$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145365.roa File: AS145365.roa (raw, json) Hash identifier: FSNRuI/n+NXtA69XFLAHE9olHXt0ZiL/BcRJs0GtxQ0= Subject key identifier: 7B:4E:7B:70:C2:27:B0:FD:18:27:62:F2:A4:36:09:D4:9F:0B:1C:B5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 606A6B06CE3CC098F34B60A5C490AA56FB808A19 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145365.roa Signing time: Wed 04 Mar 2026 06:20:45 +0000 ROA not before: Wed 04 Mar 2026 06:15:45 +0000 ROA not after: Wed 03 Mar 2027 06:20:45 +0000 asID: 145365 IP address blocks: 240a:aa9b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:6a:6b:06:ce:3c:c0:98:f3:4b:60:a5:c4:90:aa:56:fb:80:8a:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:45 2026 GMT Not After : Mar 3 06:20:45 2027 GMT Subject: CN=7B4E7B70C227B0FD182762F2A43609D49F0B1CB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:85:29:59:2b:12:6c:64:73:64:6b:9e:da:7b: fb:eb:53:ec:3f:82:3e:23:5c:c2:18:99:0b:fb:7d: d4:e6:7a:d4:41:9f:93:8b:d3:c5:2c:7f:ce:d3:a2: a5:ca:ce:cf:c5:7f:4d:44:40:1f:13:71:0d:e4:9d: c4:ea:ca:1b:46:e4:72:8b:7b:c0:a2:94:4a:bd:b1: d3:e4:71:63:14:ec:8b:b7:e3:bb:de:13:f5:a8:db: b4:cd:f3:35:a1:33:7e:5c:57:75:c5:5d:fa:80:3e: d8:19:74:ee:9e:a8:d4:00:39:34:91:42:93:40:71: f4:35:74:f2:5b:76:8d:84:30:a7:46:51:32:5e:a5: ff:65:9d:58:98:09:6e:d1:71:f4:e9:4c:b7:8c:76: 3d:85:b3:0c:e5:1f:ed:ee:b9:3b:8a:e4:cc:ee:de: ae:43:39:ff:c1:bd:a2:77:98:3e:c8:39:03:5a:92: 58:7a:23:6f:33:04:cf:e6:68:10:00:f6:8d:b6:87: a3:5b:2d:49:da:d8:e4:73:f8:dc:88:7f:b5:38:76: ff:5c:bd:77:d5:6a:8e:d6:aa:bf:44:95:e9:69:23: e8:bc:2b:cb:d9:6e:0d:b7:99:13:c9:e5:4c:18:b8: 20:a7:80:2a:49:72:1f:0d:b1:88:4e:fa:74:b4:7e: 11:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:4E:7B:70:C2:27:B0:FD:18:27:62:F2:A4:36:09:D4:9F:0B:1C:B5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145365.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa9b::/32 Signature Algorithm: sha256WithRSAEncryption 76:a8:28:89:f5:d0:66:ae:fe:4f:9a:d9:26:45:e6:46:e9:ab: 18:76:3d:89:b7:f8:36:78:f9:b0:42:59:ec:71:94:e9:1c:c9: b7:4a:75:6e:f1:92:a7:1a:1f:d5:b3:4c:85:42:53:63:18:9f: f6:8e:ae:78:06:f7:a8:9b:2f:31:7c:16:37:43:bc:b5:aa:95: 9c:fc:f2:b2:2f:9f:ab:72:d3:e3:cc:22:a9:78:e8:93:71:48: b5:b1:10:a9:4b:8c:5d:dc:71:5c:c2:26:95:23:88:4d:ea:be: 81:2f:3d:3d:f4:64:d5:0f:8a:6b:7b:d7:c7:96:0e:9a:b5:8b: d7:5e:8c:b6:69:95:af:68:b5:d8:92:8b:b6:27:06:2e:e9:09: 12:32:a3:36:e4:2f:7d:99:85:b3:47:f8:5d:7e:25:5a:8e:78: d7:74:c5:25:4c:0b:b1:df:2f:aa:f8:a3:68:40:d4:6e:07:35: 4f:c5:9a:98:7e:33:10:85:58:20:57:d4:33:64:8e:86:4a:43: 14:b2:3d:58:ac:53:09:b1:f2:d9:03:01:16:c0:10:02:88:a1: d8:df:bc:a4:ea:bf:54:a1:c8:22:30:33:e3:df:b7:f0:93:eb: 23:2c:0e:0a:c3:26:c2:81:0b:42:5a:22:ba:21:5e:4f:0f:d9: 1a:98:88:58 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYGprBs48wJjzS2ClxJCqVvuAihkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0NVoX DTI3MDMwMzA2MjA0NVowMzExMC8GA1UEAxMoN0I0RTdCNzBDMjI3QjBGRDE4Mjc2 MkYyQTQzNjA5RDQ5RjBCMUNCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMqFKVkrEmxkc2Rrntp7++tT7D+CPiNcwhiZC/t91OZ61EGfk4vTxSx/ztOi pcrOz8V/TURAHxNxDeSdxOrKG0bkcot7wKKUSr2x0+RxYxTsi7fju94T9ajbtM3z NaEzflxXdcVd+oA+2Bl07p6o1AA5NJFCk0Bx9DV08lt2jYQwp0ZRMl6l/2WdWJgJ btFx9OlMt4x2PYWzDOUf7e65O4rkzO7erkM5/8G9oneYPsg5A1qSWHojbzMEz+Zo EAD2jbaHo1stSdrY5HP43Ih/tTh2/1y9d9Vqjtaqv0SV6Wkj6Lwry9luDbeZE8nl TBi4IKeAKklyHw2xiE76dLR+EVcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR7Tntw wiew/RgnYvKkNgnUnwsctTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM2NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qpswDQYJKoZIhvcNAQELBQADggEBAHaoKIn10Gau/k+a2SZF5kbpqxh2PYm3+DZ4 +bBCWexxlOkcybdKdW7xkqcaH9WzTIVCU2MYn/aOrngG96ibLzF8FjdDvLWqlZz8 8rIvn6ty0+PMIql46JNxSLWxEKlLjF3ccVzCJpUjiE3qvoEvPT30ZNUPimt718eW Dpq1i9dejLZpla9otdiSi7YnBi7pCRIyozbkL32ZhbNH+F1+JVqOeNd0xSVMC7Hf L6r4o2hA1G4HNU/Fmph+MxCFWCBX1DNkjoZKQxSyPVisUwmx8tkDARbAEAKIodjf vKTqv1ShyCIwM+Pft/CT6yMsDgrDJsKBC0JaIrohXk8P2RqYiFg= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:36 2026 by rpki-client