$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145221.roa File: AS145221.roa (raw, json) Hash identifier: ZVrYtsJBJmipaptpz/BWRQ1DO4qJjGfoXIgoTbukWEg= Subject key identifier: 00:70:18:39:7D:4E:E3:48:E3:2B:9F:80:C7:C9:D0:F1:76:D2:43:A8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2492D00D256F94EDF39A58DC4037F59D88482772 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145221.roa Signing time: Wed 04 Mar 2026 06:20:54 +0000 ROA not before: Wed 04 Mar 2026 06:15:54 +0000 ROA not after: Wed 03 Mar 2027 06:20:54 +0000 asID: 145221 IP address blocks: 240a:aa0b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:92:d0:0d:25:6f:94:ed:f3:9a:58:dc:40:37:f5:9d:88:48:27:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:54 2026 GMT Not After : Mar 3 06:20:54 2027 GMT Subject: CN=007018397D4EE348E32B9F80C7C9D0F176D243A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:cb:d2:02:28:f9:87:0e:62:6f:47:73:3c:93: 57:dc:b4:af:d1:43:44:8c:0f:77:30:61:43:f8:d1: ca:38:33:a6:ea:d2:ee:9e:74:4f:21:24:8b:75:5a: 73:f0:6e:df:3c:f7:5e:d1:b5:69:c4:0f:5a:50:95: 16:33:2f:2e:fe:11:f0:12:b0:fa:da:ce:c6:ed:ac: f1:36:bf:9f:eb:92:04:3e:0e:d3:bc:9e:09:f8:46: 95:31:76:0d:6c:c1:b8:7a:68:7c:a4:7b:67:1d:e8: 82:47:10:9a:b1:1b:5b:1b:3d:58:94:a9:e6:d1:f5: cf:90:d4:a3:b8:fc:7a:e3:5f:ee:6f:89:7f:de:b9: 0e:6b:40:f4:d4:86:5b:49:ef:ad:a9:6e:c6:f1:61: 0f:e2:3e:d4:9f:92:00:74:b5:74:69:42:bf:a6:71: 61:3e:ae:e4:0c:d7:58:d3:b2:21:b1:45:36:81:f0: f7:c4:8d:ad:fb:f2:06:85:e2:b2:18:1c:dd:40:f9: b5:cf:75:91:7c:b6:89:1a:81:8d:45:93:f7:49:35: 3f:32:69:54:cd:74:3c:a1:02:45:ea:81:6a:ca:2c: 5f:fe:5f:53:ae:df:63:a7:8f:af:17:40:60:7b:0d: 0a:00:eb:79:be:c1:0f:b6:a2:da:cb:f9:44:35:2f: 92:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:70:18:39:7D:4E:E3:48:E3:2B:9F:80:C7:C9:D0:F1:76:D2:43:A8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145221.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa0b::/32 Signature Algorithm: sha256WithRSAEncryption b1:56:c5:82:d3:a9:02:05:5d:27:2a:a5:5e:be:ec:b9:15:a7: 44:53:5f:c4:fc:c4:ed:e2:4a:d3:12:70:6e:ce:47:0b:55:40: 75:ac:12:15:be:f2:0f:cc:5e:10:e0:3a:85:28:47:60:90:d9: 82:2e:6f:ca:4f:5c:c2:fe:f0:c1:e3:e4:ca:4f:55:61:f1:ae: 91:77:a8:41:da:20:37:3e:d3:b2:d5:fd:23:b9:86:6e:05:43: 79:30:c1:12:af:c0:0b:ca:fe:74:6b:35:ed:7a:44:bc:48:d3: 7a:33:d7:52:98:03:58:4f:9f:21:ab:8a:6f:be:05:d0:cf:f4: b1:01:2d:e0:7a:0a:95:7c:55:91:14:11:75:ca:9d:21:6b:4b: 0c:8e:3d:df:f7:c8:fa:2f:c4:31:06:9a:16:71:8f:84:74:0e: 41:3c:af:8c:0a:fe:9c:86:fc:b0:ab:2a:eb:67:03:58:d9:d5: 45:e6:f6:65:2a:fe:ce:e4:76:79:62:3a:ff:5c:e6:b7:78:94: 57:ae:18:97:c6:f1:3e:1e:40:94:39:e7:59:07:24:65:2b:d0: 93:e7:7c:fc:8f:6a:99:24:51:10:18:b5:b7:59:1a:bc:24:95: 7c:b3:98:c2:3f:0a:44:99:44:5e:53:14:8f:0e:60:f4:ff:32: 41:7a:66:0d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJJLQDSVvlO3zmljcQDf1nYhIJ3IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1NFoX DTI3MDMwMzA2MjA1NFowMzExMC8GA1UEAxMoMDA3MDE4Mzk3RDRFRTM0OEUzMkI5 RjgwQzdDOUQwRjE3NkQyNDNBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMLL0gIo+YcOYm9HczyTV9y0r9FDRIwPdzBhQ/jRyjgzpurS7p50TyEki3Va c/Bu3zz3XtG1acQPWlCVFjMvLv4R8BKw+trOxu2s8Ta/n+uSBD4O07yeCfhGlTF2 DWzBuHpofKR7Zx3ogkcQmrEbWxs9WJSp5tH1z5DUo7j8euNf7m+Jf965DmtA9NSG W0nvraluxvFhD+I+1J+SAHS1dGlCv6ZxYT6u5AzXWNOyIbFFNoHw98SNrfvyBoXi shgc3UD5tc91kXy2iRqBjUWT90k1PzJpVM10PKECReqBasosX/5fU67fY6ePrxdA YHsNCgDreb7BD7ai2sv5RDUvkrsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQAcBg5 fU7jSOMrn4DHydDxdtJDqDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qgswDQYJKoZIhvcNAQELBQADggEBALFWxYLTqQIFXScqpV6+7LkVp0RTX8T8xO3i StMScG7ORwtVQHWsEhW+8g/MXhDgOoUoR2CQ2YIub8pPXML+8MHj5MpPVWHxrpF3 qEHaIDc+07LV/SO5hm4FQ3kwwRKvwAvK/nRrNe16RLxI03oz11KYA1hPnyGrim++ BdDP9LEBLeB6CpV8VZEUEXXKnSFrSwyOPd/3yPovxDEGmhZxj4R0DkE8r4wK/pyG /LCrKutnA1jZ1UXm9mUq/s7kdnliOv9c5rd4lFeuGJfG8T4eQJQ551kHJGUr0JPn fPyPapkkURAYtbdZGrwklXyzmMI/CkSZRF5TFI8OYPT/MkF6Zg0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:21 2026 by rpki-client