$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145375.roa File: AS145375.roa (raw, json) Hash identifier: aFpjM0mnquu5FXgQvxLkzMW6bPkVDvyBS1qTtCLEZv4= Subject key identifier: E0:F3:E5:EE:C6:3D:57:7E:B5:EE:FA:C2:2F:23:91:6B:B2:E7:98:6C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6F60C0036A4E6E85B4B433AFB4E493386C542A39 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145375.roa Signing time: Wed 04 Mar 2026 06:21:11 +0000 ROA not before: Wed 04 Mar 2026 06:16:11 +0000 ROA not after: Wed 03 Mar 2027 06:21:11 +0000 asID: 145375 IP address blocks: 240a:aaa5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:60:c0:03:6a:4e:6e:85:b4:b4:33:af:b4:e4:93:38:6c:54:2a:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:11 2026 GMT Not After : Mar 3 06:21:11 2027 GMT Subject: CN=E0F3E5EEC63D577EB5EEFAC22F23916BB2E7986C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:58:a0:14:c0:86:63:fc:9e:12:69:0e:92:bd: f4:86:9e:2d:87:5b:e8:fc:a8:12:98:24:4c:a1:2f: 66:f4:bb:47:0a:ed:e3:84:87:72:e2:8e:71:34:5c: d1:f2:a2:5c:42:3a:9d:f3:12:c9:d7:44:24:9e:ff: ea:fe:ef:83:4f:86:d9:72:4d:ef:c1:5f:7c:84:a9: 4d:51:b6:58:e4:90:69:5d:02:98:5b:4a:6e:6e:3c: 91:8c:9f:e5:f3:3d:c9:b3:b6:6c:39:21:40:fe:78: 77:d7:d7:2e:7f:31:1e:26:59:2e:5a:5a:31:63:e4: 55:20:20:d3:e5:67:26:e8:ab:45:e6:45:46:7d:75: db:8b:67:69:1d:e3:96:9a:47:2a:8e:ec:da:d1:29: 8d:f6:8c:1f:6f:31:ff:a2:e2:dc:5e:5c:a8:7d:9c: 9d:03:fc:ce:b3:37:1c:11:a9:c5:9b:86:d9:cd:30: d2:62:16:06:81:d3:7f:06:c4:fe:1f:7e:c2:c4:ac: 9b:94:26:53:ee:6d:a0:6d:98:b8:dc:c2:73:4d:00: 75:21:34:d0:14:14:91:26:d4:1c:93:f3:e7:91:d8: 8a:9d:94:3c:d4:9a:a2:4c:ad:f2:66:ee:2e:97:87: 72:54:e1:4a:8d:cd:68:3a:c3:84:1c:82:b5:28:95: 6c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:F3:E5:EE:C6:3D:57:7E:B5:EE:FA:C2:2F:23:91:6B:B2:E7:98:6C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145375.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaa5::/32 Signature Algorithm: sha256WithRSAEncryption b9:06:33:ae:ca:86:de:50:53:0d:1a:40:e4:2a:55:21:fe:27: 78:34:25:04:92:7a:6c:41:0c:68:00:aa:24:8a:06:cf:21:7f: 2f:7b:84:ef:96:ec:33:3b:2a:1d:30:20:72:95:b7:cd:ca:e2: a7:79:af:b8:bc:40:8f:05:c9:05:d4:28:d3:f7:fe:41:08:97: 43:e4:cb:37:e5:d6:ce:e6:9a:89:59:7e:b5:bd:00:e5:e2:b2: d2:5d:f9:e3:b3:f8:35:b0:63:b2:48:a0:3b:a2:7c:e5:b2:b8: 7e:2a:a9:48:15:77:89:7a:21:45:ec:bd:68:39:13:f6:9d:14: 5e:f4:37:84:8d:f5:04:d8:7e:27:b0:eb:64:2f:d2:58:56:96: fe:32:87:95:4a:1d:6f:7a:75:87:a5:f9:c5:f4:a9:a0:19:6f: 3e:b7:26:db:34:44:47:d0:39:cc:ff:b0:6a:8d:b3:de:22:2b: 06:c3:1b:fa:1b:01:11:20:f5:f7:77:7b:01:7b:16:42:d2:82: bf:fa:04:1e:3c:5d:a2:cc:c6:02:d0:65:d1:c9:73:23:0e:b3: 76:d4:7d:41:44:1c:45:52:e5:ba:8f:af:0b:17:53:3d:1e:f6: 36:b2:7e:9f:d9:aa:ec:ad:bd:cc:da:ee:8f:e1:08:cd:d6:24: 37:21:40:21 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUb2DAA2pOboW0tDOvtOSTOGxUKjkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxMVoX DTI3MDMwMzA2MjExMVowMzExMC8GA1UEAxMoRTBGM0U1RUVDNjNENTc3RUI1RUVG QUMyMkYyMzkxNkJCMkU3OTg2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJxYoBTAhmP8nhJpDpK99IaeLYdb6PyoEpgkTKEvZvS7Rwrt44SHcuKOcTRc 0fKiXEI6nfMSyddEJJ7/6v7vg0+G2XJN78FffISpTVG2WOSQaV0CmFtKbm48kYyf 5fM9ybO2bDkhQP54d9fXLn8xHiZZLlpaMWPkVSAg0+VnJuirReZFRn1124tnaR3j lppHKo7s2tEpjfaMH28x/6Li3F5cqH2cnQP8zrM3HBGpxZuG2c0w0mIWBoHTfwbE /h9+wsSsm5QmU+5toG2YuNzCc00AdSE00BQUkSbUHJPz55HYip2UPNSaokyt8mbu LpeHclThSo3NaDrDhByCtSiVbCcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTg8+Xu xj1XfrXu+sIvI5FrsueYbDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qqUwDQYJKoZIhvcNAQELBQADggEBALkGM67Kht5QUw0aQOQqVSH+J3g0JQSSemxB DGgAqiSKBs8hfy97hO+W7DM7Kh0wIHKVt83K4qd5r7i8QI8FyQXUKNP3/kEIl0Pk yzfl1s7mmolZfrW9AOXistJd+eOz+DWwY7JIoDuifOWyuH4qqUgVd4l6IUXsvWg5 E/adFF70N4SN9QTYfiew62Qv0lhWlv4yh5VKHW96dYel+cX0qaAZbz63Jts0REfQ Ocz/sGqNs94iKwbDG/obAREg9fd3ewF7FkLSgr/6BB48XaLMxgLQZdHJcyMOs3bU fUFEHEVS5bqPrwsXUz0e9jayfp/Zquytvcza7o/hCM3WJDchQCE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:39 2026 by rpki-client