$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145318.roa File: AS145318.roa (raw, json) Hash identifier: IQ2c9D4r/XwIn/IyYoK2BqFiPVoR9CHIsKrgEs7NSyA= Subject key identifier: 1D:7F:3A:4C:C2:43:5F:93:2F:02:20:CB:3D:8E:8B:78:88:EF:C0:8A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6C9113CC2CF274472032EAA76EF06D694D340CA6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145318.roa Signing time: Wed 04 Mar 2026 06:22:17 +0000 ROA not before: Wed 04 Mar 2026 06:17:17 +0000 ROA not after: Wed 03 Mar 2027 06:22:17 +0000 asID: 145318 IP address blocks: 240a:aa6c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:91:13:cc:2c:f2:74:47:20:32:ea:a7:6e:f0:6d:69:4d:34:0c:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:17 2026 GMT Not After : Mar 3 06:22:17 2027 GMT Subject: CN=1D7F3A4CC2435F932F0220CB3D8E8B7888EFC08A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7f:d9:50:38:9c:da:a4:80:0c:b8:9c:b1:01: 5c:49:24:a4:15:fb:97:ce:36:b9:19:62:33:0b:b3: 9b:74:a3:cb:d3:d4:71:03:32:0d:64:28:0b:bb:60: c6:02:19:a7:d0:b4:eb:94:67:ac:4c:8d:ac:59:58: 54:4d:de:4f:87:b3:4c:2e:9b:25:d7:4c:c0:29:88: ea:2b:17:c7:9b:1d:84:30:d3:90:15:c1:f9:f7:5e: f9:f1:94:e5:3e:15:56:7b:c7:9d:a1:b9:c6:58:8f: b7:07:f2:90:b1:a9:af:2c:fd:e6:05:0b:7b:d5:9f: 46:13:36:13:57:22:42:5a:91:43:c3:7f:b2:06:79: 8e:74:8a:1b:5b:e1:a0:9e:07:e4:41:e9:20:26:c1: 67:ea:64:07:b6:20:04:e1:18:14:97:72:1d:a2:90: 61:8b:e4:a4:f7:d0:68:71:4e:0f:92:d1:c6:3f:d3: 52:56:17:4f:24:b0:d9:e0:f3:82:7b:50:5a:fc:42: a4:2c:99:a7:25:86:10:e6:ba:02:66:a6:2a:8d:c5: bb:85:88:7e:b3:f1:6a:bb:3e:25:e8:c6:2b:c1:b6: 30:87:22:b2:ba:be:bc:cf:8a:b4:f7:75:e4:ae:4c: 20:88:cf:6f:b0:99:73:93:d3:27:32:b1:53:ef:37: 38:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:7F:3A:4C:C2:43:5F:93:2F:02:20:CB:3D:8E:8B:78:88:EF:C0:8A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145318.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa6c::/32 Signature Algorithm: sha256WithRSAEncryption 7d:6f:56:e4:6a:fe:dd:f4:ef:9b:1d:1f:a3:ad:5b:b7:a4:fe: 5e:fd:5e:e9:46:79:2d:fe:1c:76:76:5b:21:af:0e:71:15:b5: 64:0a:59:eb:f3:43:64:8c:62:df:e6:42:79:dc:c9:43:d0:e8: c9:a7:c1:b2:29:2a:dd:9f:3c:5c:8a:57:96:10:d8:4b:dc:e3: 0e:f1:40:d2:06:01:5b:bf:40:10:1a:88:02:dc:44:44:56:2b: b0:45:39:47:29:d3:38:30:a8:c8:62:ec:4c:5c:63:d3:8b:d1: d0:b2:23:68:d4:68:00:63:ad:30:e5:f2:d6:a6:c8:d4:86:42: 7b:d1:9a:63:8d:0d:c5:0c:2d:68:9f:6f:43:b5:7a:d3:07:c3: b4:ba:a2:7f:ec:80:84:28:81:67:c9:1d:5c:d3:35:5b:57:a5: 25:70:67:92:1a:4d:fe:5b:02:bc:8c:cc:57:6b:20:f5:22:10: 2c:b7:53:0b:cf:24:2e:2c:1d:d1:e4:f3:1b:0b:98:ba:37:54: 42:df:51:21:d3:af:cc:2b:5c:2c:d4:ee:7f:4c:9a:f4:c2:5d: 2f:7e:dd:2c:9a:b0:9f:5f:cb:9f:7d:e2:cb:5f:ba:40:e6:db: d6:d7:98:b5:09:79:f4:12:4d:0a:22:e3:57:2e:47:e8:d4:a5: 63:3d:b3:e0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbJETzCzydEcgMuqnbvBtaU00DKYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxN1oX DTI3MDMwMzA2MjIxN1owMzExMC8GA1UEAxMoMUQ3RjNBNENDMjQzNUY5MzJGMDIy MENCM0Q4RThCNzg4OEVGQzA4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZ/2VA4nNqkgAy4nLEBXEkkpBX7l842uRliMwuzm3Sjy9PUcQMyDWQoC7tg xgIZp9C065RnrEyNrFlYVE3eT4ezTC6bJddMwCmI6isXx5sdhDDTkBXB+fde+fGU 5T4VVnvHnaG5xliPtwfykLGpryz95gULe9WfRhM2E1ciQlqRQ8N/sgZ5jnSKG1vh oJ4H5EHpICbBZ+pkB7YgBOEYFJdyHaKQYYvkpPfQaHFOD5LRxj/TUlYXTySw2eDz gntQWvxCpCyZpyWGEOa6AmamKo3Fu4WIfrPxars+JejGK8G2MIcisrq+vM+KtPd1 5K5MIIjPb7CZc5PTJzKxU+83OEsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQdfzpM wkNfky8CIMs9jot4iO/AijAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qmwwDQYJKoZIhvcNAQELBQADggEBAH1vVuRq/t3075sdH6OtW7ek/l79XulGeS3+ HHZ2WyGvDnEVtWQKWevzQ2SMYt/mQnncyUPQ6MmnwbIpKt2fPFyKV5YQ2Evc4w7x QNIGAVu/QBAaiALcRERWK7BFOUcp0zgwqMhi7ExcY9OL0dCyI2jUaABjrTDl8tam yNSGQnvRmmONDcUMLWifb0O1etMHw7S6on/sgIQogWfJHVzTNVtXpSVwZ5IaTf5b AryMzFdrIPUiECy3UwvPJC4sHdHk8xsLmLo3VELfUSHTr8wrXCzU7n9MmvTCXS9+ 3SyasJ9fy5994stfukDm29bXmLUJefQSTQoi41cuR+jUpWM9s+A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:53 2026 by rpki-client