$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145457.roa File: AS145457.roa (raw, json) Hash identifier: Ko2S3iRHRDEJzmYGThVV16mRH4CagEjDJzGwPfCLia4= Subject key identifier: 21:AB:CB:5E:A8:FC:E6:7F:66:3B:9C:55:0C:B2:0E:70:FD:4A:8D:D0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 40EA2C524D6AABE66F10202F97264C011CEE78D6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145457.roa Signing time: Wed 04 Mar 2026 06:21:25 +0000 ROA not before: Wed 04 Mar 2026 06:16:25 +0000 ROA not after: Wed 03 Mar 2027 06:21:25 +0000 asID: 145457 IP address blocks: 240a:aaf7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:ea:2c:52:4d:6a:ab:e6:6f:10:20:2f:97:26:4c:01:1c:ee:78:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:25 2026 GMT Not After : Mar 3 06:21:25 2027 GMT Subject: CN=21ABCB5EA8FCE67F663B9C550CB20E70FD4A8DD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:1c:21:9e:fa:88:8b:e7:e5:2f:83:3e:29:5a: fe:8a:5d:4f:e8:ab:c7:f8:ce:1e:6c:b7:43:fc:68: 1f:ba:ee:e4:16:85:3a:83:43:50:cd:93:d9:09:5a: ae:7c:96:79:f3:e1:58:32:46:ee:df:63:7e:c3:cd: 9d:36:33:e3:66:1b:c1:41:cb:44:e9:e9:fe:65:0b: f8:fd:06:7d:e6:21:1a:9e:4e:1b:14:48:02:f9:fc: 02:64:5f:71:d8:cd:5d:da:b3:c6:56:d8:a5:65:57: ff:c7:2d:08:09:e6:0c:b0:e3:40:b5:b2:2e:0f:e9: e4:fd:e1:7e:82:78:1f:a8:02:ef:fc:48:e8:fe:47: ac:79:5b:c0:bc:0d:bc:d2:ec:fe:8e:d0:93:dd:67: 99:9f:b7:b4:d1:79:10:92:a7:02:29:2d:01:3a:24: ed:48:94:92:fe:7c:45:4d:04:b1:90:5e:8a:b8:94: 57:90:28:c5:7f:49:4c:5a:62:cb:bc:1d:2e:22:22: ae:ed:00:8a:3a:c8:4c:61:d7:a1:27:69:64:69:2e: 16:bb:23:b0:41:1b:79:35:09:9a:c3:37:7b:17:79: de:53:77:c8:d1:eb:17:5c:e5:da:00:86:67:9f:15: 70:91:07:50:f7:c7:ac:12:74:de:4d:d3:f5:ac:f1: ac:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:AB:CB:5E:A8:FC:E6:7F:66:3B:9C:55:0C:B2:0E:70:FD:4A:8D:D0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145457.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaf7::/32 Signature Algorithm: sha256WithRSAEncryption 7b:7a:99:28:fc:98:53:8a:b7:4a:dc:cd:92:9f:f4:eb:c5:02: 4f:a8:d4:d5:75:ba:48:58:47:6b:4d:00:a4:c1:26:c2:55:88: a9:0d:cc:e6:22:c2:0e:f6:5d:7a:78:1f:2f:b9:cf:b2:2e:4c: 4f:03:a6:46:d3:91:77:f0:66:97:5f:dc:b6:14:aa:3b:79:43: e6:54:5b:eb:d5:3f:14:d4:fd:ea:bb:0d:b9:04:04:6a:24:75: a1:87:a2:d4:e3:c0:38:49:7a:97:53:6a:9f:5f:4d:f1:a6:52: ec:54:83:ac:97:df:94:8a:e9:02:39:a6:e3:83:cf:c4:95:07: b4:9b:01:6b:1a:c0:c8:7e:06:7d:88:b9:d8:73:a0:72:ae:2e: 5e:11:3f:ba:92:ea:80:6b:0a:11:59:3b:74:33:8c:05:91:07: 8e:3a:8f:da:e6:a1:d1:bf:80:8a:38:07:e2:03:0a:2c:21:38: 75:b7:ef:cf:67:32:0b:cb:22:46:95:97:72:51:34:ea:0d:f8: 36:3a:29:d0:ee:84:cd:a1:df:51:25:08:64:fb:51:af:59:81: 5a:8b:73:fc:51:f8:19:0f:ce:43:06:68:98:d1:95:2e:21:91: 18:ff:dc:9d:f6:82:0e:37:2d:40:cf:61:d9:e0:2c:91:f7:f4: 3f:49:26:77 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQOosUk1qq+ZvECAvlyZMARzueNYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyNVoX DTI3MDMwMzA2MjEyNVowMzExMC8GA1UEAxMoMjFBQkNCNUVBOEZDRTY3RjY2M0I5 QzU1MENCMjBFNzBGRDRBOEREMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIcIZ76iIvn5S+DPila/opdT+irx/jOHmy3Q/xoH7ru5BaFOoNDUM2T2Qla rnyWefPhWDJG7t9jfsPNnTYz42YbwUHLROnp/mUL+P0GfeYhGp5OGxRIAvn8AmRf cdjNXdqzxlbYpWVX/8ctCAnmDLDjQLWyLg/p5P3hfoJ4H6gC7/xI6P5HrHlbwLwN vNLs/o7Qk91nmZ+3tNF5EJKnAiktATok7UiUkv58RU0EsZBeiriUV5AoxX9JTFpi y7wdLiIiru0AijrITGHXoSdpZGkuFrsjsEEbeTUJmsM3exd53lN3yNHrF1zl2gCG Z58VcJEHUPfHrBJ03k3T9azxrIcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQhq8te qPzmf2Y7nFUMsg5w/UqN0DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qvcwDQYJKoZIhvcNAQELBQADggEBAHt6mSj8mFOKt0rczZKf9OvFAk+o1NV1ukhY R2tNAKTBJsJViKkNzOYiwg72XXp4Hy+5z7IuTE8DpkbTkXfwZpdf3LYUqjt5Q+ZU W+vVPxTU/eq7DbkEBGokdaGHotTjwDhJepdTap9fTfGmUuxUg6yX35SK6QI5puOD z8SVB7SbAWsawMh+Bn2IudhzoHKuLl4RP7qS6oBrChFZO3QzjAWRB446j9rmodG/ gIo4B+IDCiwhOHW3789nMgvLIkaVl3JRNOoN+DY6KdDuhM2h31ElCGT7Ua9ZgVqL c/xR+BkPzkMGaJjRlS4hkRj/3J32gg43LUDPYdngLJH39D9JJnc= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:02 2026 by rpki-client