$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145175.roa File: AS145175.roa (raw, json) Hash identifier: Dxk8xU+yOaj4pFntc+Yh2EmSVpJl8K0/zFrwZOORheY= Subject key identifier: 41:CD:C3:76:9F:7D:15:57:96:B9:07:B9:DB:28:75:96:19:17:4F:16 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3078EA47039C350C7732727A767307BC088C5669 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145175.roa Signing time: Wed 04 Mar 2026 06:22:23 +0000 ROA not before: Wed 04 Mar 2026 06:17:23 +0000 ROA not after: Wed 03 Mar 2027 06:22:23 +0000 asID: 145175 IP address blocks: 240a:a9dd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:78:ea:47:03:9c:35:0c:77:32:72:7a:76:73:07:bc:08:8c:56:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:23 2026 GMT Not After : Mar 3 06:22:23 2027 GMT Subject: CN=41CDC3769F7D155796B907B9DB28759619174F16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:bd:10:20:39:61:7e:7d:07:f9:8a:1f:e2:72: 94:3a:97:b2:16:b1:04:bc:90:f7:86:10:07:d4:26: c9:69:33:98:60:c6:da:05:b6:fd:2a:53:e2:d0:07: 81:2e:9e:0d:6d:d4:40:55:ad:a9:24:c2:49:25:99: 24:05:39:b4:79:32:e1:59:1f:b9:2b:1f:87:cd:60: de:e2:1a:8c:aa:4a:fb:ca:1b:9d:0a:7b:c6:9f:30: d9:94:e4:50:d8:76:74:00:83:1c:0d:27:4b:db:e4: 8a:a1:74:8a:3c:7d:23:eb:54:f1:88:c7:6d:f2:85: b7:cb:2a:ed:80:fe:15:06:67:89:3e:7e:cc:4d:7e: 18:8b:ba:13:8e:56:94:a6:b1:62:fa:3b:9c:c7:a0: bb:f4:21:fd:0d:c4:1c:d4:cf:c7:ae:13:de:c4:e1: 86:89:92:f2:5c:b7:e6:a2:dc:e3:47:d9:2b:84:51: 87:81:91:51:13:fc:96:10:4a:b7:d4:10:cb:26:00: a9:ef:58:b2:d3:b7:ee:96:d3:ec:81:b5:30:0e:1f: c4:1b:6b:7a:4d:25:79:88:1e:16:e8:e7:ae:cb:fe: b8:77:4a:38:05:f7:6f:5a:68:2b:87:0d:bd:ee:62: 3d:c1:b6:83:27:25:cf:81:8c:e6:51:98:8b:a7:71: de:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:CD:C3:76:9F:7D:15:57:96:B9:07:B9:DB:28:75:96:19:17:4F:16 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145175.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9dd::/32 Signature Algorithm: sha256WithRSAEncryption 32:57:b0:58:91:9b:6e:0a:23:f2:c2:c4:02:26:c7:dc:28:6b: a5:b0:b9:82:0f:db:3a:a5:a7:9e:8e:47:bf:c1:d4:4f:67:43: 3c:48:2e:e6:9c:e5:3e:5c:20:3b:5d:b9:85:54:ad:c2:49:4c: 13:48:c5:78:86:4e:82:cc:73:cd:73:8d:15:8a:f8:ea:47:f4: 6f:86:06:9e:1a:25:b7:e0:4f:05:c3:d5:9e:b4:b3:a6:83:3b: 11:42:0d:46:7e:1c:42:2e:0b:66:b4:aa:71:d2:4f:04:cc:0e: 7c:c8:29:13:95:79:ab:f9:c7:46:e9:c3:27:cc:5f:43:6e:72: 0f:fc:e4:0a:19:d1:f1:b4:d5:99:47:03:ec:5a:d6:da:14:9c: 02:21:72:01:c3:33:6b:69:18:86:c0:17:fb:d1:bc:8f:21:ad: fe:1f:0f:ea:2c:90:45:fb:24:ec:43:04:c1:c8:e9:2b:6d:8c: 22:28:4c:c2:71:47:29:73:01:1e:fc:ba:45:c9:71:05:39:ca: 7b:bc:d9:25:a9:d9:4c:5b:20:4a:92:a9:49:c2:9b:5f:e8:94: 4c:16:6b:2e:ab:30:58:5d:f2:f9:d1:41:11:d9:fb:02:17:55: 97:85:e1:3b:51:19:11:45:e7:0d:1e:03:10:05:4d:1a:9b:de: a9:24:c9:3d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMHjqRwOcNQx3MnJ6dnMHvAiMVmkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyM1oX DTI3MDMwMzA2MjIyM1owMzExMC8GA1UEAxMoNDFDREMzNzY5RjdEMTU1Nzk2Qjkw N0I5REIyODc1OTYxOTE3NEYxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKe9ECA5YX59B/mKH+JylDqXshaxBLyQ94YQB9QmyWkzmGDG2gW2/SpT4tAH gS6eDW3UQFWtqSTCSSWZJAU5tHky4VkfuSsfh81g3uIajKpK+8obnQp7xp8w2ZTk UNh2dACDHA0nS9vkiqF0ijx9I+tU8YjHbfKFt8sq7YD+FQZniT5+zE1+GIu6E45W lKaxYvo7nMegu/Qh/Q3EHNTPx64T3sThhomS8ly35qLc40fZK4RRh4GRURP8lhBK t9QQyyYAqe9YstO37pbT7IG1MA4fxBtrek0leYgeFujnrsv+uHdKOAX3b1poK4cN ve5iPcG2gyclz4GM5lGYi6dx3gsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRBzcN2 n30VV5a5B7nbKHWWGRdPFjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTE3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qd0wDQYJKoZIhvcNAQELBQADggEBADJXsFiRm24KI/LCxAImx9woa6WwuYIP2zql p56OR7/B1E9nQzxILuac5T5cIDtduYVUrcJJTBNIxXiGToLMc81zjRWK+OpH9G+G Bp4aJbfgTwXD1Z60s6aDOxFCDUZ+HEIuC2a0qnHSTwTMDnzIKROVeav5x0bpwyfM X0Nucg/85AoZ0fG01ZlHA+xa1toUnAIhcgHDM2tpGIbAF/vRvI8hrf4fD+oskEX7 JOxDBMHI6SttjCIoTMJxRylzAR78ukXJcQU5ynu82SWp2UxbIEqSqUnCm1/olEwW ay6rMFhd8vnRQRHZ+wIXVZeF4TtRGRFF5w0eAxAFTRqb3qkkyT0= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:24 2026 by rpki-client