$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145177.roa File: AS145177.roa (raw, json) Hash identifier: PxN7XIQ7dSOE4UhR6U5O97piYf+RI2JBKXEKxzKuOTM= Subject key identifier: D2:5F:8D:79:09:C9:3D:4E:01:59:F8:96:20:FD:B7:48:CD:4B:A7:E9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 269E9D4C6D7FE7AB474C5F453942B43D42B0E760 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145177.roa Signing time: Wed 04 Mar 2026 06:19:47 +0000 ROA not before: Wed 04 Mar 2026 06:14:47 +0000 ROA not after: Wed 03 Mar 2027 06:19:47 +0000 asID: 145177 IP address blocks: 240a:a9df::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:9e:9d:4c:6d:7f:e7:ab:47:4c:5f:45:39:42:b4:3d:42:b0:e7:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:47 2026 GMT Not After : Mar 3 06:19:47 2027 GMT Subject: CN=D25F8D7909C93D4E0159F89620FDB748CD4BA7E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f5:ab:24:af:05:8d:5d:0d:19:0c:9a:8e:c8: 7d:5f:cc:4e:d8:bd:bb:40:47:e5:6c:96:57:e0:e6: a5:7f:2a:1d:40:92:ca:f0:63:b5:71:d6:dc:12:53: 26:c0:22:95:18:49:e7:74:db:70:a5:db:11:25:71: 6b:89:b1:dd:bd:4b:ba:f4:f6:25:4f:a4:5d:b5:ff: 40:aa:3c:a0:47:fe:22:28:2a:3c:71:6c:17:c3:e8: 73:65:26:4b:87:c2:2a:f6:7b:ba:00:e7:34:55:22: 0f:a4:82:7a:76:93:87:9b:2e:b8:fa:9b:60:b6:01: b1:f8:62:ed:3d:67:a4:08:59:75:d6:f3:44:7a:a7: dd:7a:4e:c0:8d:61:4b:e9:8e:c8:c1:47:24:d2:9c: 1a:81:c4:4e:9c:56:c9:0a:02:0f:12:ea:d1:9f:c6: 9a:5b:6a:94:27:9e:f2:18:e7:57:d1:0e:f5:d0:1c: 53:cd:17:6e:e2:9e:a8:05:b9:cc:21:2e:37:10:dd: a8:19:70:cf:17:bb:7b:98:8d:1f:72:bb:d6:07:2c: bf:c0:21:25:d2:3f:28:e4:df:ea:89:98:ea:26:50: 07:c1:b9:2c:f7:1b:b7:f1:f9:fe:12:10:29:2b:76: 89:18:9c:56:ef:1a:e5:cb:68:ea:55:d0:0f:8f:c1: e4:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:5F:8D:79:09:C9:3D:4E:01:59:F8:96:20:FD:B7:48:CD:4B:A7:E9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145177.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9df::/32 Signature Algorithm: sha256WithRSAEncryption cc:78:59:f4:49:29:d6:0e:01:cb:1f:5d:5c:2b:d3:b2:b4:dd: 8c:f3:81:98:d7:4c:eb:e3:83:ea:44:b6:92:50:3f:0a:01:61: 35:4b:cd:da:90:41:f5:27:7c:89:1c:77:e4:7b:fc:1f:9f:5e: b6:4b:d6:81:f5:f8:be:9d:dd:93:90:d4:83:74:1e:bf:5e:34: f7:21:50:ab:ff:f2:89:07:bf:5d:ea:5f:60:25:ef:d2:35:ae: cc:4a:b1:f2:07:0d:11:91:9d:8f:19:e5:1e:26:a6:cf:60:a7: 2b:ec:e9:5d:69:b9:90:08:03:08:73:c4:ed:a0:ee:9e:02:1d: a8:45:67:e6:08:45:6a:64:de:5b:03:b1:e9:ba:80:cb:c2:74: dd:e5:ba:b1:03:ad:ec:fc:e8:c6:55:bd:a4:2c:ed:52:83:98: f1:ce:8a:23:e1:c2:7a:ab:00:d0:f5:e0:5c:77:f2:d4:66:8c: 93:e9:99:c7:a9:bf:4b:14:73:cc:3c:77:82:09:29:e1:d9:eb: cf:21:a2:f4:2c:8c:99:84:a7:30:2b:96:7b:e7:0d:f8:64:d0: eb:d7:69:41:ee:65:90:85:5a:1e:e9:1e:c8:e1:ba:7c:a3:d0: 7f:67:50:d3:54:16:87:04:0e:1f:5d:6a:d6:6c:87:ab:0b:68: e8:aa:c2:21 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJp6dTG1/56tHTF9FOUK0PUKw52AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0N1oX DTI3MDMwMzA2MTk0N1owMzExMC8GA1UEAxMoRDI1RjhENzkwOUM5M0Q0RTAxNTlG ODk2MjBGREI3NDhDRDRCQTdFOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALb1qySvBY1dDRkMmo7IfV/MTti9u0BH5WyWV+DmpX8qHUCSyvBjtXHW3BJT JsAilRhJ53TbcKXbESVxa4mx3b1LuvT2JU+kXbX/QKo8oEf+IigqPHFsF8Poc2Um S4fCKvZ7ugDnNFUiD6SCenaTh5suuPqbYLYBsfhi7T1npAhZddbzRHqn3XpOwI1h S+mOyMFHJNKcGoHETpxWyQoCDxLq0Z/GmltqlCee8hjnV9EO9dAcU80XbuKeqAW5 zCEuNxDdqBlwzxe7e5iNH3K71gcsv8AhJdI/KOTf6omY6iZQB8G5LPcbt/H5/hIQ KSt2iRicVu8a5cto6lXQD4/B5NECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTSX415 Cck9TgFZ+JYg/bdIzUun6TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTE3Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qd8wDQYJKoZIhvcNAQELBQADggEBAMx4WfRJKdYOAcsfXVwr07K03YzzgZjXTOvj g+pEtpJQPwoBYTVLzdqQQfUnfIkcd+R7/B+fXrZL1oH1+L6d3ZOQ1IN0Hr9eNPch UKv/8okHv13qX2Al79I1rsxKsfIHDRGRnY8Z5R4mps9gpyvs6V1puZAIAwhzxO2g 7p4CHahFZ+YIRWpk3lsDsem6gMvCdN3lurEDrez86MZVvaQs7VKDmPHOiiPhwnqr AND14Fx38tRmjJPpmcepv0sUc8w8d4IJKeHZ688hovQsjJmEpzArlnvnDfhk0OvX aUHuZZCFWh7pHsjhunyj0H9nUNNUFocEDh9datZsh6sLaOiqwiE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:37 2026 by rpki-client