w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:20 2026 by rpki-client