$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145622.roa File: AS145622.roa (raw, json) Hash identifier: 1aYpCNwhNBEuOaBtGInjkl/5F7pk7lNkJXVJqOnRPtg= Subject key identifier: 35:40:CC:F6:B7:D7:DF:80:FD:4D:C1:E1:B2:7E:44:0F:0E:C8:EA:A3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 42FF26E0B95D2DAB129BCCF2EBCC4F7584D7210F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145622.roa Signing time: Wed 04 Mar 2026 06:30:29 +0000 ROA not before: Wed 04 Mar 2026 06:25:29 +0000 ROA not after: Wed 03 Mar 2027 06:30:29 +0000 asID: 145622 IP address blocks: 240a:ab9c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:ff:26:e0:b9:5d:2d:ab:12:9b:cc:f2:eb:cc:4f:75:84:d7:21:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:29 2026 GMT Not After : Mar 3 06:30:29 2027 GMT Subject: CN=3540CCF6B7D7DF80FD4DC1E1B27E440F0EC8EAA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:43:33:7a:03:9c:85:e1:1d:4c:fa:e3:b4:f9: 46:5f:f5:40:d4:90:e0:04:45:f7:85:ff:fc:87:12: 7f:00:1b:2d:1d:93:26:f5:7c:b6:94:64:47:b2:ff: a1:18:e9:58:04:85:d1:28:73:25:1a:f2:0c:1f:51: 5a:81:70:79:34:ff:dd:f2:ae:dc:26:ec:3b:89:c3: 4a:e2:c3:8e:ca:5c:6c:77:56:e6:28:3c:45:43:03: 3f:35:c7:d2:1c:be:fa:5d:e8:85:a3:0c:9b:64:3c: 20:47:23:32:a3:93:15:75:a6:46:97:12:9b:68:b7: 68:60:cd:72:33:26:cd:fc:28:c1:1e:df:c2:ea:a2: 72:ea:85:a9:9e:27:bb:e3:ce:02:72:3c:36:5e:96: 51:a9:5d:2d:8c:a8:f2:b0:28:19:9d:8b:8f:5b:16: 83:fb:43:b8:f9:01:d4:1b:5f:d7:3e:b2:04:29:0d: f4:56:71:50:02:08:47:b0:3f:68:a5:70:58:fd:f5: cf:01:14:15:37:27:99:47:ad:bc:cf:14:fe:2e:0c: ad:83:6f:a6:03:7c:af:fb:db:fc:bf:04:97:c7:0d: a8:a6:46:f4:88:99:06:11:7f:06:27:2d:44:f9:bd: fc:1c:92:73:30:f7:60:98:ab:5d:4a:0f:4d:85:60: 76:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:40:CC:F6:B7:D7:DF:80:FD:4D:C1:E1:B2:7E:44:0F:0E:C8:EA:A3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145622.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab9c::/32 Signature Algorithm: sha256WithRSAEncryption c6:23:c4:bc:71:e5:69:9b:a1:b2:c5:98:bb:b7:84:69:4e:1a: 6e:07:e6:ba:4c:23:23:ea:5b:7d:db:26:23:0a:ec:40:50:cf: 1f:e2:1d:ab:cc:75:66:79:ea:5b:72:b9:d9:f5:d3:c2:58:51: 15:cb:88:65:58:c5:70:5a:72:90:db:af:e8:5d:5d:db:53:a0: 06:4c:51:77:50:61:b9:15:0a:a6:20:bf:11:85:35:7b:6c:8a: 97:f0:c1:e5:88:a3:0e:45:95:62:0e:91:b8:e8:b1:95:08:2f: dc:bc:be:85:2d:ab:7e:89:ce:8c:86:eb:ac:be:49:a5:c7:79: a9:a6:c0:6b:74:91:8e:c0:89:62:a2:6c:ce:42:43:60:93:a8: c5:39:9b:71:5d:a3:ae:51:33:55:33:95:ff:7f:cc:3e:3e:f9: f3:e8:0b:41:b4:4b:62:01:c4:a8:ae:74:0d:0a:eb:e0:ba:77: 52:1f:f5:23:7d:49:b0:5d:e7:30:1c:a7:a2:37:a5:90:aa:ea: 04:bb:d5:b8:6c:6a:36:d3:9a:65:5a:36:ab:26:a7:dd:5f:21: 74:4f:35:d1:c4:bb:a8:6d:03:eb:ad:16:15:71:d6:f7:83:d9: 28:0a:ca:49:7b:2a:b5:c9:6e:22:62:1d:4e:70:1b:82:12:8a: c3:22:2f:42 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQv8m4LldLasSm8zy68xPdYTXIQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyOVoX DTI3MDMwMzA2MzAyOVowMzExMC8GA1UEAxMoMzU0MENDRjZCN0Q3REY4MEZENERD MUUxQjI3RTQ0MEYwRUM4RUFBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxDM3oDnIXhHUz647T5Rl/1QNSQ4ARF94X//IcSfwAbLR2TJvV8tpRkR7L/ oRjpWASF0ShzJRryDB9RWoFweTT/3fKu3CbsO4nDSuLDjspcbHdW5ig8RUMDPzXH 0hy++l3ohaMMm2Q8IEcjMqOTFXWmRpcSm2i3aGDNcjMmzfwowR7fwuqicuqFqZ4n u+POAnI8Nl6WUaldLYyo8rAoGZ2Lj1sWg/tDuPkB1Btf1z6yBCkN9FZxUAIIR7A/ aKVwWP31zwEUFTcnmUetvM8U/i4MrYNvpgN8r/vb/L8El8cNqKZG9IiZBhF/Bict RPm9/BySczD3YJirXUoPTYVgdi8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1QMz2 t9ffgP1NweGyfkQPDsjqozAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q5wwDQYJKoZIhvcNAQELBQADggEBAMYjxLxx5WmbobLFmLu3hGlOGm4H5rpMIyPq W33bJiMK7EBQzx/iHavMdWZ56ltyudn108JYURXLiGVYxXBacpDbr+hdXdtToAZM UXdQYbkVCqYgvxGFNXtsipfwweWIow5FlWIOkbjosZUIL9y8voUtq36JzoyG66y+ SaXHeammwGt0kY7AiWKibM5CQ2CTqMU5m3Fdo65RM1Uzlf9/zD4++fPoC0G0S2IB xKiudA0K6+C6d1If9SN9SbBd5zAcp6I3pZCq6gS71bhsajbTmmVaNqsmp91fIXRP NdHEu6htA+utFhVx1veD2SgKykl7KrXJbiJiHU5wG4ISisMiL0I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:44 2026 by rpki-client