$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145353.roa File: AS145353.roa (raw, json) Hash identifier: c1dGS4qv0NVspNAcbyT6Vi5xr0/L6svOXEND/q/y8vg= Subject key identifier: 28:8C:81:17:6B:5A:A5:63:51:81:F5:77:4A:64:53:12:FD:6A:55:02 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7BE6B81EE4C73DD9510DF874BDD8B7A49E35EC3A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145353.roa Signing time: Wed 04 Mar 2026 06:20:01 +0000 ROA not before: Wed 04 Mar 2026 06:15:01 +0000 ROA not after: Wed 03 Mar 2027 06:20:01 +0000 asID: 145353 IP address blocks: 240a:aa8f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:e6:b8:1e:e4:c7:3d:d9:51:0d:f8:74:bd:d8:b7:a4:9e:35:ec:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:01 2026 GMT Not After : Mar 3 06:20:01 2027 GMT Subject: CN=288C81176B5AA5635181F5774A645312FD6A5502 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b1:3b:54:f4:b5:96:a4:57:b2:fa:8c:f0:28: 9f:34:b2:e0:3f:9b:ad:ca:50:4a:a3:5d:1d:02:9a: f3:04:dc:47:14:09:ed:1a:91:0d:a0:5b:56:93:ae: 74:10:72:ad:24:41:51:b3:f5:a0:c9:dd:e4:f4:d0: 50:73:e0:65:72:70:5e:e9:02:03:42:c2:01:30:e4: e3:ab:e1:b2:8d:33:07:f1:7f:29:0c:c3:a4:15:81: e8:5f:f6:2a:d0:87:6b:cc:8b:54:31:85:ec:4d:49: 9c:76:0c:bd:d4:c6:4b:34:d0:86:9a:b6:e1:1b:c1: 7d:50:73:49:de:84:2c:ac:d9:a5:d2:60:c6:5c:ba: 37:a4:02:f0:65:f8:30:a2:ed:df:11:82:62:a1:a6: 13:e8:98:45:ca:63:3e:1f:53:34:be:bb:5f:95:66: f2:6f:98:e4:d2:95:c0:84:29:8d:6e:78:ab:a0:4b: c5:eb:ef:0e:d6:44:e6:44:1f:4a:30:4b:18:ca:53: 9e:85:04:2c:e1:c6:ea:6c:da:91:46:6c:27:6f:13: ea:0c:c6:32:5f:d9:3a:f3:5d:d5:15:80:6e:e1:92: dd:a3:3a:be:3f:2f:76:78:49:02:09:1a:33:4d:83: 67:3a:5e:99:10:4c:7f:0e:28:d5:8c:d5:ef:01:e1: 12:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:8C:81:17:6B:5A:A5:63:51:81:F5:77:4A:64:53:12:FD:6A:55:02 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145353.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa8f::/32 Signature Algorithm: sha256WithRSAEncryption 45:ee:32:e5:13:03:6c:04:58:6b:a2:db:4a:83:3e:a3:30:ec: 13:c5:d8:3c:36:a5:cd:6d:66:79:a5:10:27:65:87:4f:e6:00: 2f:e2:30:26:e7:f1:2a:b8:4b:27:7c:da:52:c3:f3:37:b7:0f: 81:15:0b:fd:5b:bc:71:ad:fa:29:60:f6:b3:15:b2:88:d0:9d: 00:9d:77:67:ef:05:a1:81:2d:75:ce:7c:2e:ca:f5:dd:2b:ac: 0c:3d:8b:76:e0:79:89:17:36:99:de:19:3c:2e:2d:d1:2d:18: 12:5b:49:0e:7a:2b:5f:e3:21:15:a2:15:1a:d1:41:c6:d2:d9: 2b:e6:87:e1:d7:c3:7b:80:9b:b7:a2:9e:fe:d6:0d:cc:29:6a: 2b:2a:34:68:85:83:65:ed:0f:8b:c0:40:10:be:f2:48:bd:92: 78:14:1c:a6:3a:a2:92:a3:93:da:49:a5:25:d8:52:b2:94:b8: 50:d6:59:57:d9:b7:89:23:45:1a:4d:71:11:2c:a3:d4:c3:52: 32:ff:7f:7f:2d:28:28:2d:9b:5c:26:c7:75:81:92:0d:4f:02: 71:05:54:85:ac:c5:c1:c1:b8:4d:23:75:bb:96:28:6d:28:3e: 1c:0f:94:dc:f5:91:43:d3:d1:55:f4:1a:75:2e:04:8a:86:d2: 10:61:ed:88 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUe+a4HuTHPdlRDfh0vdi3pJ417DowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwMVoX DTI3MDMwMzA2MjAwMVowMzExMC8GA1UEAxMoMjg4QzgxMTc2QjVBQTU2MzUxODFG NTc3NEE2NDUzMTJGRDZBNTUwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSxO1T0tZakV7L6jPAonzSy4D+brcpQSqNdHQKa8wTcRxQJ7RqRDaBbVpOu dBByrSRBUbP1oMnd5PTQUHPgZXJwXukCA0LCATDk46vhso0zB/F/KQzDpBWB6F/2 KtCHa8yLVDGF7E1JnHYMvdTGSzTQhpq24RvBfVBzSd6ELKzZpdJgxly6N6QC8GX4 MKLt3xGCYqGmE+iYRcpjPh9TNL67X5Vm8m+Y5NKVwIQpjW54q6BLxevvDtZE5kQf SjBLGMpTnoUELOHG6mzakUZsJ28T6gzGMl/ZOvNd1RWAbuGS3aM6vj8vdnhJAgka M02DZzpemRBMfw4o1YzV7wHhEsECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQojIEX a1qlY1GB9XdKZFMS/WpVAjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qo8wDQYJKoZIhvcNAQELBQADggEBAEXuMuUTA2wEWGui20qDPqMw7BPF2Dw2pc1t ZnmlECdlh0/mAC/iMCbn8Sq4Syd82lLD8ze3D4EVC/1bvHGt+ilg9rMVsojQnQCd d2fvBaGBLXXOfC7K9d0rrAw9i3bgeYkXNpneGTwuLdEtGBJbSQ56K1/jIRWiFRrR QcbS2Svmh+HXw3uAm7einv7WDcwpaisqNGiFg2XtD4vAQBC+8ki9kngUHKY6opKj k9pJpSXYUrKUuFDWWVfZt4kjRRpNcREso9TDUjL/f38tKCgtm1wmx3WBkg1PAnEF VIWsxcHBuE0jdbuWKG0oPhwPlNz1kUPT0VX0GnUuBIqG0hBh7Yg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:53 2026 by rpki-client