$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145448.roa File: AS145448.roa (raw, json) Hash identifier: k/+C7wsu2bzegCY0zo4JY3qcj5h4GuYC/vqAPNSuz3o= Subject key identifier: 41:76:79:0C:E5:E7:0E:89:C9:6C:ED:AA:9B:F5:AA:86:6B:E4:A6:67 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2D7F2A0205A986C2E6FE4FE7FFC61F649E0C2E54 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145448.roa Signing time: Wed 04 Mar 2026 06:22:01 +0000 ROA not before: Wed 04 Mar 2026 06:17:01 +0000 ROA not after: Wed 03 Mar 2027 06:22:01 +0000 asID: 145448 IP address blocks: 240a:aaee::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:7f:2a:02:05:a9:86:c2:e6:fe:4f:e7:ff:c6:1f:64:9e:0c:2e:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:01 2026 GMT Not After : Mar 3 06:22:01 2027 GMT Subject: CN=4176790CE5E70E89C96CEDAA9BF5AA866BE4A667 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4c:44:f3:e0:cc:77:dc:37:6a:46:43:2a:32: b3:ee:1a:f8:bb:a1:9f:f0:2b:8a:83:96:d7:f4:f2: 3e:3f:62:fd:43:38:27:a1:f8:02:9b:d8:23:8a:9c: 19:3d:49:f1:93:11:01:38:79:8e:a3:49:a6:75:4c: 4b:a8:e1:e7:84:ec:35:5c:83:1f:2f:4f:e7:eb:3c: 37:e2:fb:27:06:c5:12:8b:13:32:cc:93:49:9f:c1: 24:e0:16:69:79:05:df:88:22:4f:db:15:16:ee:6a: 43:dc:ef:e4:43:46:d4:69:47:af:e4:9c:ab:82:df: da:a9:a8:42:5a:bb:b4:ce:30:7e:35:03:3c:ef:1b: 92:68:ce:3c:48:b0:25:49:f1:e1:26:85:fc:25:70: cd:2d:50:59:75:b7:4e:6c:0e:4a:32:e9:72:fc:c7: 60:78:43:72:9a:3c:59:7d:82:70:7a:d0:b9:05:1d: d6:c7:30:8e:d7:e2:cf:57:d4:8b:e3:e9:54:f2:7f: 95:6e:37:49:3b:3b:fc:63:20:eb:53:ed:78:82:03: f5:2f:30:9a:62:f2:f4:88:82:9c:0d:1c:0b:2a:0d: e0:0b:52:2f:59:f9:2a:b2:28:7c:a7:9d:64:da:c7: e0:40:e0:c4:86:a4:86:2c:e7:5f:2d:73:4a:d9:af: f0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:76:79:0C:E5:E7:0E:89:C9:6C:ED:AA:9B:F5:AA:86:6B:E4:A6:67 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145448.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaee::/32 Signature Algorithm: sha256WithRSAEncryption cd:56:4c:f5:23:b8:f8:43:33:9c:92:7f:f7:ad:44:69:99:8a: e3:d7:db:15:2f:b8:98:de:a7:6c:e0:bd:de:14:76:85:ce:60: 0c:de:25:4f:5b:6a:45:df:5b:0e:62:27:a2:11:aa:fc:4d:f6: 9d:35:fa:cc:e2:0c:d0:cf:58:a4:68:89:a0:5c:1e:b2:a3:36: 00:da:c4:67:ff:61:5b:24:f1:61:c6:98:91:21:c8:5b:3e:44: 4c:23:84:a8:b4:c0:d0:5e:45:89:8d:15:dd:5b:fb:94:b4:ec: eb:d2:70:02:3b:cc:77:5c:aa:eb:80:a0:d7:ff:67:43:77:b1: a9:ad:4f:2d:20:2e:cd:33:08:ab:96:54:58:8a:94:4d:6d:e2: b7:90:fa:63:b1:b9:49:ad:99:b9:d3:f0:02:2b:68:8b:6d:26: ad:00:6f:a1:d8:01:1b:8a:ca:5a:2a:7f:b1:db:c7:81:bf:93: 8c:de:52:6d:71:b9:39:40:3d:84:0f:31:8e:37:b9:25:65:f9: 07:af:46:4e:c3:c9:b6:81:3d:d0:c1:af:56:05:f0:90:ce:85: fa:5e:1d:7d:91:32:73:a0:d1:54:f2:5e:dc:55:eb:82:68:fc: 02:49:ab:f9:8b:0a:bf:7b:85:7d:97:61:41:08:02:27:52:62: 5e:34:10:70 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULX8qAgWphsLm/k/n/8YfZJ4MLlQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwMVoX DTI3MDMwMzA2MjIwMVowMzExMC8GA1UEAxMoNDE3Njc5MENFNUU3MEU4OUM5NkNF REFBOUJGNUFBODY2QkU0QTY2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpMRPPgzHfcN2pGQyoys+4a+Luhn/ArioOW1/TyPj9i/UM4J6H4ApvYI4qc GT1J8ZMRATh5jqNJpnVMS6jh54TsNVyDHy9P5+s8N+L7JwbFEosTMsyTSZ/BJOAW aXkF34giT9sVFu5qQ9zv5ENG1GlHr+Scq4Lf2qmoQlq7tM4wfjUDPO8bkmjOPEiw JUnx4SaF/CVwzS1QWXW3TmwOSjLpcvzHYHhDcpo8WX2CcHrQuQUd1scwjtfiz1fU i+PpVPJ/lW43STs7/GMg61PteIID9S8wmmLy9IiCnA0cCyoN4AtSL1n5KrIofKed ZNrH4EDgxIakhiznXy1zStmv8NcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRBdnkM 5ecOicls7aqb9aqGa+SmZzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ0OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qu4wDQYJKoZIhvcNAQELBQADggEBAM1WTPUjuPhDM5ySf/etRGmZiuPX2xUvuJje p2zgvd4UdoXOYAzeJU9bakXfWw5iJ6IRqvxN9p01+sziDNDPWKRoiaBcHrKjNgDa xGf/YVsk8WHGmJEhyFs+REwjhKi0wNBeRYmNFd1b+5S07OvScAI7zHdcquuAoNf/ Z0N3samtTy0gLs0zCKuWVFiKlE1t4reQ+mOxuUmtmbnT8AIraIttJq0Ab6HYARuK yloqf7Hbx4G/k4zeUm1xuTlAPYQPMY43uSVl+QevRk7DybaBPdDBr1YF8JDOhfpe HX2RMnOg0VTyXtxV64Jo/AJJq/mLCr97hX2XYUEIAidSYl40EHA= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:11 2026 by rpki-client