$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145525.roa File: AS145525.roa (raw, json) Hash identifier: UQ0y8DldAwyr103BDiCw1ZBE888p3M4FZwz3u8LNX50= Subject key identifier: 7D:A7:4E:E4:CB:18:68:A9:9D:8A:A4:33:B2:57:CE:08:68:14:58:E1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 18021044581A3565F5AD00629E082DA7CA3A689B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145525.roa Signing time: Wed 04 Mar 2026 06:29:57 +0000 ROA not before: Wed 04 Mar 2026 06:24:57 +0000 ROA not after: Wed 03 Mar 2027 06:29:57 +0000 asID: 145525 IP address blocks: 240a:ab3b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:02:10:44:58:1a:35:65:f5:ad:00:62:9e:08:2d:a7:ca:3a:68:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:57 2026 GMT Not After : Mar 3 06:29:57 2027 GMT Subject: CN=7DA74EE4CB1868A99D8AA433B257CE08681458E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:14:0e:2a:56:4d:41:e7:b0:28:71:f5:19:30: bd:52:21:0f:88:e1:fe:98:3c:61:71:ed:20:bb:ba: 43:c6:94:49:3f:dd:4e:3e:e9:8c:4d:e8:68:86:60: 4f:94:62:dc:50:f3:a3:af:75:a5:a7:48:ea:0b:e9: 5b:20:7e:4e:b5:11:c1:88:ff:b8:ca:26:25:2e:02: 39:03:3f:a8:aa:a8:fe:17:ba:a9:7f:7f:1c:99:05: 77:3c:a8:e8:f0:d7:f9:30:9d:ab:2b:ca:40:ee:d3: 9c:be:03:1f:74:2f:89:5e:d8:ce:0b:d3:f2:0d:86: fe:16:0f:48:b8:88:e7:4c:3b:f6:33:05:d4:e5:2f: 6f:10:3c:1e:53:a4:3d:5e:c0:4f:f4:c5:02:be:8d: cc:b0:b9:4c:55:d1:60:dd:99:b1:4d:d6:ad:17:58: c9:19:59:9b:d2:22:33:c2:91:ed:9d:03:9b:26:8b: 41:d6:90:c6:b4:c3:1f:7f:42:5b:e9:ed:c3:5c:68: 10:31:fd:47:3f:26:82:f1:e6:a7:50:20:0f:66:3f: 82:4b:e7:a4:ca:c8:57:fc:3b:d3:1d:db:2f:a6:a2: 2b:c5:c0:97:42:f7:b4:2f:d8:95:77:50:1d:4a:b0: 8c:bf:59:5d:da:ad:9e:06:17:d0:2b:03:96:2d:f0: be:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:A7:4E:E4:CB:18:68:A9:9D:8A:A4:33:B2:57:CE:08:68:14:58:E1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145525.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab3b::/32 Signature Algorithm: sha256WithRSAEncryption 28:de:11:79:4d:95:c3:e5:b4:c9:ea:95:d8:5c:29:d1:f7:28: 9c:48:ba:8e:d9:88:5f:f0:66:b9:4f:b5:53:a0:40:f6:67:75: 16:64:6b:40:69:ab:2d:86:39:21:ca:6f:95:3a:e7:a8:39:c3: 9a:74:1a:d4:39:b7:71:33:d8:6a:c9:ba:59:7f:ce:cd:6c:51: 08:e2:99:27:12:98:03:70:29:f9:b8:a4:bc:2d:09:71:5e:fe: a5:ec:b0:45:f3:90:10:7a:42:3c:1f:ef:f6:62:ea:1b:c4:7e: 8c:cd:1c:67:ff:19:2e:a1:66:d7:e1:5c:fb:e7:5e:c9:29:00: de:33:62:51:28:9a:cb:29:ef:45:ab:a0:9c:ec:a9:d9:6b:99: 84:b4:b0:f1:98:f6:e6:7c:db:ce:1c:93:dd:fc:c3:86:4e:30: 98:f9:ce:21:81:31:65:fa:28:f1:4c:29:6b:d6:e5:b0:20:6b: c1:76:3c:c2:59:98:21:58:ce:43:09:35:6b:b9:4d:41:ae:5f: 23:a2:76:d8:e6:bc:ef:47:bb:d8:cc:6e:a8:2b:1b:23:2f:a4: af:68:1c:6e:9b:50:59:63:d5:87:2d:3c:7b:e7:c3:d6:23:97: 72:d8:b1:d3:e3:bd:8d:af:97:3c:12:32:bf:3a:2a:e1:a6:8d: 07:07:a0:1d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGAIQRFgaNWX1rQBinggtp8o6aJswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1N1oX DTI3MDMwMzA2Mjk1N1owMzExMC8GA1UEAxMoN0RBNzRFRTRDQjE4NjhBOTlEOEFB NDMzQjI1N0NFMDg2ODE0NThFMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIoUDipWTUHnsChx9RkwvVIhD4jh/pg8YXHtILu6Q8aUST/dTj7pjE3oaIZg T5Ri3FDzo691padI6gvpWyB+TrURwYj/uMomJS4COQM/qKqo/he6qX9/HJkFdzyo 6PDX+TCdqyvKQO7TnL4DH3QviV7YzgvT8g2G/hYPSLiI50w79jMF1OUvbxA8HlOk PV7AT/TFAr6NzLC5TFXRYN2ZsU3WrRdYyRlZm9IiM8KR7Z0DmyaLQdaQxrTDH39C W+ntw1xoEDH9Rz8mgvHmp1AgD2Y/gkvnpMrIV/w70x3bL6aiK8XAl0L3tC/YlXdQ HUqwjL9ZXdqtngYX0CsDli3wvlECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR9p07k yxhoqZ2KpDOyV84IaBRY4TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTUyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qzswDQYJKoZIhvcNAQELBQADggEBACjeEXlNlcPltMnqldhcKdH3KJxIuo7ZiF/w ZrlPtVOgQPZndRZka0Bpqy2GOSHKb5U656g5w5p0GtQ5t3Ez2GrJull/zs1sUQji mScSmANwKfm4pLwtCXFe/qXssEXzkBB6Qjwf7/Zi6hvEfozNHGf/GS6hZtfhXPvn XskpAN4zYlEomssp70WroJzsqdlrmYS0sPGY9uZ8284ck938w4ZOMJj5ziGBMWX6 KPFMKWvW5bAga8F2PMJZmCFYzkMJNWu5TUGuXyOidtjmvO9Hu9jMbqgrGyMvpK9o HG6bUFlj1YctPHvnw9Yjl3LYsdPjvY2vlzwSMr86KuGmjQcHoB0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:49 2026 by rpki-client