$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145329.roa File: AS145329.roa (raw, json) Hash identifier: kjaBFM3qVaRAGWTJO47a4bQPW7k5ucwYjLgUYX0oHdk= Subject key identifier: 51:50:75:69:65:34:00:C9:AD:D8:69:C7:9F:85:26:EE:DC:61:4E:27 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 17A1CF5FA0D318A2AC8FFC6E440DA2FE85933A0F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145329.roa Signing time: Wed 04 Mar 2026 06:21:48 +0000 ROA not before: Wed 04 Mar 2026 06:16:48 +0000 ROA not after: Wed 03 Mar 2027 06:21:48 +0000 asID: 145329 IP address blocks: 240a:aa77::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:a1:cf:5f:a0:d3:18:a2:ac:8f:fc:6e:44:0d:a2:fe:85:93:3a:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:48 2026 GMT Not After : Mar 3 06:21:48 2027 GMT Subject: CN=51507569653400C9ADD869C79F8526EEDC614E27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:48:33:61:34:30:ef:82:a5:fe:cd:b8:47:e7: 92:a3:92:de:19:5a:67:a2:ce:8f:85:a7:9a:a2:64: e7:e0:44:60:4f:e2:39:2a:f6:24:d6:47:75:d7:ed: b8:d8:2c:d7:6d:58:9f:7a:0c:80:37:7b:37:bb:79: 3b:e1:a9:2e:02:6d:c1:74:f0:69:e0:5b:06:97:fb: 04:a8:38:9a:23:c7:4c:ac:22:76:41:a6:ac:f7:29: 0a:f8:d7:f2:d5:23:3c:05:44:3d:45:7d:1f:57:86: 91:c4:aa:46:7e:31:d4:fb:17:52:96:85:e0:09:f1: e3:95:e9:60:5d:1c:d4:84:45:3e:6e:cd:de:20:bf: 55:eb:4f:85:52:5a:32:1e:0a:ad:23:5f:a8:5e:39: a7:4c:5c:f9:ed:b4:fc:25:09:6d:22:45:e1:ef:3f: c8:90:de:34:62:13:2b:2e:94:8e:57:76:b1:3c:4b: a7:f4:65:b0:82:20:ed:6b:30:8c:e2:06:a7:26:c9: bf:b2:b4:28:72:d8:33:ab:89:6f:fe:0d:25:3c:0e: 71:ef:d9:4b:a7:8f:79:2e:e6:62:9a:e8:bc:bf:93: 6b:17:13:37:85:82:5c:79:a9:11:0a:9e:72:f3:b0: d5:49:29:db:ac:0e:75:25:6c:50:07:60:6d:0d:30: ad:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:50:75:69:65:34:00:C9:AD:D8:69:C7:9F:85:26:EE:DC:61:4E:27 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145329.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa77::/32 Signature Algorithm: sha256WithRSAEncryption db:c7:dd:a5:cf:70:cd:17:5b:f2:0b:45:12:6b:c0:a0:a3:88: ad:df:e3:36:85:d6:21:3f:f7:bd:a9:0e:f7:58:98:55:ae:4d: 90:ab:d1:c5:ea:00:64:71:44:fe:7c:76:8d:6b:a8:d4:ef:ca: 54:1e:1e:ec:1d:5a:6e:3f:bb:20:43:96:88:6d:85:8b:67:8b: 02:1c:30:1c:9b:1f:9d:47:06:84:47:cd:7d:2a:e2:f7:79:e0: 7e:86:fc:21:fe:b6:f3:85:73:c2:a8:0d:ea:1c:18:0c:b4:56: 4f:9a:50:54:e6:62:1f:aa:96:09:0c:17:a8:8b:f7:6d:5d:83: ee:08:d6:41:c0:ee:1c:eb:c0:a2:d2:ee:7b:b8:4b:2c:57:36: 43:e4:20:eb:06:ba:65:89:44:f4:77:06:f5:21:16:8e:c4:a5: af:e2:09:9c:cb:58:5d:7b:5b:4c:b0:de:0d:c2:72:0b:bf:b4: 1f:51:97:f3:8c:1d:ad:8c:e0:83:06:1f:a5:47:42:37:29:4b: ef:a3:58:d5:fe:39:24:c0:f7:2b:93:9d:a6:3e:23:b1:25:2d: 20:dd:85:7f:6e:f5:92:9b:fc:4d:39:b8:5e:1f:fd:17:ba:20: 14:7e:17:46:93:14:9c:1b:d6:4e:a4:04:d2:3a:58:c0:6c:da: 2b:81:a5:66 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUF6HPX6DTGKKsj/xuRA2i/oWTOg8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0OFoX DTI3MDMwMzA2MjE0OFowMzExMC8GA1UEAxMoNTE1MDc1Njk2NTM0MDBDOUFERDg2 OUM3OUY4NTI2RUVEQzYxNEUyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9IM2E0MO+Cpf7NuEfnkqOS3hlaZ6LOj4WnmqJk5+BEYE/iOSr2JNZHddft uNgs121Yn3oMgDd7N7t5O+GpLgJtwXTwaeBbBpf7BKg4miPHTKwidkGmrPcpCvjX 8tUjPAVEPUV9H1eGkcSqRn4x1PsXUpaF4Anx45XpYF0c1IRFPm7N3iC/VetPhVJa Mh4KrSNfqF45p0xc+e20/CUJbSJF4e8/yJDeNGITKy6Ujld2sTxLp/RlsIIg7Wsw jOIGpybJv7K0KHLYM6uJb/4NJTwOce/ZS6ePeS7mYprovL+TaxcTN4WCXHmpEQqe cvOw1Ukp26wOdSVsUAdgbQ0wrWUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRRUHVp ZTQAya3YacefhSbu3GFOJzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qncwDQYJKoZIhvcNAQELBQADggEBANvH3aXPcM0XW/ILRRJrwKCjiK3f4zaF1iE/ 972pDvdYmFWuTZCr0cXqAGRxRP58do1rqNTvylQeHuwdWm4/uyBDlohthYtniwIc MBybH51HBoRHzX0q4vd54H6G/CH+tvOFc8KoDeocGAy0Vk+aUFTmYh+qlgkMF6iL 921dg+4I1kHA7hzrwKLS7nu4SyxXNkPkIOsGumWJRPR3BvUhFo7Epa/iCZzLWF17 W0yw3g3Ccgu/tB9Rl/OMHa2M4IMGH6VHQjcpS++jWNX+OSTA9yuTnaY+I7ElLSDd hX9u9ZKb/E05uF4f/Re6IBR+F0aTFJwb1k6kBNI6WMBs2iuBpWY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:44 2026 by rpki-client