$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145265.roa File: AS145265.roa (raw, json) Hash identifier: Wx6kWYvNuV+cLbqJkSF2xMqyqhkuAGdMpWDPj+uUSVg= Subject key identifier: 54:17:B7:73:81:E8:4B:F7:13:49:6D:3C:6B:DE:AC:1A:63:60:54:1E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2C1B77C7C7F8F3B8D122CDF957BFEB2B5993D757 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145265.roa Signing time: Wed 04 Mar 2026 06:20:59 +0000 ROA not before: Wed 04 Mar 2026 06:15:59 +0000 ROA not after: Wed 03 Mar 2027 06:20:59 +0000 asID: 145265 IP address blocks: 240a:aa37::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:1b:77:c7:c7:f8:f3:b8:d1:22:cd:f9:57:bf:eb:2b:59:93:d7:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:59 2026 GMT Not After : Mar 3 06:20:59 2027 GMT Subject: CN=5417B77381E84BF713496D3C6BDEAC1A6360541E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b9:67:46:ec:e3:3a:b6:79:bf:c3:f6:ba:a7: 07:6a:23:cb:0a:a4:07:94:fd:8b:b0:fa:18:d9:8c: d6:bf:97:18:e7:e6:4e:f3:97:b4:b3:cf:04:a5:81: bc:40:d4:c4:5b:09:d6:25:c7:f4:b7:f4:f6:bf:83: 79:67:06:38:93:81:35:3b:45:01:46:60:4c:26:3d: 81:2e:b8:c8:c8:56:c6:a1:12:b8:b7:75:d1:34:01: 6a:58:c3:0c:6e:7c:3d:1d:05:88:0a:08:c9:3c:4b: 0d:63:c7:b1:1b:64:13:7b:1b:d8:ca:f0:20:64:8e: 58:58:86:76:e6:78:c9:6e:c4:79:07:1c:83:ab:06: 0e:ae:a7:e7:fe:9f:fb:eb:5f:ff:2c:ff:92:d0:91: c7:86:0d:e3:f1:37:d8:2b:b8:ea:10:65:ad:31:8e: e3:ef:4d:35:de:1a:36:dc:1b:1b:e1:15:2d:b8:f7: eb:83:fc:5f:66:a0:04:b9:a9:84:02:6f:12:a7:2c: ef:e2:1f:5e:21:6b:50:c0:40:4e:be:8d:0d:da:0f: 48:4b:5a:d2:f2:eb:27:64:90:88:c4:7e:8f:c9:af: 03:8f:91:fe:60:19:00:49:65:ba:c2:70:06:ad:61: 81:eb:32:d9:87:ac:ec:33:9e:0d:3a:c5:8f:70:d8: 58:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:17:B7:73:81:E8:4B:F7:13:49:6D:3C:6B:DE:AC:1A:63:60:54:1E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145265.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa37::/32 Signature Algorithm: sha256WithRSAEncryption 03:d1:51:ca:c7:bf:d5:2c:b6:16:fd:fb:23:ef:3f:58:36:fb: 44:3d:99:86:42:be:bb:e2:d3:ea:1f:84:4d:3f:47:29:5a:48: cb:60:1b:f8:3d:39:a7:49:5b:c4:4a:88:2b:16:f3:3d:bf:8f: 4d:d6:4d:12:e3:0a:ed:9f:59:c9:d5:88:2a:c1:3b:db:70:97: 4a:2d:7e:87:4b:a2:45:76:36:fe:cd:2e:90:34:7d:56:4b:ff: 81:b8:e0:8e:2c:24:af:20:8b:01:72:fe:6a:9f:40:9f:09:b2: e1:27:0f:9d:89:73:03:9f:2d:71:c4:b1:5b:05:40:e6:a4:89: 53:0d:78:81:4d:c9:02:98:15:c3:c9:4f:b3:25:41:f7:3d:a8: f3:5b:70:b2:af:8f:1d:4c:39:9a:05:88:c6:c7:1c:7c:ea:48: 06:d8:b6:c5:d4:5a:cb:7a:c5:80:32:47:5b:27:ae:67:8f:2e: 37:76:81:74:cb:17:a4:eb:49:d9:2b:37:c9:8c:bf:0d:79:e6: 47:2e:f8:6d:79:26:d8:07:a3:8b:fb:cc:ff:28:22:80:da:6d: 0c:40:e8:b8:19:7d:b9:07:b9:92:68:40:91:b6:50:0a:55:09: e1:01:45:98:1c:40:b8:8d:f4:a2:de:41:a9:2f:10:f8:74:22: 88:34:2d:dd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULBt3x8f487jRIs35V7/rK1mT11cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1OVoX DTI3MDMwMzA2MjA1OVowMzExMC8GA1UEAxMoNTQxN0I3NzM4MUU4NEJGNzEzNDk2 RDNDNkJERUFDMUE2MzYwNTQxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMO5Z0bs4zq2eb/D9rqnB2ojywqkB5T9i7D6GNmM1r+XGOfmTvOXtLPPBKWB vEDUxFsJ1iXH9Lf09r+DeWcGOJOBNTtFAUZgTCY9gS64yMhWxqESuLd10TQBaljD DG58PR0FiAoIyTxLDWPHsRtkE3sb2MrwIGSOWFiGduZ4yW7EeQccg6sGDq6n5/6f ++tf/yz/ktCRx4YN4/E32Cu46hBlrTGO4+9NNd4aNtwbG+EVLbj364P8X2agBLmp hAJvEqcs7+IfXiFrUMBATr6NDdoPSEta0vLrJ2SQiMR+j8mvA4+R/mAZAEllusJw Bq1hgesy2Yes7DOeDTrFj3DYWOkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRUF7dz gehL9xNJbTxr3qwaY2BUHjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI2NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qjcwDQYJKoZIhvcNAQELBQADggEBAAPRUcrHv9Usthb9+yPvP1g2+0Q9mYZCvrvi 0+ofhE0/RylaSMtgG/g9OadJW8RKiCsW8z2/j03WTRLjCu2fWcnViCrBO9twl0ot fodLokV2Nv7NLpA0fVZL/4G44I4sJK8giwFy/mqfQJ8JsuEnD52JcwOfLXHEsVsF QOakiVMNeIFNyQKYFcPJT7MlQfc9qPNbcLKvjx1MOZoFiMbHHHzqSAbYtsXUWst6 xYAyR1snrmePLjd2gXTLF6TrSdkrN8mMvw155kcu+G15JtgHo4v7zP8oIoDabQxA 6LgZfbkHuZJoQJG2UApVCeEBRZgcQLiN9KLeQakvEPh0Iog0Ld0= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:22 2026 by rpki-client