$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145181.roa File: AS145181.roa (raw, json) Hash identifier: AQ6r0e5IKknOqcND+mUoPd5VP9VQ1toV/d6MWWb/HNw= Subject key identifier: 0E:B5:B2:11:CE:9D:F0:45:37:81:2C:FA:1C:EA:B8:7D:8E:70:B6:2C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0387592DBA15CA27653595B410BED18B718605A4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145181.roa Signing time: Wed 04 Mar 2026 06:21:26 +0000 ROA not before: Wed 04 Mar 2026 06:16:26 +0000 ROA not after: Wed 03 Mar 2027 06:21:26 +0000 asID: 145181 IP address blocks: 240a:a9e3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:87:59:2d:ba:15:ca:27:65:35:95:b4:10:be:d1:8b:71:86:05:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:26 2026 GMT Not After : Mar 3 06:21:26 2027 GMT Subject: CN=0EB5B211CE9DF04537812CFA1CEAB87D8E70B62C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:24:10:32:d4:db:c3:00:5e:ce:a5:cf:41:18: ab:64:4b:b2:4b:9c:56:95:bd:77:d8:2f:41:a2:26: 45:87:77:df:4f:70:ce:ba:2f:71:a7:37:00:87:80: 5a:b5:5e:97:d2:86:cc:ed:f2:d6:02:9e:6a:7a:c8: 66:85:6b:cd:22:79:6b:b1:da:1f:c6:0c:56:1c:75: 67:6a:45:4a:9c:a6:d4:b5:72:03:4c:ef:89:12:bc: bb:52:82:11:5b:50:e4:07:2c:a2:30:f0:2f:c6:e1: 10:6b:44:88:99:ac:bd:fe:fd:e1:b3:03:42:77:f2: dc:f8:5f:08:54:74:76:c6:5e:56:3b:43:d6:e4:5a: 00:83:35:f1:90:c6:84:b9:55:93:1a:ab:a0:f9:04: 86:77:f9:e8:35:7b:11:fb:f0:d0:6e:2d:04:14:aa: 03:8e:ff:ac:22:37:56:48:ab:8b:0e:60:c6:42:51: d9:6b:c4:e9:23:c2:25:20:02:5e:6a:57:03:d5:a4: 7a:f9:4d:04:d7:00:c6:b6:23:a4:fc:a9:0d:43:07: 2d:a5:2d:50:50:f0:c8:ab:a2:b8:fd:ee:47:7e:61: 6e:7a:09:84:5f:17:a7:93:b6:ec:27:24:d6:2b:df: 3b:d0:a8:e1:c4:0e:df:9b:aa:f5:38:c9:1f:ab:6d: 69:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:B5:B2:11:CE:9D:F0:45:37:81:2C:FA:1C:EA:B8:7D:8E:70:B6:2C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145181.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9e3::/32 Signature Algorithm: sha256WithRSAEncryption 94:eb:47:3f:9b:33:04:12:cf:c7:61:27:b9:e9:09:be:e7:55: 69:63:2e:68:68:69:a8:7f:e6:82:03:18:42:51:96:2b:b4:78: 3d:f9:ad:70:43:78:e8:09:74:39:81:f8:53:ff:94:e8:3c:da: bf:2d:65:4a:a6:90:98:aa:3b:f9:20:74:6f:e4:c3:df:13:c1: 59:44:67:11:62:df:7c:d5:47:ea:84:fa:b1:d3:7b:8b:23:da: a7:73:9f:c7:fd:7c:da:3f:4a:51:ac:35:77:6e:55:6b:67:14: d6:5a:eb:64:22:27:f3:39:64:5a:99:54:b2:fd:0e:82:c4:e3: 3f:ba:1f:54:df:84:e4:ee:a1:9b:a9:b5:15:8f:0e:c1:9b:c2: 0f:d2:02:4d:9f:f4:e2:67:65:02:8b:60:ac:7c:1e:fa:b5:18: 3d:e5:ff:6c:f6:f5:9b:10:26:01:af:80:5a:4c:a0:8f:ea:1b: 49:92:1a:cb:94:d0:81:17:d4:87:01:c9:f4:d3:98:f6:a8:d3: d6:2b:32:2b:ad:c7:9d:d5:93:1e:fa:f9:94:f3:94:3d:60:e8: 68:85:ee:13:92:d7:0c:fd:85:43:4b:07:3f:2b:e3:3d:2f:d0: c8:f9:58:2c:13:7f:1d:2c:05:c2:72:94:4a:8d:ba:56:60:01: f1:c7:65:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA4dZLboVyidlNZW0EL7Ri3GGBaQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyNloX DTI3MDMwMzA2MjEyNlowMzExMC8GA1UEAxMoMEVCNUIyMTFDRTlERjA0NTM3ODEy Q0ZBMUNFQUI4N0Q4RTcwQjYyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4kEDLU28MAXs6lz0EYq2RLskucVpW9d9gvQaImRYd3309wzrovcac3AIeA WrVel9KGzO3y1gKeanrIZoVrzSJ5a7HaH8YMVhx1Z2pFSpym1LVyA0zviRK8u1KC EVtQ5AcsojDwL8bhEGtEiJmsvf794bMDQnfy3PhfCFR0dsZeVjtD1uRaAIM18ZDG hLlVkxqroPkEhnf56DV7Efvw0G4tBBSqA47/rCI3Vkiriw5gxkJR2WvE6SPCJSAC XmpXA9WkevlNBNcAxrYjpPypDUMHLaUtUFDwyKuiuP3uR35hbnoJhF8Xp5O27Cck 1ivfO9Co4cQO35uq9TjJH6ttaU0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQOtbIR zp3wRTeBLPoc6rh9jnC2LDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTE4MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qeMwDQYJKoZIhvcNAQELBQADggEBAJTrRz+bMwQSz8dhJ7npCb7nVWljLmhoaah/ 5oIDGEJRliu0eD35rXBDeOgJdDmB+FP/lOg82r8tZUqmkJiqO/kgdG/kw98TwVlE ZxFi33zVR+qE+rHTe4sj2qdzn8f9fNo/SlGsNXduVWtnFNZa62QiJ/M5ZFqZVLL9 DoLE4z+6H1TfhOTuoZuptRWPDsGbwg/SAk2f9OJnZQKLYKx8Hvq1GD3l/2z29ZsQ JgGvgFpMoI/qG0mSGsuU0IEX1IcByfTTmPao09YrMiutx53Vkx76+ZTzlD1g6GiF 7hOS1wz9hUNLBz8r4z0v0Mj5WCwTfx0sBcJylEqNulZgAfHHZZA= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:23 2026 by rpki-client