$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145296.roa File: AS145296.roa (raw, json) Hash identifier: QVvVjVAeSiJsgUl8hMqu/O0RUEpi2C8fU8aTaChEUdE= Subject key identifier: 6B:02:C9:79:5B:5D:EF:0F:BF:F7:2D:1D:57:38:7D:AF:8C:33:71:C3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 733C355BE2F7B596304AEC43AE117A83DC91A202 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145296.roa Signing time: Wed 04 Mar 2026 06:20:43 +0000 ROA not before: Wed 04 Mar 2026 06:15:43 +0000 ROA not after: Wed 03 Mar 2027 06:20:43 +0000 asID: 145296 IP address blocks: 240a:aa56::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:3c:35:5b:e2:f7:b5:96:30:4a:ec:43:ae:11:7a:83:dc:91:a2:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:43 2026 GMT Not After : Mar 3 06:20:43 2027 GMT Subject: CN=6B02C9795B5DEF0FBFF72D1D57387DAF8C3371C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:18:b8:3d:7a:7e:49:bc:ae:ab:aa:33:7c:2a: cd:ce:65:e6:56:0b:46:02:74:12:82:20:be:ad:e0: 33:c4:44:76:75:6a:e6:91:78:55:18:47:07:22:90: a9:63:46:23:21:5f:49:13:c2:b7:3b:df:95:56:e8: 7f:fb:2c:50:0e:ae:4d:23:26:43:8c:d2:c9:ff:2e: d0:ba:79:1a:56:9b:f9:70:b9:92:0f:0c:e4:15:94: d4:fb:74:e8:3d:e9:55:e6:84:1f:ce:c2:d3:92:b3: c6:5f:f9:9f:09:84:a8:6f:47:da:15:f9:1d:c9:40: f7:05:2b:ef:d9:14:34:88:2a:34:0c:1d:81:36:4a: 37:bf:ed:24:58:b9:65:e4:9d:4b:e8:86:d0:a1:25: 28:d2:88:46:e5:ed:42:2c:98:bc:90:19:3f:14:21: 3e:88:b0:d1:7b:85:65:92:d8:1f:31:5f:29:b1:6e: 7c:70:13:d7:1a:14:9a:c6:6f:3f:6d:30:68:e8:f4: 21:c0:27:ca:68:c3:a7:d2:c1:9e:cb:e9:3d:c1:96: ad:4a:ab:32:05:7f:3b:fe:ad:30:f4:1d:1d:22:81: 40:3f:16:4c:fd:a6:9f:e4:a7:0c:a0:b4:cd:2a:f5: 27:32:51:9e:7a:71:d2:d3:be:5d:51:80:a0:58:4c: 57:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:02:C9:79:5B:5D:EF:0F:BF:F7:2D:1D:57:38:7D:AF:8C:33:71:C3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145296.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa56::/32 Signature Algorithm: sha256WithRSAEncryption bb:bf:fc:aa:ec:da:e8:38:aa:66:49:27:02:f2:6c:d9:54:89: 32:59:57:68:27:69:95:33:52:07:1d:cb:92:f9:ca:bf:5a:e2: c3:c1:f1:ed:8d:24:e5:44:15:e4:37:1f:45:7e:ab:d2:cf:4e: 56:65:ed:ef:58:cb:f9:59:ae:04:35:e9:4d:c2:cf:0e:e8:97: ba:07:0d:93:0b:a6:f9:01:ad:19:0a:d7:18:b5:d7:9e:d4:ce: 7c:27:19:a1:6d:c4:c6:83:3d:0d:0f:8e:f6:3f:1a:48:d6:60: a3:ae:f2:f2:20:c0:f9:14:bb:94:80:13:4f:6d:a0:81:79:5c: 7c:6a:98:d0:e8:95:c8:16:9e:b6:d1:80:77:a1:2e:77:d3:35: bf:c4:6a:4d:b6:86:94:80:66:00:00:cd:cb:16:10:15:ed:b7: 7c:96:51:26:18:43:15:71:60:f7:a9:8d:15:cb:44:63:4d:32: e3:cc:c3:7e:2d:e4:63:91:fc:09:71:97:92:5a:77:93:6a:21: 6b:69:e8:02:5c:93:2a:34:1e:2c:a8:65:04:73:58:4d:07:4d: 78:bd:f9:c2:77:90:64:21:61:1c:6c:84:a6:d2:88:64:57:1a: 52:6d:40:8b:66:a6:bd:0e:1c:69:a9:61:5f:57:8e:6b:7d:77: d8:44:c6:2e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUczw1W+L3tZYwSuxDrhF6g9yRogIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0M1oX DTI3MDMwMzA2MjA0M1owMzExMC8GA1UEAxMoNkIwMkM5Nzk1QjVERUYwRkJGRjcy RDFENTczODdEQUY4QzMzNzFDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAYuD16fkm8rquqM3wqzc5l5lYLRgJ0EoIgvq3gM8REdnVq5pF4VRhHByKQ qWNGIyFfSRPCtzvflVbof/ssUA6uTSMmQ4zSyf8u0Lp5Glab+XC5kg8M5BWU1Pt0 6D3pVeaEH87C05Kzxl/5nwmEqG9H2hX5HclA9wUr79kUNIgqNAwdgTZKN7/tJFi5 ZeSdS+iG0KElKNKIRuXtQiyYvJAZPxQhPoiw0XuFZZLYHzFfKbFufHAT1xoUmsZv P20waOj0IcAnymjDp9LBnsvpPcGWrUqrMgV/O/6tMPQdHSKBQD8WTP2mn+SnDKC0 zSr1JzJRnnpx0tO+XVGAoFhMV7MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRrAsl5 W13vD7/3LR1XOH2vjDNxwzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qlYwDQYJKoZIhvcNAQELBQADggEBALu//Krs2ug4qmZJJwLybNlUiTJZV2gnaZUz Ugcdy5L5yr9a4sPB8e2NJOVEFeQ3H0V+q9LPTlZl7e9Yy/lZrgQ16U3Czw7ol7oH DZMLpvkBrRkK1xi1157UznwnGaFtxMaDPQ0PjvY/GkjWYKOu8vIgwPkUu5SAE09t oIF5XHxqmNDolcgWnrbRgHehLnfTNb/Eak22hpSAZgAAzcsWEBXtt3yWUSYYQxVx YPepjRXLRGNNMuPMw34t5GOR/Alxl5Jad5NqIWtp6AJckyo0HiyoZQRzWE0HTXi9 +cJ3kGQhYRxshKbSiGRXGlJtQItmpr0OHGmpYV9Xjmt9d9hExi4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:42 2026 by rpki-client