$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145443.roa File: AS145443.roa (raw, json) Hash identifier: ekWzyUXbHK8gJ4JrXp4Fjdcul7k0/Pas99ER7cRe2Qk= Subject key identifier: DA:EB:00:6D:CA:28:6B:2A:E5:34:1F:FF:C4:59:DC:83:0D:5C:6D:3E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 436C84D551D35A94B494D80D5B2B40DCC24A046B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145443.roa Signing time: Wed 04 Mar 2026 06:19:34 +0000 ROA not before: Wed 04 Mar 2026 06:14:34 +0000 ROA not after: Wed 03 Mar 2027 06:19:34 +0000 asID: 145443 IP address blocks: 240a:aae9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:6c:84:d5:51:d3:5a:94:b4:94:d8:0d:5b:2b:40:dc:c2:4a:04:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:34 2026 GMT Not After : Mar 3 06:19:34 2027 GMT Subject: CN=DAEB006DCA286B2AE5341FFFC459DC830D5C6D3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:be:33:ce:fe:49:f8:44:8f:57:ec:f2:ef:69: 22:40:a6:4d:1e:f8:bc:eb:f8:18:5a:49:be:0b:d6: 85:54:39:6c:19:e9:92:0a:29:68:10:ae:49:2a:0f: ca:37:f2:ad:ac:39:a9:96:f8:f9:d2:5b:bc:1a:49: 6e:5e:36:b3:6a:43:7e:fe:84:a9:80:0b:d9:0f:ce: 21:45:b3:51:a9:c8:33:bd:59:cd:e8:b4:2e:2c:61: 90:45:38:93:a6:f0:85:ac:27:28:bf:0d:ff:dd:fe: f4:c5:75:61:8e:de:fc:bc:bd:70:f8:60:80:13:16: 6a:1d:df:d4:9c:d2:57:e4:a9:a7:8e:23:a7:0b:b9: 0d:e4:f9:37:1f:69:d3:c0:ab:54:40:36:71:ff:12: de:a5:66:73:15:e5:5c:f8:56:e3:75:d4:5e:10:f2: d8:29:1a:05:8d:a4:dc:78:65:e9:f5:fb:82:b0:77: a4:21:07:1b:30:93:b9:ec:12:db:8a:f7:3a:35:94: 7a:d3:bc:7c:37:40:6f:55:3b:6e:3f:11:2d:3d:21: 96:1a:8b:c1:d7:0e:99:c0:70:ef:62:8b:d4:51:66: e5:fd:ec:ba:d3:f5:cf:97:89:e7:66:55:dd:c4:e8: d8:6b:79:74:1d:c5:e9:02:ee:68:5f:a2:1c:ed:74: a8:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:EB:00:6D:CA:28:6B:2A:E5:34:1F:FF:C4:59:DC:83:0D:5C:6D:3E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145443.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aae9::/32 Signature Algorithm: sha256WithRSAEncryption 7f:be:0e:2a:eb:d1:cb:e6:ac:96:5d:8e:8f:31:c9:58:1b:05: 1c:69:2a:d3:9e:c2:03:da:ee:a4:ca:23:e1:11:ef:29:ae:9e: 8b:58:b2:93:be:eb:c4:9d:0f:0f:8a:92:99:f2:69:96:68:07: 81:e5:dd:22:4d:8d:3c:ec:6c:e9:c3:09:0f:20:4d:c9:c4:47: e7:74:12:63:88:67:2e:a8:bf:1b:4a:e9:1f:b4:59:07:cf:e4: 7c:80:6e:e6:87:d1:c6:aa:b8:07:7f:19:00:ed:cc:4e:c2:c7: e8:82:1f:4a:e6:d0:c3:62:b2:41:81:52:8e:db:4d:f5:48:07: 4c:db:ab:a6:2c:dd:70:75:b4:7e:63:54:2b:ae:37:3e:27:73: 90:82:01:26:ed:63:e9:da:c9:a6:0e:6b:7a:a7:15:e5:56:25: a2:f4:e9:fc:40:b8:41:46:0b:c7:35:af:d5:d2:e6:69:19:98: 96:c1:fa:cc:d6:82:62:3a:80:6d:fd:8a:09:16:7a:bb:d4:97: 3f:eb:42:ee:76:6b:45:7e:76:d6:54:83:b0:14:5a:da:07:8a: f1:a7:20:71:c2:59:6b:82:fe:00:5a:56:2b:4e:7e:c6:45:19: 9c:1e:cf:67:42:d9:b6:87:a8:3b:53:a6:1e:33:ec:26:19:d8: bd:36:43:b6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQ2yE1VHTWpS0lNgNWytA3MJKBGswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzNFoX DTI3MDMwMzA2MTkzNFowMzExMC8GA1UEAxMoREFFQjAwNkRDQTI4NkIyQUU1MzQx RkZGQzQ1OURDODMwRDVDNkQzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKm+M87+SfhEj1fs8u9pIkCmTR74vOv4GFpJvgvWhVQ5bBnpkgopaBCuSSoP yjfyraw5qZb4+dJbvBpJbl42s2pDfv6EqYAL2Q/OIUWzUanIM71Zzei0LixhkEU4 k6bwhawnKL8N/93+9MV1YY7e/Ly9cPhggBMWah3f1JzSV+Spp44jpwu5DeT5Nx9p 08CrVEA2cf8S3qVmcxXlXPhW43XUXhDy2CkaBY2k3Hhl6fX7grB3pCEHGzCTuewS 24r3OjWUetO8fDdAb1U7bj8RLT0hlhqLwdcOmcBw72KL1FFm5f3sutP1z5eJ52ZV 3cTo2Gt5dB3F6QLuaF+iHO10qD0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTa6wBt yihrKuU0H//EWdyDDVxtPjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qukwDQYJKoZIhvcNAQELBQADggEBAH++Dirr0cvmrJZdjo8xyVgbBRxpKtOewgPa 7qTKI+ER7ymunotYspO+68SdDw+KkpnyaZZoB4Hl3SJNjTzsbOnDCQ8gTcnER+d0 EmOIZy6ovxtK6R+0WQfP5HyAbuaH0caquAd/GQDtzE7Cx+iCH0rm0MNiskGBUo7b TfVIB0zbq6Ys3XB1tH5jVCuuNz4nc5CCASbtY+nayaYOa3qnFeVWJaL06fxAuEFG C8c1r9XS5mkZmJbB+szWgmI6gG39igkWervUlz/rQu52a0V+dtZUg7AUWtoHivGn IHHCWWuC/gBaVitOfsZFGZwez2dC2baHqDtTph4z7CYZ2L02Q7Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:14 2026 by rpki-client