$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145341.roa File: AS145341.roa (raw, json) Hash identifier: yVhAOrIBxlKyz7MGcSqBSr8bs8AOvVCYWpPyA8iMUHg= Subject key identifier: 51:0B:06:55:B0:7C:C4:EF:FC:09:61:89:77:DE:7A:10:07:21:46:91 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1CBEA01C0D15F8EE1EF7B0EE17DC86EA5F01D3B5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145341.roa Signing time: Wed 04 Mar 2026 06:19:40 +0000 ROA not before: Wed 04 Mar 2026 06:14:40 +0000 ROA not after: Wed 03 Mar 2027 06:19:40 +0000 asID: 145341 IP address blocks: 240a:aa83::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:be:a0:1c:0d:15:f8:ee:1e:f7:b0:ee:17:dc:86:ea:5f:01:d3:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:40 2026 GMT Not After : Mar 3 06:19:40 2027 GMT Subject: CN=510B0655B07CC4EFFC09618977DE7A1007214691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:60:6c:b8:d9:81:15:42:cf:60:a6:05:50:2c: 51:ef:02:64:97:33:53:51:53:2b:14:8f:49:e6:b3: ef:65:53:fa:ca:0c:21:7e:8f:f4:b8:bc:c4:ed:98: 92:2a:af:db:a2:63:56:c6:e9:d2:00:14:9c:1c:5b: 00:52:5c:c2:df:06:ae:75:d3:35:05:6b:7e:68:a2: c8:fe:c1:9e:b1:92:98:22:89:5d:e8:53:75:48:2a: 09:cb:f7:de:a9:cc:0c:0c:4d:d5:fc:8f:0d:3c:82: 52:e4:63:9b:ba:a7:78:cc:b4:14:f1:d9:f6:fa:2a: 80:d1:f3:1b:ad:38:4b:af:89:e0:10:fe:8a:c4:43: a2:ff:cb:0b:30:e0:d7:37:9b:68:f3:f3:b0:7e:34: 35:6b:d2:bf:bc:1b:08:b3:99:e1:b2:48:63:a6:5e: ff:e0:ad:9c:51:87:d6:0d:2c:c0:4e:07:a4:17:6b: 2c:29:c8:a7:9c:33:78:84:a5:5f:0b:10:86:b9:0c: 27:aa:ca:56:59:e8:71:0a:32:da:d9:7d:e3:5c:ee: f1:ed:e2:a4:a1:fb:72:bc:dc:4d:fa:54:13:9f:dd: 63:7b:d5:af:54:56:6f:dd:bc:19:f8:ab:22:36:f5: 37:84:88:70:5e:0d:9c:26:1e:3d:a3:f2:7e:5e:1d: cf:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:0B:06:55:B0:7C:C4:EF:FC:09:61:89:77:DE:7A:10:07:21:46:91 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145341.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa83::/32 Signature Algorithm: sha256WithRSAEncryption a2:4f:91:09:e8:2f:a5:3f:e0:a5:20:80:db:1b:ea:85:ca:40: 39:8b:66:88:d9:e9:7b:84:ee:83:ce:27:86:a6:06:57:f1:9c: 96:5c:24:88:fc:86:ab:6e:63:c9:cb:48:02:b2:6c:47:b9:54: f4:7a:9b:26:19:5a:33:57:a1:b3:fc:db:fa:85:20:ae:67:83: 97:46:a7:80:69:ea:da:b3:9e:98:e8:6b:08:34:e3:b5:8f:1a: e6:18:12:27:4a:db:9f:16:8f:8e:c5:2d:5f:81:9f:9c:29:d4: 93:d6:f0:3b:82:29:34:c0:cd:4a:79:ed:a7:a0:1a:75:36:d5: af:63:12:e0:d1:c2:f6:7a:79:28:2b:ac:d3:6f:7f:98:dd:18: 78:41:e2:75:c5:15:97:03:b7:24:e5:b1:ea:ae:0c:22:d4:b7: 99:5d:13:77:20:db:64:e6:e0:96:be:c2:f7:31:d3:78:a5:53: a5:fc:7d:fd:15:9c:f4:58:b3:74:4a:e6:e3:4c:6e:63:61:ea: 4a:a2:c1:2e:f5:9b:44:ff:af:4c:47:5a:7b:a8:e0:55:55:26: 53:cb:26:ba:dc:2d:51:76:71:72:6a:02:3b:27:9c:dd:72:18: 0c:a7:67:a5:69:b9:22:85:25:e4:4d:00:af:76:97:06:02:d2: 47:4d:1d:2e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHL6gHA0V+O4e97DuF9yG6l8B07UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ0MFoX DTI3MDMwMzA2MTk0MFowMzExMC8GA1UEAxMoNTEwQjA2NTVCMDdDQzRFRkZDMDk2 MTg5NzdERTdBMTAwNzIxNDY5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ5gbLjZgRVCz2CmBVAsUe8CZJczU1FTKxSPSeaz72VT+soMIX6P9Li8xO2Y kiqv26JjVsbp0gAUnBxbAFJcwt8GrnXTNQVrfmiiyP7BnrGSmCKJXehTdUgqCcv3 3qnMDAxN1fyPDTyCUuRjm7qneMy0FPHZ9voqgNHzG604S6+J4BD+isRDov/LCzDg 1zebaPPzsH40NWvSv7wbCLOZ4bJIY6Ze/+CtnFGH1g0swE4HpBdrLCnIp5wzeISl XwsQhrkMJ6rKVlnocQoy2tl941zu8e3ipKH7crzcTfpUE5/dY3vVr1RWb928Gfir Ijb1N4SIcF4NnCYePaPyfl4dzw0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRRCwZV sHzE7/wJYYl33noQByFGkTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM0MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qoMwDQYJKoZIhvcNAQELBQADggEBAKJPkQnoL6U/4KUggNsb6oXKQDmLZojZ6XuE 7oPOJ4amBlfxnJZcJIj8hqtuY8nLSAKybEe5VPR6myYZWjNXobP82/qFIK5ng5dG p4Bp6tqznpjoawg047WPGuYYEidK258Wj47FLV+Bn5wp1JPW8DuCKTTAzUp57aeg GnU21a9jEuDRwvZ6eSgrrNNvf5jdGHhB4nXFFZcDtyTlsequDCLUt5ldE3cg22Tm 4Ja+wvcx03ilU6X8ff0VnPRYs3RK5uNMbmNh6kqiwS71m0T/r0xHWnuo4FVVJlPL JrrcLVF2cXJqAjsnnN1yGAynZ6VpuSKFJeRNAK92lwYC0kdNHS4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:15 2026 by rpki-client