$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145724.roa File: AS145724.roa (raw, json) Hash identifier: Uz2SfGAUPdB3lPSqL7U+nK0sTwE404DKJjz6vfBo2rM= Subject key identifier: 09:73:E3:7C:B3:B0:F5:B0:25:AF:C1:A2:2C:6B:C7:35:85:71:13:DA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 148C7D3B2FC7DEE7F72ABB15E38702414CBEAE7B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145724.roa Signing time: Wed 04 Mar 2026 06:30:23 +0000 ROA not before: Wed 04 Mar 2026 06:25:23 +0000 ROA not after: Wed 03 Mar 2027 06:30:23 +0000 asID: 145724 IP address blocks: 240a:ac02::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:8c:7d:3b:2f:c7:de:e7:f7:2a:bb:15:e3:87:02:41:4c:be:ae:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:23 2026 GMT Not After : Mar 3 06:30:23 2027 GMT Subject: CN=0973E37CB3B0F5B025AFC1A22C6BC735857113DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:b1:57:5a:cb:d6:06:bf:a4:02:59:ee:42:d4: 02:cd:5e:a5:b1:c9:73:62:71:de:a0:02:f5:ec:0f: 91:1e:9c:bf:cc:5d:21:a6:3a:37:dc:98:a8:2e:1e: 6b:d2:34:d7:50:8d:2f:7e:9c:38:5a:77:93:1e:4c: 83:7e:3e:78:27:9f:6d:bf:3d:ed:6b:22:7a:1e:9e: b3:cf:7e:27:41:d6:7e:1c:87:0a:77:0c:7a:8a:9a: e6:a0:b4:be:8c:82:c9:33:b9:98:b5:81:12:e9:3b: c9:9a:ea:4e:05:ea:f8:cd:8f:ed:e6:11:8f:10:10: a0:24:4e:4a:3d:dc:0f:7e:97:99:33:64:ba:93:6a: c8:5b:01:84:a1:2e:ef:e6:7c:f7:dc:99:52:fd:ab: c1:6e:1d:77:a6:c5:c6:15:44:a6:80:93:6c:31:b5: 78:9c:66:4f:82:59:f3:44:a4:5d:c6:95:91:4a:96: 01:38:72:fe:09:44:04:52:5a:50:62:0a:92:b4:b5: a2:cd:4c:b0:9e:27:56:af:08:8b:15:2b:97:9e:1b: 51:ba:84:07:3b:38:67:47:93:27:3f:5e:22:d6:41: d1:dc:79:24:c1:4e:31:ce:15:db:c4:c3:fa:80:2b: ce:0c:3a:4f:e7:bf:d0:22:7e:b6:0d:82:ad:80:fc: 24:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:73:E3:7C:B3:B0:F5:B0:25:AF:C1:A2:2C:6B:C7:35:85:71:13:DA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145724.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac02::/32 Signature Algorithm: sha256WithRSAEncryption 3e:05:33:c2:d4:6a:1e:e2:ff:7f:9f:d2:54:ab:3b:00:60:44: 15:27:aa:f8:a1:41:d2:60:62:52:52:a0:69:6c:e2:d2:3f:a8: 28:4f:03:b4:da:48:83:0e:fb:bf:26:33:57:d9:6e:c0:2c:5e: 9a:b5:f8:c0:39:bb:aa:fc:90:45:51:a8:54:65:44:25:f2:b9: 37:7e:a4:0d:4f:db:f4:f3:dd:38:16:a8:bb:f8:50:ec:cb:ff: 16:a5:08:83:7a:70:c0:c3:17:11:10:82:4e:13:10:83:98:7a: 5d:b2:ef:aa:4a:5e:64:63:0a:8f:12:82:dc:9c:fa:18:bd:9b: 8a:54:1f:48:80:53:c1:a8:49:96:5b:61:b2:be:f1:9c:df:bc: 7d:40:ee:bb:3b:8d:b6:3e:c8:9a:cd:10:ec:89:16:0d:48:73: 0c:22:0a:5f:46:41:fe:a0:3e:91:01:4a:d9:0f:d7:35:8a:a1: 8a:5c:8c:2f:c7:55:8e:2f:93:33:47:00:cf:c2:5b:7c:19:bf: 15:f1:eb:d0:b4:79:15:40:b7:2f:1b:1c:cb:9f:c5:14:5a:d5: de:df:e3:c7:86:a9:a2:ef:3c:db:7a:57:00:ab:17:38:41:8a: 67:52:a5:76:7d:bd:64:04:78:ce:92:59:a5:b9:89:af:a5:6d: e9:b7:59:64 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFIx9Oy/H3uf3KrsV44cCQUy+rnswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyM1oX DTI3MDMwMzA2MzAyM1owMzExMC8GA1UEAxMoMDk3M0UzN0NCM0IwRjVCMDI1QUZD MUEyMkM2QkM3MzU4NTcxMTNEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANixV1rL1ga/pAJZ7kLUAs1epbHJc2Jx3qAC9ewPkR6cv8xdIaY6N9yYqC4e a9I011CNL36cOFp3kx5Mg34+eCefbb897Wsieh6es89+J0HWfhyHCncMeoqa5qC0 voyCyTO5mLWBEuk7yZrqTgXq+M2P7eYRjxAQoCROSj3cD36XmTNkupNqyFsBhKEu 7+Z899yZUv2rwW4dd6bFxhVEpoCTbDG1eJxmT4JZ80SkXcaVkUqWAThy/glEBFJa UGIKkrS1os1MsJ4nVq8IixUrl54bUbqEBzs4Z0eTJz9eItZB0dx5JMFOMc4V28TD +oArzgw6T+e/0CJ+tg2CrYD8JH0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQJc+N8 s7D1sCWvwaIsa8c1hXET2jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rAIwDQYJKoZIhvcNAQELBQADggEBAD4FM8LUah7i/3+f0lSrOwBgRBUnqvihQdJg YlJSoGls4tI/qChPA7TaSIMO+78mM1fZbsAsXpq1+MA5u6r8kEVRqFRlRCXyuTd+ pA1P2/Tz3TgWqLv4UOzL/xalCIN6cMDDFxEQgk4TEIOYel2y76pKXmRjCo8Sgtyc +hi9m4pUH0iAU8GoSZZbYbK+8ZzfvH1A7rs7jbY+yJrNEOyJFg1IcwwiCl9GQf6g PpEBStkP1zWKoYpcjC/HVY4vkzNHAM/CW3wZvxXx69C0eRVAty8bHMufxRRa1d7f 48eGqaLvPNt6VwCrFzhBimdSpXZ9vWQEeM6SWaW5ia+lbem3WWQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:47 2026 by rpki-client