$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145360.roa File: AS145360.roa (raw, json) Hash identifier: HGrVI8vmh2YBVjnAzaBXznSXlNuBI42xbqbg8FIvnbs= Subject key identifier: 65:43:B4:B4:46:6F:C5:69:46:C3:47:ED:B2:A7:D3:7D:0A:69:DB:C9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5DA6FB798EDB4AD02497531046FA315EAF2EF132 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145360.roa Signing time: Wed 04 Mar 2026 06:22:13 +0000 ROA not before: Wed 04 Mar 2026 06:17:13 +0000 ROA not after: Wed 03 Mar 2027 06:22:13 +0000 asID: 145360 IP address blocks: 240a:aa96::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:a6:fb:79:8e:db:4a:d0:24:97:53:10:46:fa:31:5e:af:2e:f1:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:13 2026 GMT Not After : Mar 3 06:22:13 2027 GMT Subject: CN=6543B4B4466FC56946C347EDB2A7D37D0A69DBC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:24:fb:4a:c2:70:d8:86:c7:8f:23:91:c5:2b: 6e:d8:31:ba:da:b3:10:dc:c0:b9:97:6d:95:b8:20: 75:ba:f5:0c:5e:4d:4a:13:e5:e4:e6:9a:3d:cb:5c: 76:30:ce:16:b3:c2:f8:59:c1:82:16:ad:2d:7a:52: b6:7f:47:34:a1:5e:37:6a:dc:f1:b1:06:7a:1f:29: 98:5c:cc:48:fd:c5:84:71:b3:85:d2:64:86:25:e4: 59:8b:2d:ff:ac:8e:9f:24:99:8b:ac:65:35:4f:f7: f9:9a:a7:c5:0c:dd:06:c5:7d:24:82:c1:50:29:41: 71:b9:8a:07:89:7f:4a:81:d8:81:f0:7c:b6:aa:33: 37:e1:2b:b5:6d:11:ea:4d:77:ed:0c:fe:e9:07:ed: 76:7f:c0:8c:b6:b2:a0:2b:a9:8f:8f:97:d1:72:2a: 2d:4b:e1:73:37:07:d9:db:a8:b4:cd:ec:9c:f6:53: bf:89:1c:1f:a7:c5:96:bc:62:a5:f6:0f:b8:94:11: d9:00:52:de:93:fe:ee:61:e8:e2:88:62:75:97:48: 55:29:50:f0:69:99:d8:5c:91:09:ec:8a:ad:35:41: 0a:cd:36:8e:e5:09:a3:ad:de:39:05:a5:ec:d2:44: bc:6e:4f:d5:fa:d8:14:5d:fa:f8:0b:a3:fb:3a:aa: 0c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:43:B4:B4:46:6F:C5:69:46:C3:47:ED:B2:A7:D3:7D:0A:69:DB:C9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145360.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa96::/32 Signature Algorithm: sha256WithRSAEncryption 64:9d:89:55:c7:1e:77:76:50:32:93:d5:32:86:d0:1c:9e:e9: 58:4b:00:4b:47:8c:e1:ce:4d:55:50:f2:f5:68:0c:21:bb:8e: bd:30:ed:3d:0a:eb:b6:1b:32:55:5c:d4:33:b0:84:62:26:6f: ea:88:09:10:13:e5:bf:3e:d2:0a:a9:93:03:46:ba:fe:16:ca: 43:f2:bc:91:9e:54:c7:1d:43:93:cc:a6:bc:34:38:34:f9:26: 30:9c:d0:e7:4c:7b:c0:f2:b2:d5:99:00:5a:a9:4f:39:63:b8: fa:de:5c:cf:cf:96:1c:c9:08:0f:bb:bd:58:e0:37:f8:a7:1e: 4d:e2:0d:34:a7:58:b0:e5:0e:6f:fa:95:5a:36:1c:36:07:9d: eb:62:c9:6d:29:df:eb:24:c8:eb:d8:5f:ac:35:50:03:25:84: 56:ad:05:13:35:cf:60:4c:04:e9:92:b5:b8:0e:5f:ca:d2:bd: 66:19:f6:23:5e:bf:79:a1:f9:13:b9:74:67:07:c2:be:dd:64: e1:16:60:2a:96:e9:5c:63:86:ef:3d:a7:0d:0e:73:1a:ab:ad: 94:ec:91:5d:b7:d0:04:c3:dc:44:c9:84:7c:8b:55:e8:8b:23: 39:7a:12:7b:bd:16:32:e5:53:5d:96:35:f8:e0:34:bd:35:d2: 73:9a:35:3f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXab7eY7bStAkl1MQRvoxXq8u8TIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxM1oX DTI3MDMwMzA2MjIxM1owMzExMC8GA1UEAxMoNjU0M0I0QjQ0NjZGQzU2OTQ2QzM0 N0VEQjJBN0QzN0QwQTY5REJDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwk+0rCcNiGx48jkcUrbtgxutqzENzAuZdtlbggdbr1DF5NShPl5OaaPctc djDOFrPC+FnBghatLXpStn9HNKFeN2rc8bEGeh8pmFzMSP3FhHGzhdJkhiXkWYst /6yOnySZi6xlNU/3+ZqnxQzdBsV9JILBUClBcbmKB4l/SoHYgfB8tqozN+ErtW0R 6k137Qz+6Qftdn/AjLayoCupj4+X0XIqLUvhczcH2duotM3snPZTv4kcH6fFlrxi pfYPuJQR2QBS3pP+7mHo4ohidZdIVSlQ8GmZ2FyRCeyKrTVBCs02juUJo63eOQWl 7NJEvG5P1frYFF36+Auj+zqqDDUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRlQ7S0 Rm/FaUbDR+2yp9N9CmnbyTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qpYwDQYJKoZIhvcNAQELBQADggEBAGSdiVXHHnd2UDKT1TKG0Bye6VhLAEtHjOHO TVVQ8vVoDCG7jr0w7T0K67YbMlVc1DOwhGImb+qICRAT5b8+0gqpkwNGuv4WykPy vJGeVMcdQ5PMprw0ODT5JjCc0OdMe8DystWZAFqpTzljuPreXM/PlhzJCA+7vVjg N/inHk3iDTSnWLDlDm/6lVo2HDYHnetiyW0p3+skyOvYX6w1UAMlhFatBRM1z2BM BOmStbgOX8rSvWYZ9iNev3mh+RO5dGcHwr7dZOEWYCqW6Vxjhu89pw0OcxqrrZTs kV230ATD3ETJhHyLVeiLIzl6Enu9FjLlU12WNfjgNL010nOaNT8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:56 2026 by rpki-client