$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145570.roa File: AS145570.roa (raw, json) Hash identifier: lMNrIvnABkm4LAhchNJP23yHniby+EJpeQN0iLTPnl0= Subject key identifier: 54:D3:8E:81:A8:78:25:76:A7:E8:74:A9:A8:6E:BD:B6:3D:32:FF:C0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1C0F92635E743ED91496B9EDE6F46117102F8D0A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145570.roa Signing time: Wed 04 Mar 2026 06:29:47 +0000 ROA not before: Wed 04 Mar 2026 06:24:47 +0000 ROA not after: Wed 03 Mar 2027 06:29:47 +0000 asID: 145570 IP address blocks: 240a:ab68::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:0f:92:63:5e:74:3e:d9:14:96:b9:ed:e6:f4:61:17:10:2f:8d:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:47 2026 GMT Not After : Mar 3 06:29:47 2027 GMT Subject: CN=54D38E81A8782576A7E874A9A86EBDB63D32FFC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:df:34:3a:f8:67:a5:d8:85:4a:53:cb:43:50: 53:ee:52:1e:47:2f:f8:88:6e:cb:83:22:1e:86:56: 90:0e:8a:c2:6f:d2:35:b1:12:4e:37:6c:0c:8b:e3: 6c:65:c0:cd:12:f7:40:91:5d:9d:fb:5a:d5:4e:e6: e1:52:ca:a2:c8:e7:56:4f:14:85:fa:36:35:cf:80: 92:2d:1e:fe:bc:b5:c4:39:aa:18:6a:7b:60:19:44: f2:38:b7:d4:68:95:d8:fa:fb:d8:c7:dd:44:33:35: 65:3c:96:a9:6c:68:62:9c:f3:3d:db:bc:20:43:78: e9:45:b9:b1:4e:31:30:5b:c4:ee:58:a3:54:9f:96: c9:63:81:fe:66:78:9d:13:24:99:cb:99:b2:6a:2a: 6e:29:f2:d7:92:0b:d5:3d:95:ec:84:a3:a0:4f:d0: 7e:a9:12:28:91:67:a0:ad:74:d6:78:bb:0a:e5:ad: db:e4:f9:33:0f:3e:ee:f2:ff:af:3f:4e:bc:19:8d: 33:fa:f5:99:5e:df:5b:2b:82:d6:9a:7e:79:3c:bc: 3f:a0:6a:b2:57:c6:a8:f2:a9:26:94:1a:a0:d4:37: e7:fe:6c:99:af:1e:50:8b:d5:fe:b3:72:22:1d:ea: 82:57:d4:7c:a0:05:73:ad:57:80:4f:eb:21:4a:ad: 6b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:D3:8E:81:A8:78:25:76:A7:E8:74:A9:A8:6E:BD:B6:3D:32:FF:C0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145570.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab68::/32 Signature Algorithm: sha256WithRSAEncryption 6d:95:56:86:0d:33:a0:bf:5a:8d:8c:ff:5a:a6:e6:60:f9:ee: 93:50:df:67:33:0f:c4:ab:49:4f:93:55:6d:ef:8e:6c:50:df: 5a:15:d6:df:05:60:22:d3:79:24:99:19:e1:9d:fa:04:7e:47: 4c:f5:dc:d3:a4:4b:2d:d0:ff:22:07:a7:08:f2:13:24:e8:61: 71:85:f7:72:2d:be:02:b3:0e:77:52:6c:5a:76:4f:29:5c:56: 2d:be:99:de:1a:e5:4a:c0:2c:a5:03:1c:99:c7:c2:b2:37:71: cd:94:c2:bd:93:5f:f7:51:b8:6d:d9:61:dc:30:09:cf:c5:a5: ca:f0:1f:78:87:d5:bf:53:f6:c9:2e:29:fc:05:4f:33:79:08: e2:28:7b:43:b8:b1:ca:9f:04:02:dc:51:e4:15:fb:37:64:1c: 23:9e:6f:d8:f3:70:6b:4a:bd:67:32:b0:3e:25:ab:9c:a4:5b: 29:31:10:31:60:a4:b6:e4:e7:47:17:ce:56:5d:e6:38:fa:38: d2:53:7e:8e:8f:d6:23:dd:91:bd:4c:8c:b7:73:59:64:d5:fe: b9:65:b2:e5:4f:40:7b:f0:28:b1:b7:0c:a0:d9:cc:46:2a:64: 68:cb:d1:1a:18:7a:68:a7:d7:44:e2:15:fe:c9:10:e8:55:94: 6a:00:fe:b2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHA+SY150PtkUlrnt5vRhFxAvjQowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0N1oX DTI3MDMwMzA2Mjk0N1owMzExMC8GA1UEAxMoNTREMzhFODFBODc4MjU3NkE3RTg3 NEE5QTg2RUJEQjYzRDMyRkZDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIrfNDr4Z6XYhUpTy0NQU+5SHkcv+Ihuy4MiHoZWkA6Kwm/SNbESTjdsDIvj bGXAzRL3QJFdnfta1U7m4VLKosjnVk8Uhfo2Nc+Aki0e/ry1xDmqGGp7YBlE8ji3 1GiV2Pr72MfdRDM1ZTyWqWxoYpzzPdu8IEN46UW5sU4xMFvE7lijVJ+WyWOB/mZ4 nRMkmcuZsmoqbiny15IL1T2V7ISjoE/QfqkSKJFnoK101ni7CuWt2+T5Mw8+7vL/ rz9OvBmNM/r1mV7fWyuC1pp+eTy8P6BqslfGqPKpJpQaoNQ35/5sma8eUIvV/rNy Ih3qglfUfKAFc61XgE/rIUqta4cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRU046B qHgldqfodKmobr22PTL/wDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q2gwDQYJKoZIhvcNAQELBQADggEBAG2VVoYNM6C/Wo2M/1qm5mD57pNQ32czD8Sr SU+TVW3vjmxQ31oV1t8FYCLTeSSZGeGd+gR+R0z13NOkSy3Q/yIHpwjyEyToYXGF 93ItvgKzDndSbFp2TylcVi2+md4a5UrALKUDHJnHwrI3cc2Uwr2TX/dRuG3ZYdww Cc/FpcrwH3iH1b9T9skuKfwFTzN5COIoe0O4scqfBALcUeQV+zdkHCOeb9jzcGtK vWcysD4lq5ykWykxEDFgpLbk50cXzlZd5jj6ONJTfo6P1iPdkb1MjLdzWWTV/rll suVPQHvwKLG3DKDZzEYqZGjL0RoYemin10TiFf7JEOhVlGoA/rI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:36 2026 by rpki-client