$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145618.roa File: AS145618.roa (raw, json) Hash identifier: 4JOXgtvkH+eCX/bJM4q9DnhE9GQJyfZVr+TUUgMzSFU= Subject key identifier: 95:C1:E6:53:45:E5:4A:39:29:FE:34:E3:0E:AD:1F:A2:B1:9E:E0:A5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1D357A03A8E3ED5CADCBA3757FB12A62C03E492B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145618.roa Signing time: Wed 04 Mar 2026 06:30:40 +0000 ROA not before: Wed 04 Mar 2026 06:25:40 +0000 ROA not after: Wed 03 Mar 2027 06:30:40 +0000 asID: 145618 IP address blocks: 240a:ab98::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:35:7a:03:a8:e3:ed:5c:ad:cb:a3:75:7f:b1:2a:62:c0:3e:49:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:40 2026 GMT Not After : Mar 3 06:30:40 2027 GMT Subject: CN=95C1E65345E54A3929FE34E30EAD1FA2B19EE0A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1b:cb:58:85:a9:a1:8a:8b:30:c2:9d:c3:f7: 6c:d6:c2:db:e3:ba:6e:68:64:6a:0f:f0:5e:33:61: fd:ca:25:6c:1b:2b:c4:23:9a:c4:ab:e4:56:c3:0b: cb:6e:1d:00:57:cf:2e:05:c5:7c:48:64:55:71:2c: fc:ea:38:16:1f:b7:a1:43:a0:3b:5e:d3:70:f4:0d: 3a:4c:ec:2e:f4:54:13:f5:e8:26:e6:85:ec:bf:f2: 38:29:b9:3d:6f:4e:4c:ec:4e:95:e2:ee:81:da:69: 4c:d8:c1:66:32:17:43:89:55:6f:3d:0f:7b:cc:c1: c2:19:69:dd:0c:16:9f:de:87:6b:87:fe:fa:45:66: 0d:56:85:05:40:71:61:73:41:74:30:13:60:56:7c: 39:fb:9c:d7:9e:c6:cc:b8:12:11:9c:4b:b9:da:14: b3:b1:c2:e4:f6:23:51:9d:65:7a:b1:2a:4b:91:4f: be:8f:41:cf:84:4c:44:72:2f:ab:46:74:26:86:1e: 99:39:0c:94:ac:96:43:1f:5e:35:5b:00:8b:de:81: 5d:ad:c6:b7:49:64:95:7e:6e:ae:06:c5:65:a7:17: 94:09:9d:58:ea:9e:75:77:d7:0a:79:b6:da:62:28: b0:de:fe:7e:78:57:c4:8e:02:77:20:94:05:cc:ac: 3b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C1:E6:53:45:E5:4A:39:29:FE:34:E3:0E:AD:1F:A2:B1:9E:E0:A5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145618.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab98::/32 Signature Algorithm: sha256WithRSAEncryption 19:db:1d:f4:ff:90:1b:53:94:c9:54:ab:20:a5:9d:6e:85:fa: 90:47:e0:01:98:13:d2:5d:ac:89:94:89:3e:62:de:1f:70:02: 99:86:53:b2:65:3b:a2:b4:88:f7:8e:c0:7e:7e:ee:60:bb:c8: 7b:59:d8:61:9d:f5:b8:f4:a7:2a:64:20:ba:cd:cb:cc:ce:7d: 6f:84:fb:39:83:be:a8:21:07:50:2a:0e:f3:31:de:53:98:66: 77:01:86:3c:86:d6:90:f6:37:b5:07:96:3a:0a:5d:0a:2c:b1: 71:b1:77:9e:6f:6e:71:c5:60:26:05:f0:48:52:28:35:6e:4c: 6b:c9:53:37:37:a6:c7:5c:bc:0f:04:4f:07:4a:ce:71:33:1f: 61:9e:28:d4:73:7f:32:b2:c0:e8:00:ac:6d:c5:48:2c:d4:3a: 5c:b2:9f:96:40:d6:fe:5b:13:21:36:a4:fc:73:25:5e:9a:ef: 80:0e:53:d2:75:10:e6:8d:c9:3f:79:bc:ca:71:dc:e2:ef:b3: b0:cb:61:94:e2:2b:5f:fd:41:05:26:3b:9f:06:57:42:d5:e3: 0c:45:97:75:6e:70:a8:54:a6:03:47:d9:e0:54:15:58:d4:ce: 6e:c3:a8:21:50:e4:ed:07:b4:5e:48:18:fc:96:61:22:cf:3b: 2c:d0:75:ab -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHTV6A6jj7Vyty6N1f7EqYsA+SSswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0MFoX DTI3MDMwMzA2MzA0MFowMzExMC8GA1UEAxMoOTVDMUU2NTM0NUU1NEEzOTI5RkUz NEUzMEVBRDFGQTJCMTlFRTBBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsby1iFqaGKizDCncP3bNbC2+O6bmhkag/wXjNh/colbBsrxCOaxKvkVsML y24dAFfPLgXFfEhkVXEs/Oo4Fh+3oUOgO17TcPQNOkzsLvRUE/XoJuaF7L/yOCm5 PW9OTOxOleLugdppTNjBZjIXQ4lVbz0Pe8zBwhlp3QwWn96Ha4f++kVmDVaFBUBx YXNBdDATYFZ8Ofuc157GzLgSEZxLudoUs7HC5PYjUZ1lerEqS5FPvo9Bz4RMRHIv q0Z0JoYemTkMlKyWQx9eNVsAi96BXa3Gt0lklX5urgbFZacXlAmdWOqedXfXCnm2 2mIosN7+fnhXxI4CdyCUBcysO+MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSVweZT ReVKOSn+NOMOrR+isZ7gpTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q5gwDQYJKoZIhvcNAQELBQADggEBABnbHfT/kBtTlMlUqyClnW6F+pBH4AGYE9Jd rImUiT5i3h9wApmGU7JlO6K0iPeOwH5+7mC7yHtZ2GGd9bj0pypkILrNy8zOfW+E +zmDvqghB1AqDvMx3lOYZncBhjyG1pD2N7UHljoKXQossXGxd55vbnHFYCYF8EhS KDVuTGvJUzc3psdcvA8ETwdKznEzH2GeKNRzfzKywOgArG3FSCzUOlyyn5ZA1v5b EyE2pPxzJV6a74AOU9J1EOaNyT95vMpx3OLvs7DLYZTiK1/9QQUmO58GV0LV4wxF l3VucKhUpgNH2eBUFVjUzm7DqCFQ5O0HtF5IGPyWYSLPOyzQdas= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:13 2026 by rpki-client