$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145543.roa File: AS145543.roa (raw, json) Hash identifier: 9i3OlRXox1f+G+HVMMu6NqgUKM3YjoApTojMX6EWjAI= Subject key identifier: 4D:8D:63:D3:85:31:1B:54:44:B6:4A:00:74:9F:97:68:04:D3:28:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 11EF3B7DBE0BC89E1613E1CA409B2BD3834D5D2C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145543.roa Signing time: Wed 04 Mar 2026 06:30:25 +0000 ROA not before: Wed 04 Mar 2026 06:25:25 +0000 ROA not after: Wed 03 Mar 2027 06:30:25 +0000 asID: 145543 IP address blocks: 240a:ab4d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:ef:3b:7d:be:0b:c8:9e:16:13:e1:ca:40:9b:2b:d3:83:4d:5d:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:25 2026 GMT Not After : Mar 3 06:30:25 2027 GMT Subject: CN=4D8D63D385311B5444B64A00749F976804D328E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c5:30:3d:22:93:bb:b3:fd:fc:35:7a:d7:c8: a9:b5:f5:b3:3c:81:75:a8:53:47:df:ce:fd:54:29: a5:4d:06:eb:67:3f:80:49:31:35:2a:fa:f3:4e:7d: 46:bf:2f:fb:4a:ab:04:97:ca:1f:16:2b:36:6c:9d: 2a:1e:7b:c3:85:a9:7e:d3:64:4c:6b:02:82:66:7a: 0e:a3:c9:8f:80:1b:a0:ac:08:5a:70:02:9e:dd:63: 1b:84:2f:26:d6:1b:fa:88:b2:63:c2:7d:34:2d:86: ba:a7:ab:12:9a:6b:05:78:03:96:d8:75:93:98:7f: 9a:18:86:04:50:0f:e1:fe:6b:0f:6e:83:9f:aa:ed: 89:f7:1a:b3:cb:ac:a2:9a:5c:c3:16:fd:4f:32:09: 3c:12:b4:9f:e4:d2:b8:a3:d6:de:a6:2c:32:24:6c: 5f:8a:d8:3a:c6:23:dd:35:cb:2a:da:bc:87:b9:f9: bd:53:47:41:c4:7d:ea:e1:4f:8f:8c:44:4e:c5:7b: 00:c8:c0:23:b2:56:a1:6f:5e:36:11:d4:64:78:ec: 16:de:2f:00:e2:ca:03:f1:77:96:38:17:46:6a:da: ef:2f:d2:6a:d6:de:1b:76:f8:44:a6:d1:4d:f4:c5: de:52:60:b4:ee:98:ea:41:d1:e9:66:8c:ae:be:cf: c8:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:8D:63:D3:85:31:1B:54:44:B6:4A:00:74:9F:97:68:04:D3:28:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145543.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab4d::/32 Signature Algorithm: sha256WithRSAEncryption c3:c9:4d:28:ea:9a:6a:84:e8:2d:4c:9d:78:6a:4b:5e:8d:05: 6c:1e:76:8b:26:62:b4:45:43:fc:c0:12:2d:62:26:32:73:f6: d8:30:c7:01:9e:45:fb:b3:73:2c:ef:c6:4e:81:30:48:0f:32: ab:77:82:34:bf:08:37:d0:c4:be:a0:74:8c:52:75:a4:e6:3d: 38:37:61:6f:bd:f9:92:ea:5d:94:28:08:3a:03:32:1d:e0:8d: 69:b2:2f:27:d5:74:ba:2e:4b:fc:e3:7f:a9:16:46:a9:27:47: ae:85:f1:b4:a3:d7:3a:7a:b7:a3:75:f4:ac:36:6b:0a:7d:7f: c1:14:62:9b:2e:9f:27:dc:82:b9:f3:bd:e2:88:c0:6e:77:d4: ad:ce:99:00:f3:d4:e0:e3:78:db:c0:e6:19:e6:37:c0:53:ab: 56:4d:0d:51:c5:16:8a:a5:fc:77:89:45:3d:91:37:36:6d:76: 54:d3:76:ec:f9:0c:49:8b:a5:65:be:06:3e:9b:20:72:9f:c6: 52:06:a7:28:9f:ea:c0:56:30:36:40:28:d4:53:1b:ef:e7:1e: 0e:f2:61:19:1d:74:38:ff:e3:8d:0f:57:69:0d:cb:fa:86:76: 4e:84:12:1a:72:23:2c:32:76:58:f8:78:cd:eb:8c:14:60:e6: fa:b6:c3:e9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEe87fb4LyJ4WE+HKQJsr04NNXSwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyNVoX DTI3MDMwMzA2MzAyNVowMzExMC8GA1UEAxMoNEQ4RDYzRDM4NTMxMUI1NDQ0QjY0 QTAwNzQ5Rjk3NjgwNEQzMjhFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfFMD0ik7uz/fw1etfIqbX1szyBdahTR9/O/VQppU0G62c/gEkxNSr68059 Rr8v+0qrBJfKHxYrNmydKh57w4WpftNkTGsCgmZ6DqPJj4AboKwIWnACnt1jG4Qv JtYb+oiyY8J9NC2GuqerEpprBXgDlth1k5h/mhiGBFAP4f5rD26Dn6rtifcas8us oppcwxb9TzIJPBK0n+TSuKPW3qYsMiRsX4rYOsYj3TXLKtq8h7n5vVNHQcR96uFP j4xETsV7AMjAI7JWoW9eNhHUZHjsFt4vAOLKA/F3ljgXRmra7y/SatbeG3b4RKbR TfTF3lJgtO6Y6kHR6WaMrr7PyI0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRNjWPT hTEbVES2SgB0n5doBNMo4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q00wDQYJKoZIhvcNAQELBQADggEBAMPJTSjqmmqE6C1MnXhqS16NBWwedosmYrRF Q/zAEi1iJjJz9tgwxwGeRfuzcyzvxk6BMEgPMqt3gjS/CDfQxL6gdIxSdaTmPTg3 YW+9+ZLqXZQoCDoDMh3gjWmyLyfVdLouS/zjf6kWRqknR66F8bSj1zp6t6N19Kw2 awp9f8EUYpsunyfcgrnzveKIwG531K3OmQDz1ODjeNvA5hnmN8BTq1ZNDVHFFoql /HeJRT2RNzZtdlTTduz5DEmLpWW+Bj6bIHKfxlIGpyif6sBWMDZAKNRTG+/nHg7y YRkddDj/440PV2kNy/qGdk6EEhpyIywydlj4eM3rjBRg5vq2w+k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:40 2026 by rpki-client