$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145261.roa File: AS145261.roa (raw, json) Hash identifier: VGNnr70DZYQ7fYAmwQCWDXwgoybP2spTQZr3Obm/Xt0= Subject key identifier: 76:FE:D6:80:81:CE:06:E2:7C:D6:1B:5D:18:0F:BB:0B:C6:43:5D:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4B46D289CC956D8A20F9AAAA69544B5A4F9A5C26 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145261.roa Signing time: Wed 04 Mar 2026 06:20:03 +0000 ROA not before: Wed 04 Mar 2026 06:15:03 +0000 ROA not after: Wed 03 Mar 2027 06:20:03 +0000 asID: 145261 IP address blocks: 240a:aa33::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:46:d2:89:cc:95:6d:8a:20:f9:aa:aa:69:54:4b:5a:4f:9a:5c:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:03 2026 GMT Not After : Mar 3 06:20:03 2027 GMT Subject: CN=76FED68081CE06E27CD61B5D180FBB0BC6435DE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5e:fe:33:21:db:4c:ca:ff:69:b6:1b:e8:38: de:15:d4:14:3e:2b:a1:13:fb:ba:ff:ad:b5:12:e7: 35:cf:9f:6b:bf:dc:29:31:06:7f:69:8c:8a:0f:60: 3f:d4:34:0d:21:66:e0:5a:fa:c6:82:3d:68:6b:ec: 1f:8b:cb:ec:f6:89:9b:18:fb:01:95:8f:e2:78:f8: 46:64:69:a3:12:85:ff:0b:1f:e6:2f:af:c7:80:33: 72:3a:e5:6f:01:6b:04:aa:dd:1f:94:05:e2:e8:50: d1:fb:22:5b:f9:91:d6:25:19:e6:e7:de:44:7e:dc: 68:a3:e7:9a:a7:16:3b:77:29:9a:90:07:61:64:93: f1:e8:23:00:e9:13:4a:20:cf:2c:e5:2d:c0:0b:44: 82:61:56:1f:88:c4:04:63:6f:da:93:9f:27:6f:55: f5:4f:3f:03:ce:be:28:0b:85:54:23:9a:de:86:32: 7a:5c:93:a2:e5:aa:05:d5:d5:26:9f:2f:c4:3f:bc: a6:43:c2:df:19:3b:eb:48:96:09:9b:37:fa:7e:06: 0a:22:2f:c8:cb:de:42:b5:01:1e:1d:4e:d4:49:5f: 4c:73:71:bb:bd:a4:ea:96:8b:d6:6d:c3:60:61:a3: 69:8b:a1:14:d0:e6:22:62:40:bc:b1:98:54:38:25: fc:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:FE:D6:80:81:CE:06:E2:7C:D6:1B:5D:18:0F:BB:0B:C6:43:5D:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145261.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa33::/32 Signature Algorithm: sha256WithRSAEncryption 18:01:fc:39:32:f1:0c:fc:b6:9e:ea:7c:7c:51:05:02:9e:a8: b9:50:d8:8f:c4:0f:5b:2b:1d:c3:cd:bc:c3:8e:99:ae:1e:44: ec:70:a3:ff:f3:b4:0d:fe:1a:e8:69:7f:91:fd:e0:7f:05:7b: 82:6f:74:68:b2:0f:34:85:db:f4:00:13:9d:3d:9c:af:96:15: 6e:52:99:bb:84:d4:28:7f:fa:39:2f:93:75:ee:2f:ec:72:1c: d0:f8:04:c3:0f:6d:2f:f9:e1:9a:b4:ed:f7:81:6b:40:4d:07: 89:1c:be:8d:03:ff:52:22:1b:5e:7e:c0:a5:45:9f:0d:35:81: 6c:49:8e:8c:16:56:b7:9b:b6:c4:d8:b2:12:64:75:ed:f5:14: 9a:ee:0a:eb:d3:de:db:d1:c6:04:da:3f:79:a5:54:47:8b:3a: ce:58:c2:44:fa:48:03:30:92:3f:ac:b7:d9:2e:3d:1a:44:28: b8:ce:28:cc:bb:51:7c:51:82:4a:08:63:a8:bd:27:ae:cf:af: 69:56:8b:9c:37:b7:1e:39:c5:2c:d8:eb:dd:08:01:9c:f2:95: 4c:69:b8:4b:94:aa:8e:af:69:ba:2d:46:07:5f:be:af:32:83: be:4a:ed:21:5e:54:1d:c0:e3:2d:59:cd:94:4d:60:8a:11:d3: 61:42:4a:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUS0bSicyVbYog+aqqaVRLWk+aXCYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwM1oX DTI3MDMwMzA2MjAwM1owMzExMC8GA1UEAxMoNzZGRUQ2ODA4MUNFMDZFMjdDRDYx QjVEMTgwRkJCMEJDNjQzNURFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1e/jMh20zK/2m2G+g43hXUFD4roRP7uv+ttRLnNc+fa7/cKTEGf2mMig9g P9Q0DSFm4Fr6xoI9aGvsH4vL7PaJmxj7AZWP4nj4RmRpoxKF/wsf5i+vx4Azcjrl bwFrBKrdH5QF4uhQ0fsiW/mR1iUZ5ufeRH7caKPnmqcWO3cpmpAHYWST8egjAOkT SiDPLOUtwAtEgmFWH4jEBGNv2pOfJ29V9U8/A86+KAuFVCOa3oYyelyTouWqBdXV Jp8vxD+8pkPC3xk760iWCZs3+n4GCiIvyMveQrUBHh1O1ElfTHNxu72k6paL1m3D YGGjaYuhFNDmImJAvLGYVDgl/C8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR2/taA gc4G4nzWG10YD7sLxkNd4jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qjMwDQYJKoZIhvcNAQELBQADggEBABgB/Dky8Qz8tp7qfHxRBQKeqLlQ2I/ED1sr HcPNvMOOma4eROxwo//ztA3+Guhpf5H94H8Fe4JvdGiyDzSF2/QAE509nK+WFW5S mbuE1Ch/+jkvk3XuL+xyHND4BMMPbS/54Zq07feBa0BNB4kcvo0D/1IiG15+wKVF nw01gWxJjowWVrebtsTYshJkde31FJruCuvT3tvRxgTaP3mlVEeLOs5YwkT6SAMw kj+st9kuPRpEKLjOKMy7UXxRgkoIY6i9J67Pr2lWi5w3tx45xSzY690IAZzylUxp uEuUqo6vabotRgdfvq8yg75K7SFeVB3A4y1ZzZRNYIoR02FCSjI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:40 2026 by rpki-client