$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145736.roa File: AS145736.roa (raw, json) Hash identifier: 6kg5tEeo6ia+gsvgOJO0hNJ6mVxcjZZIxBHB9Oh0yUs= Subject key identifier: 19:13:DC:D5:3F:15:F9:DB:A3:2B:AC:0D:1C:04:E1:7F:35:76:C1:FA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 63A89EF6D87C275969CEB9E2844D6EFE70F8F8EF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145736.roa Signing time: Wed 04 Mar 2026 06:29:52 +0000 ROA not before: Wed 04 Mar 2026 06:24:52 +0000 ROA not after: Wed 03 Mar 2027 06:29:52 +0000 asID: 145736 IP address blocks: 240a:ac0e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:a8:9e:f6:d8:7c:27:59:69:ce:b9:e2:84:4d:6e:fe:70:f8:f8:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:52 2026 GMT Not After : Mar 3 06:29:52 2027 GMT Subject: CN=1913DCD53F15F9DBA32BAC0D1C04E17F3576C1FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:31:26:e1:f2:73:37:96:99:39:ee:45:d5:cf: 11:e3:a3:fb:25:7d:5c:9e:6c:44:f5:ac:1f:a4:22: 28:7d:11:7b:a9:18:f6:6f:48:84:2e:0f:d7:cf:d6: c0:cf:5d:64:32:85:7d:cd:8a:32:68:bd:32:d2:35: f9:b6:54:16:c5:dc:94:d0:a4:b9:c0:b8:4b:57:84: 38:e3:ec:92:9e:2c:e0:a9:e7:e0:7f:b4:43:a0:09: d1:a3:d8:ae:d4:1f:9e:89:dc:03:3a:27:71:e6:b3: 58:58:3b:03:ac:59:87:16:54:80:4f:d7:80:95:9f: b8:fa:37:e9:8c:19:41:e3:57:d2:92:66:46:df:02: 5e:b4:68:f4:21:e9:fd:a7:77:ba:e8:7c:4f:01:ef: b5:eb:e6:9e:03:e4:36:79:c9:29:97:94:8c:49:ec: a9:91:63:8d:6a:ec:22:f6:b3:73:3b:34:c4:ff:cb: be:17:aa:11:8f:ae:fd:d5:05:84:6b:a3:bd:fd:a3: dc:fc:13:03:b4:22:48:53:7f:88:b3:13:42:ea:e5: da:db:6a:bf:62:5f:3b:d3:81:f2:94:8b:03:6f:8e: 97:d0:b7:14:bf:d0:59:78:a7:11:af:2f:d0:1c:e1: c6:23:d7:1f:8a:1a:98:f8:da:c9:f7:47:53:17:42: 11:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:13:DC:D5:3F:15:F9:DB:A3:2B:AC:0D:1C:04:E1:7F:35:76:C1:FA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145736.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac0e::/32 Signature Algorithm: sha256WithRSAEncryption 1e:14:80:80:c6:32:96:64:2f:94:c9:0b:44:64:8b:71:73:fd: 4b:d5:4c:a2:5b:eb:8e:85:7e:34:ef:e3:b6:5b:02:9b:fb:7c: 3f:2b:90:9d:80:aa:32:49:fe:93:c7:0d:bd:49:1a:cd:65:b9: 71:13:aa:b1:10:1f:90:dd:4a:87:b9:66:4c:85:51:6d:9f:e4: 4d:57:8d:c6:a4:df:94:de:0b:7f:a0:da:43:0e:27:11:56:0b: 56:bc:ed:91:51:be:b3:11:fb:77:22:47:56:bf:26:62:34:36: fa:6e:7c:a7:58:4d:8d:48:20:d5:55:96:f3:58:8b:0c:bf:88: c4:23:f5:30:1c:eb:86:8d:11:28:0a:d9:f3:ac:7f:a5:cd:21: 28:b8:27:8b:e9:4b:b2:97:fb:17:01:2a:b1:09:a7:a4:01:e3: 35:37:3c:c6:c5:7b:c6:59:14:5d:00:5c:27:18:bf:ec:c5:50: ae:6d:90:f5:e1:b2:da:16:c7:62:a1:44:99:55:6d:30:d6:fa: e0:5b:cd:81:9f:e0:95:22:fd:da:86:53:dc:51:d4:99:7d:06: e7:98:ef:2f:f4:ff:80:4c:77:1b:c4:39:d5:a8:f6:e3:51:8c: 00:32:c2:b8:c1:56:46:0c:33:48:48:d0:d9:19:e4:2f:b4:0d: 31:94:ff:40 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUY6ie9th8J1lpzrnihE1u/nD4+O8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1MloX DTI3MDMwMzA2Mjk1MlowMzExMC8GA1UEAxMoMTkxM0RDRDUzRjE1RjlEQkEzMkJB QzBEMUMwNEUxN0YzNTc2QzFGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANoxJuHyczeWmTnuRdXPEeOj+yV9XJ5sRPWsH6QiKH0Re6kY9m9IhC4P18/W wM9dZDKFfc2KMmi9MtI1+bZUFsXclNCkucC4S1eEOOPskp4s4Knn4H+0Q6AJ0aPY rtQfnoncAzonceazWFg7A6xZhxZUgE/XgJWfuPo36YwZQeNX0pJmRt8CXrRo9CHp /ad3uuh8TwHvtevmngPkNnnJKZeUjEnsqZFjjWrsIvazczs0xP/LvheqEY+u/dUF hGujvf2j3PwTA7QiSFN/iLMTQurl2ttqv2JfO9OB8pSLA2+Ol9C3FL/QWXinEa8v 0BzhxiPXH4oamPjayfdHUxdCEX8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQZE9zV PxX526MrrA0cBOF/NXbB+jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTczNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rA4wDQYJKoZIhvcNAQELBQADggEBAB4UgIDGMpZkL5TJC0Rki3Fz/UvVTKJb646F fjTv47ZbApv7fD8rkJ2AqjJJ/pPHDb1JGs1luXETqrEQH5DdSoe5ZkyFUW2f5E1X jcak35TeC3+g2kMOJxFWC1a87ZFRvrMR+3ciR1a/JmI0NvpufKdYTY1IINVVlvNY iwy/iMQj9TAc64aNESgK2fOsf6XNISi4J4vpS7KX+xcBKrEJp6QB4zU3PMbFe8ZZ FF0AXCcYv+zFUK5tkPXhstoWx2KhRJlVbTDW+uBbzYGf4JUi/dqGU9xR1Jl9BueY 7y/0/4BMdxvEOdWo9uNRjAAywrjBVkYMM0hI0NkZ5C+0DTGU/0A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:11 2026 by rpki-client