$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145702.roa File: AS145702.roa (raw, json) Hash identifier: oybftP8hovwcA257sjAZmlqhNxCyrPj4BlnorCoWFZw= Subject key identifier: DA:C9:E0:4D:47:32:90:E6:2E:38:FB:2E:D9:A6:C0:18:43:9B:82:98 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D8FFDD7B9137E343ACFF3D7F0C11A131A5D87DB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145702.roa Signing time: Wed 04 Mar 2026 06:29:40 +0000 ROA not before: Wed 04 Mar 2026 06:24:40 +0000 ROA not after: Wed 03 Mar 2027 06:29:40 +0000 asID: 145702 IP address blocks: 240a:abec::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:8f:fd:d7:b9:13:7e:34:3a:cf:f3:d7:f0:c1:1a:13:1a:5d:87:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:40 2026 GMT Not After : Mar 3 06:29:40 2027 GMT Subject: CN=DAC9E04D473290E62E38FB2ED9A6C018439B8298 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0d:10:73:24:bd:20:28:e3:ea:17:81:cd:bd: b0:b4:c1:65:91:44:49:9b:14:1f:c7:f6:2f:34:71: e5:97:4d:8e:21:cb:ed:f8:bd:8b:83:76:b2:9d:e0: 3f:91:e3:50:6f:ef:a6:44:cd:65:8b:19:b4:cc:21: c9:31:0e:b8:da:d5:3c:07:5e:03:8e:45:c4:d9:88: 70:3f:e5:cf:e7:79:07:f4:ca:fb:49:d6:e1:6b:2d: b8:6b:ef:f6:dc:81:ad:85:75:e3:a4:5b:34:8e:d6: 67:6d:3e:b5:c2:49:0a:92:29:d2:36:4a:a4:23:d4: 82:91:34:2f:63:69:88:2c:37:dd:1e:43:c2:80:c8: 11:50:94:66:45:b2:e9:b2:9c:18:9d:03:25:04:9b: 94:be:d0:c3:60:c5:a2:b9:51:70:d5:d9:70:b6:16: b3:2c:01:e8:d0:4f:ef:d1:a4:b6:c5:ae:e4:ba:56: 23:68:d5:b8:47:d4:b2:b4:e4:10:29:53:34:ec:4a: ec:89:7e:53:bf:b2:2f:2d:c5:81:73:da:5b:35:d9: fd:7f:2f:d0:a9:e0:ec:75:b6:b1:9b:a0:49:23:ee: c6:82:42:b4:4c:f4:6c:6c:b0:c8:61:fb:7d:47:22: 21:93:2f:72:e3:0a:f4:8b:bf:df:17:23:54:85:64: 61:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:C9:E0:4D:47:32:90:E6:2E:38:FB:2E:D9:A6:C0:18:43:9B:82:98 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145702.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abec::/32 Signature Algorithm: sha256WithRSAEncryption 1d:44:77:c4:ac:09:90:04:e6:3f:cd:32:4d:d0:76:0b:95:ce: f0:8c:33:a3:ae:56:7f:85:43:b0:dc:d0:ae:ba:3a:6b:1c:29: e2:39:b8:43:41:80:26:49:e6:31:55:77:a8:18:d7:c1:62:49: 83:50:18:f3:25:29:2f:d8:15:3b:de:60:37:9f:40:cd:50:6f: 36:3c:4d:70:bc:a9:5b:b5:f8:00:7c:73:d7:3d:b2:c6:09:be: a2:5a:d5:4e:be:da:fb:5f:b3:e8:c6:7c:4f:33:9d:c3:08:5f: 35:ee:cf:68:11:8c:8e:ff:a0:7f:ec:52:68:63:1d:63:85:92: b3:34:f6:41:2b:2b:87:45:cc:61:e6:83:1c:22:f1:7c:46:cc: 46:36:6e:fa:7a:12:46:b7:f4:5d:45:b2:c5:f0:b2:22:ee:1d: 95:ae:9c:a4:77:06:81:31:88:10:8b:bf:ce:88:38:f3:ac:be: 4c:f8:bb:67:a9:2d:c7:53:92:a9:11:3c:f5:54:42:c5:d6:c1: 43:10:d6:e4:b3:7f:64:f9:43:34:09:b8:88:3e:fd:79:50:15: 0c:a9:2e:20:20:af:ae:8a:a1:93:7f:07:77:f9:6c:b8:32:90: 9e:55:08:0d:ae:61:17:09:9e:69:e1:ab:82:ab:d4:42:34:55: 6b:4c:d8:d9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTY/917kTfjQ6z/PX8MEaExpdh9swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0MFoX DTI3MDMwMzA2Mjk0MFowMzExMC8GA1UEAxMoREFDOUUwNEQ0NzMyOTBFNjJFMzhG QjJFRDlBNkMwMTg0MzlCODI5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKoNEHMkvSAo4+oXgc29sLTBZZFESZsUH8f2LzRx5ZdNjiHL7fi9i4N2sp3g P5HjUG/vpkTNZYsZtMwhyTEOuNrVPAdeA45FxNmIcD/lz+d5B/TK+0nW4WstuGvv 9tyBrYV146RbNI7WZ20+tcJJCpIp0jZKpCPUgpE0L2NpiCw33R5DwoDIEVCUZkWy 6bKcGJ0DJQSblL7Qw2DForlRcNXZcLYWsywB6NBP79GktsWu5LpWI2jVuEfUsrTk EClTNOxK7Il+U7+yLy3FgXPaWzXZ/X8v0Kng7HW2sZugSSPuxoJCtEz0bGywyGH7 fUciIZMvcuMK9Iu/3xcjVIVkYfMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTayeBN RzKQ5i44+y7ZpsAYQ5uCmDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q+wwDQYJKoZIhvcNAQELBQADggEBAB1Ed8SsCZAE5j/NMk3QdguVzvCMM6OuVn+F Q7Dc0K66OmscKeI5uENBgCZJ5jFVd6gY18FiSYNQGPMlKS/YFTveYDefQM1QbzY8 TXC8qVu1+AB8c9c9ssYJvqJa1U6+2vtfs+jGfE8zncMIXzXuz2gRjI7/oH/sUmhj HWOFkrM09kErK4dFzGHmgxwi8XxGzEY2bvp6Eka39F1FssXwsiLuHZWunKR3BoEx iBCLv86IOPOsvkz4u2epLcdTkqkRPPVUQsXWwUMQ1uSzf2T5QzQJuIg+/XlQFQyp LiAgr66KoZN/B3f5bLgykJ5VCA2uYRcJnmnhq4Kr1EI0VWtM2Nk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:15 2026 by rpki-client