$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145665.roa File: AS145665.roa (raw, json) Hash identifier: 5asdo7Kvyd7txz+JNzUIs+N8vo+XvwJEfgwr5hLmMH8= Subject key identifier: 99:0F:49:DF:94:B7:AE:D6:A6:A2:E7:00:9E:3C:E3:AF:BE:EC:E7:2E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 558AF2557AC28DEF60887E5E149FFE76D6548314 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145665.roa Signing time: Wed 04 Mar 2026 06:30:12 +0000 ROA not before: Wed 04 Mar 2026 06:25:12 +0000 ROA not after: Wed 03 Mar 2027 06:30:12 +0000 asID: 145665 IP address blocks: 240a:abc7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:8a:f2:55:7a:c2:8d:ef:60:88:7e:5e:14:9f:fe:76:d6:54:83:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:12 2026 GMT Not After : Mar 3 06:30:12 2027 GMT Subject: CN=990F49DF94B7AED6A6A2E7009E3CE3AFBEECE72E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1f:49:69:fd:1e:1e:13:ac:b8:62:c7:3a:96: 61:eb:d8:e4:f8:79:78:d5:03:15:a2:20:5e:c8:33: f4:47:ea:22:43:67:a6:60:4c:03:14:0c:3c:ee:ff: bc:f9:d8:b9:54:52:27:a6:db:64:8e:6d:98:8b:bb: 81:90:67:11:ed:49:d4:cf:73:d7:c4:61:d5:2a:8c: 53:2e:60:f9:6e:f3:30:2f:fd:20:dc:cf:05:c4:36: 76:f7:44:4b:a5:f6:3c:93:db:33:41:db:af:2a:74: a4:30:89:fb:b4:ee:60:2e:d8:6a:6a:cc:af:83:a9: 40:75:61:de:55:f0:03:4d:82:52:78:80:fe:a8:47: 54:c8:e0:4a:93:96:bc:ef:ae:18:e5:d0:60:0f:3b: 44:20:8d:40:0f:45:bf:ed:06:c7:d2:8b:81:60:5b: 5f:fc:67:dc:f6:8e:42:bb:a9:26:ca:7c:6d:ee:b5: d2:dd:42:80:49:39:45:bc:f9:87:2f:30:bb:70:99: 7f:4d:d2:d6:3d:ef:cd:a6:fb:8d:75:c1:eb:ca:da: 5c:5a:e7:ef:bc:7e:16:a6:e6:94:cb:3a:c9:68:2d: 3e:16:5b:75:8a:a4:70:af:70:8d:04:49:80:84:ec: bb:0b:fd:20:70:15:e1:c1:ae:3f:ed:0a:0a:7e:21: ae:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:0F:49:DF:94:B7:AE:D6:A6:A2:E7:00:9E:3C:E3:AF:BE:EC:E7:2E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145665.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abc7::/32 Signature Algorithm: sha256WithRSAEncryption 30:c3:48:f1:cc:1c:c9:96:f4:c5:f1:7b:83:c0:75:ea:b3:25: 3b:e9:82:ef:55:bc:91:cf:6a:42:63:0c:e3:ba:ae:30:be:21: 85:98:e3:15:8e:b8:17:b0:fe:a0:e8:58:1f:66:36:27:57:9a: fe:82:78:ce:d0:6b:63:c7:39:50:de:f7:b3:10:9e:52:f2:07: ab:96:0a:38:64:86:b3:64:6f:9c:f0:00:05:4c:ab:5f:b4:2c: 99:30:4e:40:dd:f2:86:29:7b:a1:b8:15:f7:80:55:08:b8:af: d7:58:b3:76:39:d6:2e:09:d1:88:5d:07:4b:40:d1:b3:40:1d: 1a:19:8c:db:3e:8d:5e:4e:7e:d5:ea:2e:b3:6c:e8:0f:ab:24: b0:82:c9:ae:f1:6f:fd:a3:05:6d:1e:d5:c9:b0:92:d8:47:86: b5:59:54:d9:06:df:07:40:d5:c0:3b:82:e0:9f:30:e7:92:58: b9:90:7b:4a:7b:49:9b:7a:32:96:96:b0:e3:79:5b:7e:7f:9b: f1:8c:b2:32:29:76:78:32:54:1a:38:16:66:f5:58:aa:76:5b: 11:d9:b1:ce:9d:c7:c2:97:05:fe:ab:cd:ec:86:bd:91:46:f1: 08:a6:01:5e:9b:5b:09:6a:54:e2:ce:ea:af:f3:fd:35:cc:b8: 11:56:4b:7d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVYryVXrCje9giH5eFJ/+dtZUgxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxMloX DTI3MDMwMzA2MzAxMlowMzExMC8GA1UEAxMoOTkwRjQ5REY5NEI3QUVENkE2QTJF NzAwOUUzQ0UzQUZCRUVDRTcyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALEfSWn9Hh4TrLhixzqWYevY5Ph5eNUDFaIgXsgz9EfqIkNnpmBMAxQMPO7/ vPnYuVRSJ6bbZI5tmIu7gZBnEe1J1M9z18Rh1SqMUy5g+W7zMC/9INzPBcQ2dvdE S6X2PJPbM0Hbryp0pDCJ+7TuYC7YamrMr4OpQHVh3lXwA02CUniA/qhHVMjgSpOW vO+uGOXQYA87RCCNQA9Fv+0Gx9KLgWBbX/xn3PaOQrupJsp8be610t1CgEk5Rbz5 hy8wu3CZf03S1j3vzab7jXXB68raXFrn77x+FqbmlMs6yWgtPhZbdYqkcK9wjQRJ gITsuwv9IHAV4cGuP+0KCn4hrgUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSZD0nf lLeu1qai5wCePOOvvuznLjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY2NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q8cwDQYJKoZIhvcNAQELBQADggEBADDDSPHMHMmW9MXxe4PAdeqzJTvpgu9VvJHP akJjDOO6rjC+IYWY4xWOuBew/qDoWB9mNidXmv6CeM7Qa2PHOVDe97MQnlLyB6uW CjhkhrNkb5zwAAVMq1+0LJkwTkDd8oYpe6G4FfeAVQi4r9dYs3Y51i4J0YhdB0tA 0bNAHRoZjNs+jV5OftXqLrNs6A+rJLCCya7xb/2jBW0e1cmwkthHhrVZVNkG3wdA 1cA7guCfMOeSWLmQe0p7SZt6MpaWsON5W35/m/GMsjIpdngyVBo4Fmb1WKp2WxHZ sc6dx8KXBf6rzeyGvZFG8QimAV6bWwlqVOLO6q/z/TXMuBFWS30= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:28 2026 by rpki-client