$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145322.roa File: AS145322.roa (raw, json) Hash identifier: dgxS9lEw5+Sv7EhvAnJIkytXVrmak5vsGj37VQlvMqY= Subject key identifier: B9:9F:EB:18:CC:51:EE:B6:A2:E7:E0:9A:08:7C:3C:25:67:D2:F8:32 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C55F10CCFD4CE040253BC5600888EB74C7EA731 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145322.roa Signing time: Wed 04 Mar 2026 06:20:30 +0000 ROA not before: Wed 04 Mar 2026 06:15:30 +0000 ROA not after: Wed 03 Mar 2027 06:20:30 +0000 asID: 145322 IP address blocks: 240a:aa70::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:55:f1:0c:cf:d4:ce:04:02:53:bc:56:00:88:8e:b7:4c:7e:a7:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:30 2026 GMT Not After : Mar 3 06:20:30 2027 GMT Subject: CN=B99FEB18CC51EEB6A2E7E09A087C3C2567D2F832 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:28:a0:d0:73:7e:86:89:7d:5d:6f:e4:f2:13: 94:ef:fa:6a:55:cc:e8:07:6a:ec:ea:19:86:60:96: 9d:0b:43:24:75:ed:80:1d:82:f1:40:b6:9d:e8:e5: fe:6c:9d:4a:80:c5:e0:1b:6d:e9:0d:41:ae:d7:f1: d3:65:49:05:e1:34:8b:bc:8d:13:a8:03:cc:a3:dc: 1b:37:d7:30:c1:fd:43:c8:57:64:60:b3:89:a3:84: 90:f5:e3:80:29:58:c0:65:4b:61:0d:bb:cc:2f:c2: d9:7c:bf:b3:1d:03:b5:9e:43:5f:16:65:e1:29:69: a2:7b:ee:35:b9:39:ca:e6:1d:9a:f0:12:d1:06:8c: cf:d5:4b:7b:cf:bc:f3:26:11:1c:c4:39:c3:2c:fe: 48:be:37:dd:b9:75:ae:82:96:92:b0:15:59:ed:84: 68:30:a4:4b:ff:72:41:e4:7d:5e:3a:67:88:11:ae: 74:a2:5c:b2:8c:d5:eb:1e:9a:59:eb:a4:d2:08:a8: e9:23:44:42:31:fa:c4:eb:b6:b9:2a:21:d3:21:21: 81:69:60:d0:be:a0:c6:fa:52:f0:30:50:b7:76:39: ee:3e:4c:d3:5f:e5:03:55:9c:48:87:21:39:74:bb: 8f:da:7a:6f:52:c4:59:41:c5:a6:82:d4:85:73:63: 9b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:9F:EB:18:CC:51:EE:B6:A2:E7:E0:9A:08:7C:3C:25:67:D2:F8:32 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145322.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa70::/32 Signature Algorithm: sha256WithRSAEncryption 0c:d9:f5:b6:ca:d5:6f:5e:c9:36:6e:7c:3b:32:50:e5:c9:67: 49:a5:5c:60:a2:f9:1a:21:b7:c2:82:0c:4e:eb:ea:07:34:39: 68:4e:56:42:b6:fe:9c:a3:2f:08:e0:37:68:9a:02:2d:10:98: 2e:0a:fb:ea:96:35:a2:92:06:69:93:73:fa:e3:0f:c4:e5:ea: 44:7e:c6:e7:4e:f3:d9:7a:37:79:bd:11:9d:6d:6b:30:f3:f2: f9:08:92:d2:38:10:08:75:9a:cb:5c:0c:03:5f:d2:f4:fa:31: 6f:ac:3c:34:7c:c8:6d:60:4d:b5:f3:19:53:3c:7a:27:15:4b: 0f:35:9a:b6:35:7d:da:d0:c6:34:fd:bb:2e:74:25:8a:1a:d6: d4:fc:df:5a:4f:8c:b9:80:6e:42:18:18:7c:45:1f:0f:8f:dd: 24:e4:82:4a:02:bc:b8:60:c5:b9:8a:5b:c8:95:24:0a:e6:47: e9:9c:33:fd:2e:db:8d:ba:e9:28:d7:bf:2a:40:c2:df:a5:f7: b6:80:be:78:e3:09:13:86:c1:13:a4:ad:42:70:64:13:38:c6: 21:d8:05:99:aa:19:b2:63:85:d4:6e:9a:f8:ae:3b:bb:6a:ec: 15:9e:36:ab:f5:bf:64:12:a1:42:76:c5:c9:2c:f7:8f:c9:0a: fd:69:69:36 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPFXxDM/UzgQCU7xWAIiOt0x+pzEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzMFoX DTI3MDMwMzA2MjAzMFowMzExMC8GA1UEAxMoQjk5RkVCMThDQzUxRUVCNkEyRTdF MDlBMDg3QzNDMjU2N0QyRjgzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ8ooNBzfoaJfV1v5PITlO/6alXM6Adq7OoZhmCWnQtDJHXtgB2C8UC2nejl /mydSoDF4Btt6Q1Brtfx02VJBeE0i7yNE6gDzKPcGzfXMMH9Q8hXZGCziaOEkPXj gClYwGVLYQ27zC/C2Xy/sx0DtZ5DXxZl4SlponvuNbk5yuYdmvAS0QaMz9VLe8+8 8yYRHMQ5wyz+SL433bl1roKWkrAVWe2EaDCkS/9yQeR9XjpniBGudKJcsozV6x6a Weuk0gio6SNEQjH6xOu2uSoh0yEhgWlg0L6gxvpS8DBQt3Y57j5M01/lA1WcSIch OXS7j9p6b1LEWUHFpoLUhXNjmwkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS5n+sY zFHutqLn4JoIfDwlZ9L4MjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qnAwDQYJKoZIhvcNAQELBQADggEBAAzZ9bbK1W9eyTZufDsyUOXJZ0mlXGCi+Roh t8KCDE7r6gc0OWhOVkK2/pyjLwjgN2iaAi0QmC4K++qWNaKSBmmTc/rjD8Tl6kR+ xudO89l6N3m9EZ1tazDz8vkIktI4EAh1mstcDANf0vT6MW+sPDR8yG1gTbXzGVM8 eicVSw81mrY1fdrQxjT9uy50JYoa1tT831pPjLmAbkIYGHxFHw+P3STkgkoCvLhg xbmKW8iVJArmR+mcM/0u24266SjXvypAwt+l97aAvnjjCROGwROkrUJwZBM4xiHY BZmqGbJjhdRumviuO7tq7BWeNqv1v2QSoUJ2xcks94/JCv1paTY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:38 2026 by rpki-client