$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145767.roa File: AS145767.roa (raw, json) Hash identifier: oShwu7SK2wvJRdwiL5UIzJPKeleTflGqMn+LOvrnCXk= Subject key identifier: 4A:60:63:95:E5:2E:62:4C:1A:1C:FE:49:C7:E2:DB:A3:5B:2C:33:AF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C16F75405ABD49BAA580220A23AAA1328CF597F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145767.roa Signing time: Wed 04 Mar 2026 06:30:39 +0000 ROA not before: Wed 04 Mar 2026 06:25:39 +0000 ROA not after: Wed 03 Mar 2027 06:30:39 +0000 asID: 145767 IP address blocks: 240a:ac2d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:16:f7:54:05:ab:d4:9b:aa:58:02:20:a2:3a:aa:13:28:cf:59:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:39 2026 GMT Not After : Mar 3 06:30:39 2027 GMT Subject: CN=4A606395E52E624C1A1CFE49C7E2DBA35B2C33AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:4f:40:a3:cf:ef:b9:7c:47:3e:33:83:7a:f4: 29:d1:98:06:68:ee:46:88:46:25:2e:e6:22:18:d9: 6e:3b:24:13:b5:18:d2:83:32:2b:90:86:c7:f0:15: da:dc:a5:8d:12:4a:4a:8d:a5:60:f0:c4:3c:6c:70: 14:82:84:60:4f:6d:9a:4e:bf:ab:f3:9c:f2:4a:9d: 38:96:91:cf:d1:04:b8:84:36:6a:87:3c:ab:67:78: 07:66:6b:ba:74:20:b7:7f:41:84:9c:4e:13:3a:27: 0d:4d:ec:83:2c:7c:13:f4:50:60:7e:93:e6:51:4a: 7c:bb:fa:db:6a:f3:64:cf:1a:dd:30:c0:ab:f7:66: 75:ce:13:a0:a5:b0:55:0b:f5:b2:85:72:41:8e:a7: 85:69:e3:98:55:8a:51:b3:c3:a2:1d:fc:d0:c4:f2: 95:18:30:6a:35:12:8f:46:c9:16:61:da:3b:42:4b: 04:93:f8:98:a5:c8:bc:6b:e7:59:62:0e:f5:81:fc: 99:5f:02:8d:d4:a7:59:1c:b9:74:4f:60:d2:cc:53: 92:a5:88:30:d2:57:3e:d0:fa:30:f4:95:ce:75:2c: 74:da:e0:5c:78:38:d9:de:cc:76:87:6c:8d:e1:e6: 4a:a8:8e:9b:da:b0:51:e3:d5:80:17:96:db:d4:cb: 18:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:60:63:95:E5:2E:62:4C:1A:1C:FE:49:C7:E2:DB:A3:5B:2C:33:AF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145767.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac2d::/32 Signature Algorithm: sha256WithRSAEncryption 63:8f:00:2c:42:88:8d:94:1e:fa:29:ba:9c:79:c1:7b:85:0e: f4:07:b9:6e:ce:f0:4a:5b:a2:8c:73:b5:be:20:d4:69:6f:0b: 7b:9d:1b:f6:0c:6d:b5:6a:7f:fc:c5:a7:66:8e:ae:4e:93:86: 06:5a:ca:f5:d7:64:0e:fd:35:0a:1d:1b:f7:0b:30:f5:e0:7e: 73:ba:01:e9:7e:e0:2d:89:d0:e1:f4:f2:72:33:a9:52:9b:f7: 3f:18:c0:ff:1e:3b:ee:d6:f3:62:a9:a8:b7:96:dd:57:ab:4c: 11:14:55:de:a3:05:2e:11:43:5f:3e:ad:d6:64:14:35:99:63: 5e:f9:4b:d8:4c:c9:30:cc:a9:4d:6f:77:af:c0:91:4e:09:f0: 31:e6:0f:d3:25:dd:28:26:16:a6:91:7e:40:4a:e7:ea:2b:55: cc:51:08:fc:63:cc:d5:17:f8:1f:06:97:cb:de:85:93:4b:eb: 59:68:fa:a3:d7:8e:f5:77:cb:d5:2d:db:12:88:93:5e:77:82: 18:72:06:19:0f:d8:a1:78:88:27:36:4f:28:57:50:40:06:e9: 0f:e4:2a:cc:3a:79:51:3c:d3:5b:d9:df:ca:94:4e:f0:bf:2f: d8:2b:7d:93:1d:7c:4a:c9:b0:11:bb:c7:00:48:fc:0b:06:28: 33:05:50:4f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfBb3VAWr1JuqWAIgojqqEyjPWX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzOVoX DTI3MDMwMzA2MzAzOVowMzExMC8GA1UEAxMoNEE2MDYzOTVFNTJFNjI0QzFBMUNG RTQ5QzdFMkRCQTM1QjJDMzNBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtPQKPP77l8Rz4zg3r0KdGYBmjuRohGJS7mIhjZbjskE7UY0oMyK5CGx/AV 2tyljRJKSo2lYPDEPGxwFIKEYE9tmk6/q/Oc8kqdOJaRz9EEuIQ2aoc8q2d4B2Zr unQgt39BhJxOEzonDU3sgyx8E/RQYH6T5lFKfLv622rzZM8a3TDAq/dmdc4ToKWw VQv1soVyQY6nhWnjmFWKUbPDoh380MTylRgwajUSj0bJFmHaO0JLBJP4mKXIvGvn WWIO9YH8mV8CjdSnWRy5dE9g0sxTkqWIMNJXPtD6MPSVznUsdNrgXHg42d7Mdods jeHmSqiOm9qwUePVgBeW29TLGMMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRKYGOV 5S5iTBoc/knH4tujWywzrzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rC0wDQYJKoZIhvcNAQELBQADggEBAGOPACxCiI2UHvopupx5wXuFDvQHuW7O8Epb ooxztb4g1GlvC3udG/YMbbVqf/zFp2aOrk6ThgZayvXXZA79NQodG/cLMPXgfnO6 Ael+4C2J0OH08nIzqVKb9z8YwP8eO+7W82KpqLeW3VerTBEUVd6jBS4RQ18+rdZk FDWZY175S9hMyTDMqU1vd6/AkU4J8DHmD9Ml3SgmFqaRfkBK5+orVcxRCPxjzNUX +B8Gl8vehZNL61lo+qPXjvV3y9Ut2xKIk153ghhyBhkP2KF4iCc2TyhXUEAG6Q/k Ksw6eVE801vZ38qUTvC/L9grfZMdfErJsBG7xwBI/AsGKDMFUE8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:49 2026 by rpki-client