$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145609.roa File: AS145609.roa (raw, json) Hash identifier: GUsQ5I2fU/3X7pVL2iP/X6tlrJTYCYig3UvkvpvTjtw= Subject key identifier: 97:11:BA:FD:C4:D2:22:19:3E:EE:2E:AA:2E:3F:4D:BA:DE:8E:A6:8A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 183BDFA8F2D0FE6E15C6A074589AD779F31B483E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145609.roa Signing time: Wed 04 Mar 2026 06:29:56 +0000 ROA not before: Wed 04 Mar 2026 06:24:56 +0000 ROA not after: Wed 03 Mar 2027 06:29:56 +0000 asID: 145609 IP address blocks: 240a:ab8f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:3b:df:a8:f2:d0:fe:6e:15:c6:a0:74:58:9a:d7:79:f3:1b:48:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:56 2026 GMT Not After : Mar 3 06:29:56 2027 GMT Subject: CN=9711BAFDC4D222193EEE2EAA2E3F4DBADE8EA68A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:94:1e:5e:e9:0f:41:53:44:d8:23:90:b8:a2: 42:78:6f:e6:44:fd:f5:6f:59:5b:9b:31:35:ac:0f: d2:78:0e:5a:0b:67:78:20:c1:15:49:1e:6c:b5:71: 88:08:f9:18:b9:61:84:f3:6e:ac:41:14:90:49:36: 3a:6b:5b:5f:46:d7:26:77:52:3f:09:95:19:97:6d: 3a:cb:eb:ed:bf:eb:8a:19:36:1c:c7:c1:80:f8:63: d9:1b:67:f2:40:d2:c5:dc:10:70:a4:a6:d2:98:86: c4:53:b9:93:f8:93:e9:83:19:80:2b:fb:e9:17:c4: 37:d0:40:8f:67:6d:85:a5:8c:65:f7:ec:a4:4f:55: 47:3f:46:03:ef:34:bf:52:39:21:11:ea:b7:60:f5: a8:b9:09:80:57:a5:5c:15:bd:0b:0c:f0:38:5c:29: d1:32:82:09:e0:b0:09:76:40:d8:73:37:3c:b3:a0: 57:d9:05:ab:db:a0:a0:ec:f9:c8:54:0f:8b:06:a4: 34:1f:f2:9b:bb:61:54:07:b5:c0:b7:7f:c5:8f:13: 54:c6:d1:c1:88:22:08:03:dd:34:3f:c2:7b:0c:bc: 8d:6c:3f:14:ce:92:33:e2:2e:b8:0f:8e:21:b8:ed: 2a:04:aa:3d:ae:32:bb:6e:07:c9:7d:e9:0f:2e:d1: c6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:11:BA:FD:C4:D2:22:19:3E:EE:2E:AA:2E:3F:4D:BA:DE:8E:A6:8A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145609.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab8f::/32 Signature Algorithm: sha256WithRSAEncryption 1d:d2:41:92:e6:d2:09:f2:31:b5:48:7f:97:21:25:18:af:ab: de:1b:89:ce:20:ea:c4:76:02:8e:f6:6d:0d:fd:47:a5:c8:3e: c8:a5:03:65:b7:8b:c0:e2:f1:3f:57:d4:65:42:8a:e7:b1:16: 9b:95:8c:6f:95:a2:8c:eb:35:a6:57:45:00:a0:89:51:6e:17: 64:2d:72:11:e1:62:b9:bf:70:ad:1d:81:2a:33:50:1d:f1:f6: 8b:b0:d9:68:08:0e:7c:a4:61:8f:38:9c:2f:dc:cf:9d:57:42: 92:5d:65:9d:31:42:81:1d:f7:14:55:c1:97:56:f3:56:08:2f: 7a:14:21:1b:bb:34:05:fe:1b:8a:97:ab:a4:b3:c9:b2:26:02: 7b:1b:28:30:ee:19:d4:c3:72:42:bc:e3:c5:b2:d3:31:e0:76: cc:e1:5d:f8:c7:b7:ab:ca:68:ff:86:c8:01:4e:a5:76:58:bf: 93:31:8c:df:51:a8:4c:2f:14:fc:ee:66:8a:a9:c3:b8:4d:c3: 3d:67:e9:4d:07:07:4b:0b:c5:bd:fb:20:5c:4e:5c:12:70:e7: 77:82:6a:f3:05:24:9f:31:66:54:66:4f:eb:9b:76:88:68:93: 88:b3:3e:59:92:21:b4:74:a8:8d:09:45:b0:3d:a6:aa:03:a6: c0:a2:5a:45 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGDvfqPLQ/m4VxqB0WJrXefMbSD4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1NloX DTI3MDMwMzA2Mjk1NlowMzExMC8GA1UEAxMoOTcxMUJBRkRDNEQyMjIxOTNFRUUy RUFBMkUzRjREQkFERThFQTY4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJeUHl7pD0FTRNgjkLiiQnhv5kT99W9ZW5sxNawP0ngOWgtneCDBFUkebLVx iAj5GLlhhPNurEEUkEk2OmtbX0bXJndSPwmVGZdtOsvr7b/rihk2HMfBgPhj2Rtn 8kDSxdwQcKSm0piGxFO5k/iT6YMZgCv76RfEN9BAj2dthaWMZffspE9VRz9GA+80 v1I5IRHqt2D1qLkJgFelXBW9CwzwOFwp0TKCCeCwCXZA2HM3PLOgV9kFq9ugoOz5 yFQPiwakNB/ym7thVAe1wLd/xY8TVMbRwYgiCAPdND/Cewy8jWw/FM6SM+IuuA+O IbjtKgSqPa4yu24HyX3pDy7RxusCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSXEbr9 xNIiGT7uLqouP0263o6mijAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q48wDQYJKoZIhvcNAQELBQADggEBAB3SQZLm0gnyMbVIf5chJRivq94bic4g6sR2 Ao72bQ39R6XIPsilA2W3i8Di8T9X1GVCiuexFpuVjG+VoozrNaZXRQCgiVFuF2Qt chHhYrm/cK0dgSozUB3x9ouw2WgIDnykYY84nC/cz51XQpJdZZ0xQoEd9xRVwZdW 81YIL3oUIRu7NAX+G4qXq6SzybImAnsbKDDuGdTDckK848Wy0zHgdszhXfjHt6vK aP+GyAFOpXZYv5MxjN9RqEwvFPzuZoqpw7hNwz1n6U0HB0sLxb37IFxOXBJw53eC avMFJJ8xZlRmT+ubdohok4izPlmSIbR0qI0JRbA9pqoDpsCiWkU= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:05 2026 by rpki-client