$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145289.roa File: AS145289.roa (raw, json) Hash identifier: DxUYW4+iTHEB8vRVvaDDJ7ixlHkm3Sqt0TYU28BCjwk= Subject key identifier: DA:01:97:8A:77:06:B4:A7:26:8D:A3:34:C7:2F:F7:EF:9E:E6:40:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 79B75E5A513C091459500EED4D4B5070273B38F8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145289.roa Signing time: Wed 04 Mar 2026 06:19:52 +0000 ROA not before: Wed 04 Mar 2026 06:14:52 +0000 ROA not after: Wed 03 Mar 2027 06:19:52 +0000 asID: 145289 IP address blocks: 240a:aa4f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:b7:5e:5a:51:3c:09:14:59:50:0e:ed:4d:4b:50:70:27:3b:38:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:52 2026 GMT Not After : Mar 3 06:19:52 2027 GMT Subject: CN=DA01978A7706B4A7268DA334C72FF7EF9EE640F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:11:fe:cd:64:86:2c:94:03:4a:af:d4:08:a5: 06:3f:c0:3e:f7:b8:c1:59:b8:99:76:a1:8b:06:19: 15:9c:58:60:7b:56:44:06:f9:f7:a6:55:1e:df:d9: e0:c2:bc:ed:3c:47:a6:ff:0b:2c:80:e5:93:d1:f9: 86:06:35:95:39:e7:69:56:9f:4a:37:ec:48:db:64: 78:29:b5:27:75:7a:fb:1c:dc:1c:76:3d:fd:4b:67: a7:52:d5:d2:8c:6d:99:7a:39:fc:42:e8:f3:56:bb: bb:1e:3b:86:6e:f3:b6:a3:b6:7f:9c:a1:59:ea:86: 3e:2f:c2:47:6d:8c:01:55:77:82:6b:c9:01:cb:ff: ba:dd:0f:64:8b:bc:0b:89:b5:96:74:8b:6d:7a:e0: 23:b0:27:4b:65:66:45:a6:a5:fc:14:06:ca:17:8c: 76:15:a9:e3:ad:9c:fe:1e:01:e6:e9:be:bc:c2:3f: ae:58:52:70:ac:49:fb:06:3b:b1:7c:fc:34:0b:20: d9:ce:3b:4f:e0:15:40:e3:a5:c8:69:d8:c0:84:1d: f7:be:34:58:e8:01:9c:c6:dd:04:1c:ac:76:7a:6b: 9c:5e:c3:eb:35:dd:f5:9c:da:c0:57:07:46:f0:b3: 2a:8c:77:ec:16:2c:50:d4:a5:65:06:fd:c2:90:c6: ea:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:01:97:8A:77:06:B4:A7:26:8D:A3:34:C7:2F:F7:EF:9E:E6:40:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145289.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa4f::/32 Signature Algorithm: sha256WithRSAEncryption ac:05:13:8d:1e:c0:fa:d2:2a:4d:c3:3d:82:4f:5e:76:4c:7b: 96:eb:31:b7:ac:1e:83:2d:1a:c7:d6:7b:3a:df:40:9a:b2:4a: ce:af:8c:ac:75:c7:c5:9c:87:8c:77:ea:ff:a2:17:e3:55:86: e4:e3:d3:12:d3:fb:ef:91:65:5b:ca:a0:97:57:c2:eb:81:b3: c4:a3:1c:58:b8:2a:30:78:1a:c2:ea:80:2f:de:9f:24:65:bf: 92:eb:07:cc:8d:b3:91:e8:f1:31:5c:ca:d3:b4:9c:67:bb:1b: 37:47:d6:78:a9:e9:b2:a1:05:6d:46:f6:7a:3e:04:e6:b8:d3: 7b:d2:10:c6:31:11:d9:39:25:84:8f:a2:d6:52:8a:f4:cd:9e: a2:b4:29:ca:04:c6:17:1c:5c:c7:79:bf:4e:aa:e8:c4:1c:46: eb:34:ca:8a:6d:68:fb:8f:8c:fb:cc:91:7f:0c:ef:0c:d2:48: e1:5d:89:49:a9:fb:d4:89:99:36:72:28:4a:52:7e:9c:70:ea: 93:89:6b:2a:cf:e7:88:88:f5:ab:17:c0:3d:8b:52:10:5f:f5: ea:65:5a:1d:86:93:aa:f3:da:55:95:3a:60:49:0b:49:bb:6d: 97:17:f4:d1:3e:5e:b5:c0:82:e3:09:29:67:fb:73:73:83:22: e5:8c:98:c3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUebdeWlE8CRRZUA7tTUtQcCc7OPgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1MloX DTI3MDMwMzA2MTk1MlowMzExMC8GA1UEAxMoREEwMTk3OEE3NzA2QjRBNzI2OERB MzM0QzcyRkY3RUY5RUU2NDBGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4R/s1khiyUA0qv1AilBj/APve4wVm4mXahiwYZFZxYYHtWRAb596ZVHt/Z 4MK87TxHpv8LLIDlk9H5hgY1lTnnaVafSjfsSNtkeCm1J3V6+xzcHHY9/Utnp1LV 0oxtmXo5/ELo81a7ux47hm7ztqO2f5yhWeqGPi/CR22MAVV3gmvJAcv/ut0PZIu8 C4m1lnSLbXrgI7AnS2VmRaal/BQGyheMdhWp462c/h4B5um+vMI/rlhScKxJ+wY7 sXz8NAsg2c47T+AVQOOlyGnYwIQd9740WOgBnMbdBBysdnprnF7D6zXd9ZzawFcH RvCzKox37BYsUNSlZQb9wpDG6m0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTaAZeK dwa0pyaNozTHL/fvnuZA9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qk8wDQYJKoZIhvcNAQELBQADggEBAKwFE40ewPrSKk3DPYJPXnZMe5brMbesHoMt GsfWezrfQJqySs6vjKx1x8Wch4x36v+iF+NVhuTj0xLT+++RZVvKoJdXwuuBs8Sj HFi4KjB4GsLqgC/enyRlv5LrB8yNs5Ho8TFcytO0nGe7GzdH1nip6bKhBW1G9no+ BOa403vSEMYxEdk5JYSPotZSivTNnqK0KcoExhccXMd5v06q6MQcRus0yoptaPuP jPvMkX8M7wzSSOFdiUmp+9SJmTZyKEpSfpxw6pOJayrP54iI9asXwD2LUhBf9epl Wh2Gk6rz2lWVOmBJC0m7bZcX9NE+XrXAguMJKWf7c3ODIuWMmMM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:13 2026 by rpki-client