$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145637.roa File: AS145637.roa (raw, json) Hash identifier: lP9TgEOYvjPAkgJCZ1j13P909iUUPFab5gATvgCwBls= Subject key identifier: 13:35:3F:40:E4:24:59:1D:0B:6C:5F:DB:3B:85:DC:D7:4A:25:BF:BB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7BC61B28C6699CAEDAF83FE6D6686D5B28106C2E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145637.roa Signing time: Wed 04 Mar 2026 06:30:31 +0000 ROA not before: Wed 04 Mar 2026 06:25:31 +0000 ROA not after: Wed 03 Mar 2027 06:30:31 +0000 asID: 145637 IP address blocks: 240a:abab::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:c6:1b:28:c6:69:9c:ae:da:f8:3f:e6:d6:68:6d:5b:28:10:6c:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:31 2026 GMT Not After : Mar 3 06:30:31 2027 GMT Subject: CN=13353F40E424591D0B6C5FDB3B85DCD74A25BFBB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:d1:d8:de:17:b4:ca:0a:47:3f:11:db:f2:a6: b1:b4:5c:82:11:33:9a:c7:64:a9:28:69:43:eb:3c: 41:cd:82:da:02:ce:81:b1:4e:5a:5a:e8:cb:fb:09: fb:d1:d8:71:e0:ad:32:d6:19:88:d5:19:d0:fa:29: 03:3f:b6:45:fd:34:04:31:51:91:8d:89:cd:ee:f9: 95:a8:26:65:72:e5:aa:db:04:55:46:1d:fb:38:a0: 75:9c:e8:cd:27:39:59:26:98:5c:09:b8:1a:19:21: 28:86:91:f1:89:68:53:bb:49:e4:43:99:c4:cf:b9: f2:1a:89:53:33:db:53:d9:2b:c8:81:39:f1:3b:b1: 4f:0b:17:7b:f3:13:ff:b2:85:90:0b:5f:2d:48:67: e4:8b:b0:2b:9f:95:cf:6a:b0:6b:6e:5c:f3:b6:bd: 29:95:e0:6f:02:63:6c:f3:5b:ba:3a:bb:2f:9a:5c: 6e:09:82:e3:ef:9c:35:42:91:eb:f9:34:e5:0d:7b: 69:5c:00:f9:5d:c4:b8:e9:7d:31:73:6b:aa:4e:ff: 16:fa:cb:3d:de:2b:f2:ea:10:7a:cc:2f:15:eb:fb: e8:4e:c4:d1:d4:1f:8c:14:95:01:c4:a0:ec:21:b3: a3:98:6c:03:8d:e5:63:47:05:d0:88:ea:6c:1c:94: 9d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:35:3F:40:E4:24:59:1D:0B:6C:5F:DB:3B:85:DC:D7:4A:25:BF:BB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abab::/32 Signature Algorithm: sha256WithRSAEncryption 94:04:c5:b1:6f:28:fc:8e:b0:85:a9:87:29:bf:a6:a6:06:cf: 81:d0:cd:0f:da:5d:6b:01:d2:78:72:3f:18:85:12:f4:e5:d1: d0:6a:d5:12:bc:69:42:88:38:25:17:34:a9:bf:2e:ab:8c:9a: eb:4a:28:01:90:01:0e:26:31:e4:39:91:da:b3:00:f3:74:33: 96:4b:f6:f8:27:9d:20:df:07:4f:5c:18:de:7d:c8:47:bc:40: f1:6a:f0:f3:8c:ab:d5:b4:27:f9:e6:83:86:77:de:7b:2a:d2: a9:23:1b:db:71:f5:46:84:d0:bc:c9:5b:2b:e8:a9:c0:6d:03: 0f:8f:cc:0c:d3:10:6b:9f:b0:ea:b2:26:73:f4:7d:a5:55:a0: f1:4c:75:fc:f2:5c:94:0f:54:f7:f2:b5:5c:96:48:ec:04:8e: 1e:30:d5:3e:2f:b5:a1:20:7a:94:e0:24:73:8a:53:f3:28:c4: e4:6f:e2:c3:b9:78:fb:9e:5b:5b:3f:bd:df:cc:6f:12:89:00: 7b:52:5a:6a:53:fe:71:0a:6f:2b:12:82:ee:19:f7:37:e5:80: a0:d5:4c:9f:af:0c:7b:5d:4c:3f:cf:8c:4e:f6:66:b1:ac:43: b4:b0:da:56:d5:c4:50:47:ba:43:78:f3:4b:2d:62:6c:23:75: 27:7d:4a:81 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUe8YbKMZpnK7a+D/m1mhtWygQbC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzMVoX DTI3MDMwMzA2MzAzMVowMzExMC8GA1UEAxMoMTMzNTNGNDBFNDI0NTkxRDBCNkM1 RkRCM0I4NURDRDc0QTI1QkZCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANfR2N4XtMoKRz8R2/KmsbRcghEzmsdkqShpQ+s8Qc2C2gLOgbFOWlroy/sJ +9HYceCtMtYZiNUZ0PopAz+2Rf00BDFRkY2Jze75lagmZXLlqtsEVUYd+zigdZzo zSc5WSaYXAm4GhkhKIaR8YloU7tJ5EOZxM+58hqJUzPbU9kryIE58TuxTwsXe/MT /7KFkAtfLUhn5IuwK5+Vz2qwa25c87a9KZXgbwJjbPNbujq7L5pcbgmC4++cNUKR 6/k05Q17aVwA+V3EuOl9MXNrqk7/FvrLPd4r8uoQeswvFev76E7E0dQfjBSVAcSg 7CGzo5hsA43lY0cF0IjqbByUnWsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQTNT9A 5CRZHQtsX9s7hdzXSiW/uzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q6swDQYJKoZIhvcNAQELBQADggEBAJQExbFvKPyOsIWphym/pqYGz4HQzQ/aXWsB 0nhyPxiFEvTl0dBq1RK8aUKIOCUXNKm/LquMmutKKAGQAQ4mMeQ5kdqzAPN0M5ZL 9vgnnSDfB09cGN59yEe8QPFq8POMq9W0J/nmg4Z33nsq0qkjG9tx9UaE0LzJWyvo qcBtAw+PzAzTEGufsOqyJnP0faVVoPFMdfzyXJQPVPfytVyWSOwEjh4w1T4vtaEg epTgJHOKU/MoxORv4sO5ePueW1s/vd/MbxKJAHtSWmpT/nEKbysSgu4Z9zflgKDV TJ+vDHtdTD/PjE72ZrGsQ7Sw2lbVxFBHukN480stYmwjdSd9SoE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:21 2026 by rpki-client