$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145731.roa File: AS145731.roa (raw, json) Hash identifier: i6rH5yzzu4nCtYNdAHOk7zYgrnyjsyJ0InTp+pZ9VKI= Subject key identifier: 81:DA:22:37:2E:D3:9D:31:C8:49:C2:A1:5F:E3:A2:4E:E1:F1:E9:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5B9FD8ACD402B3C3DD63A12C3BDAE6FD6D0DBF01 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145731.roa Signing time: Wed 04 Mar 2026 06:30:38 +0000 ROA not before: Wed 04 Mar 2026 06:25:38 +0000 ROA not after: Wed 03 Mar 2027 06:30:38 +0000 asID: 145731 IP address blocks: 240a:ac09::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:9f:d8:ac:d4:02:b3:c3:dd:63:a1:2c:3b:da:e6:fd:6d:0d:bf:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:38 2026 GMT Not After : Mar 3 06:30:38 2027 GMT Subject: CN=81DA22372ED39D31C849C2A15FE3A24EE1F1E913 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8e:e3:78:92:02:34:8a:a1:63:71:88:ac:c3: 5c:32:bb:76:4b:06:9e:01:7b:f8:0c:13:90:13:8b: 00:00:95:93:af:a0:97:3b:9d:d1:c7:8d:a7:b8:66: c6:90:fe:9b:a8:10:c6:e1:74:5b:4e:1c:1f:68:ec: e8:03:85:1f:1c:a1:b6:69:cd:12:c2:23:40:34:b9: da:b2:79:e6:92:64:a9:98:48:d2:b1:58:79:64:06: 63:eb:af:d0:2d:39:af:87:11:22:e0:c7:b8:2f:dc: bf:63:7b:9f:45:12:58:ff:0a:ad:b2:0e:8b:81:2c: b5:aa:d0:a3:45:82:05:d9:4d:60:5c:11:8b:4a:63: 77:8d:71:66:80:f3:a3:66:db:44:04:71:dc:a0:94: ed:5a:c7:7c:c9:b3:b0:27:06:88:6c:6a:16:d2:0f: c4:a0:4c:19:58:56:d5:7a:e5:89:ce:19:ba:3d:e0: 47:33:d3:f9:b4:6e:3b:32:24:9c:53:3c:2c:f7:00: 42:a3:ac:4a:c1:83:9f:7d:29:82:26:bc:71:36:b5: ec:67:ce:2c:c9:b9:8a:76:46:a1:d0:40:6e:d4:87: 71:70:39:7f:24:d7:e5:62:eb:bb:45:1d:c3:d4:be: 01:1a:e9:10:4c:bb:82:6f:b9:b7:3a:1a:ae:a9:63: 83:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:DA:22:37:2E:D3:9D:31:C8:49:C2:A1:5F:E3:A2:4E:E1:F1:E9:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac09::/32 Signature Algorithm: sha256WithRSAEncryption 6e:5e:cb:10:ff:0e:b0:b6:12:c9:08:9d:a0:24:62:93:09:9a: 31:7e:57:1e:1f:a9:5a:90:40:4d:a7:c6:50:c9:ae:44:3c:12: 18:18:31:8a:29:98:fe:c5:08:1e:ea:0c:08:4a:a2:9d:b2:8b: ae:fa:c1:7e:99:c0:60:42:87:03:86:2a:23:66:b7:0b:c3:3a: f1:15:82:ee:bd:96:ef:3b:4b:d2:f5:b5:8a:57:f1:d9:76:43: c3:14:d5:48:f8:ac:9d:2e:d1:2a:a4:ec:96:b1:0c:be:df:12: f8:af:1e:f8:7a:52:ab:7b:58:ea:fc:23:87:e1:48:b5:4a:14: f1:cc:fc:07:3b:2c:fb:63:b4:23:82:9a:b1:6e:35:99:3a:f4: 11:85:17:c2:1e:2c:92:2d:bf:99:ed:53:15:ec:af:5a:ae:a2: 79:7f:d3:65:36:a1:bc:03:36:da:5e:89:7c:01:c2:68:79:6c: 23:db:c4:69:46:d2:34:9f:7a:bb:07:42:7a:61:1a:10:6d:c1: 5d:18:d6:3d:b0:76:92:ef:71:10:41:9c:4c:4d:14:4b:eb:dc: dd:e0:ca:c2:a0:a3:46:5c:55:12:80:54:ec:76:4c:15:66:f8: 90:71:99:68:81:f5:36:70:1b:d5:a3:ca:3d:18:86:a2:9c:6c: 17:0a:5b:d3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUW5/YrNQCs8PdY6EsO9rm/W0NvwEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzOFoX DTI3MDMwMzA2MzAzOFowMzExMC8GA1UEAxMoODFEQTIyMzcyRUQzOUQzMUM4NDlD MkExNUZFM0EyNEVFMUYxRTkxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMSO43iSAjSKoWNxiKzDXDK7dksGngF7+AwTkBOLAACVk6+glzud0ceNp7hm xpD+m6gQxuF0W04cH2js6AOFHxyhtmnNEsIjQDS52rJ55pJkqZhI0rFYeWQGY+uv 0C05r4cRIuDHuC/cv2N7n0USWP8KrbIOi4EstarQo0WCBdlNYFwRi0pjd41xZoDz o2bbRARx3KCU7VrHfMmzsCcGiGxqFtIPxKBMGVhW1Xrlic4Zuj3gRzPT+bRuOzIk nFM8LPcAQqOsSsGDn30pgia8cTa17GfOLMm5inZGodBAbtSHcXA5fyTX5WLru0Ud w9S+ARrpEEy7gm+5tzoarqljg70CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSB2iI3 LtOdMchJwqFf46JO4fHpEzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTczMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rAkwDQYJKoZIhvcNAQELBQADggEBAG5eyxD/DrC2EskInaAkYpMJmjF+Vx4fqVqQ QE2nxlDJrkQ8EhgYMYopmP7FCB7qDAhKop2yi676wX6ZwGBChwOGKiNmtwvDOvEV gu69lu87S9L1tYpX8dl2Q8MU1Uj4rJ0u0Sqk7JaxDL7fEvivHvh6Uqt7WOr8I4fh SLVKFPHM/Ac7LPtjtCOCmrFuNZk69BGFF8IeLJItv5ntUxXsr1quonl/02U2obwD NtpeiXwBwmh5bCPbxGlG0jSfersHQnphGhBtwV0Y1j2wdpLvcRBBnExNFEvr3N3g ysKgo0ZcVRKAVOx2TBVm+JBxmWiB9TZwG9Wjyj0YhqKcbBcKW9M= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:12 2026 by rpki-client