$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145775.roa File: AS145775.roa (raw, json) Hash identifier: 4rz6w1PgiPpes2HeX8lD9ErFB8tLnHHMDENlrw2Noqc= Subject key identifier: A0:17:61:C4:6A:DF:8C:03:17:1B:6E:C6:38:93:E0:C6:1D:6E:20:ED Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 72D1A6470A4E2184F38B1D3B9B499CADB04E215C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145775.roa Signing time: Wed 04 Mar 2026 06:30:29 +0000 ROA not before: Wed 04 Mar 2026 06:25:29 +0000 ROA not after: Wed 03 Mar 2027 06:30:29 +0000 asID: 145775 IP address blocks: 240a:ac35::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:d1:a6:47:0a:4e:21:84:f3:8b:1d:3b:9b:49:9c:ad:b0:4e:21:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:29 2026 GMT Not After : Mar 3 06:30:29 2027 GMT Subject: CN=A01761C46ADF8C03171B6EC63893E0C61D6E20ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:6c:45:0b:d4:31:47:53:8a:c1:fa:4a:47:a4: 16:91:e0:a6:6a:d8:dd:9f:bf:db:58:8d:e8:f1:a3: aa:0f:5d:0b:dd:99:ec:28:ea:8c:76:c2:e8:ad:78: 80:6c:f7:a9:69:40:13:f1:ac:e7:de:99:f4:ad:09: 17:c5:97:12:f1:01:66:71:e2:c6:fb:96:40:5c:86: ca:95:1f:dd:a6:df:bd:33:82:3c:83:3c:c8:fe:95: be:6e:bd:64:f7:65:6c:c5:58:ae:5c:75:21:76:a6: b5:3f:24:a1:06:79:59:50:4a:68:fa:84:90:65:04: ab:f5:d0:d1:a0:8f:7c:a0:b5:c6:98:de:b2:65:ed: 43:b3:e9:3e:61:89:0f:99:ef:b8:3a:87:00:7a:28: 15:41:25:c1:5a:2b:f0:72:f4:3c:01:f8:97:1f:ad: d7:6c:f4:e2:f5:37:7f:ba:66:53:8e:1c:1a:1f:32: 9c:81:b2:21:17:e9:a4:a4:dc:56:20:0c:0c:14:71: 07:82:57:6f:c4:72:a3:ab:86:5c:c4:69:d8:59:f1: 8e:4a:f4:6b:98:fe:b3:05:dd:a2:b1:75:26:41:e2: 9c:05:e9:bb:84:33:7c:ca:6d:97:74:bf:8e:b5:0e: c9:ba:77:75:10:e6:a3:60:7d:e8:70:c7:06:b4:5b: 5a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:17:61:C4:6A:DF:8C:03:17:1B:6E:C6:38:93:E0:C6:1D:6E:20:ED X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145775.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac35::/32 Signature Algorithm: sha256WithRSAEncryption 1e:e3:87:fa:c5:fa:62:b9:a0:cb:e4:6a:02:3c:54:6a:27:1d: f9:fc:84:b9:a7:69:16:fd:54:62:81:5b:41:27:dd:29:fd:dc: 4b:53:8a:e5:79:cb:d4:2a:e8:67:61:7b:08:fc:5d:96:aa:74: a3:a3:2f:21:10:4e:bc:60:fa:47:7b:45:6b:03:6a:d8:db:b7: f2:2c:3a:92:9a:e7:90:92:bf:77:82:76:ef:e7:39:b6:02:fc: 0e:82:5e:ac:e3:08:60:bc:ed:a0:75:ce:54:6b:c1:5a:d4:31: ed:58:6c:c4:bf:b4:03:1d:e0:10:d9:a2:f1:8b:38:dd:8c:8a: ac:02:28:cc:03:55:0c:37:01:14:ce:dd:a1:42:86:07:41:4d: 07:ee:fc:ff:e0:46:91:39:e0:15:ff:3c:90:af:1d:9c:34:09: 88:09:ee:07:65:a4:eb:46:be:cc:66:9d:82:d8:51:02:06:d7: 76:f3:d1:d3:3e:31:6e:02:fe:44:f8:a3:5d:52:f5:23:2f:25: d5:f5:5e:00:85:81:b6:05:15:4b:21:21:c3:e4:cb:40:c2:70: fa:cf:5d:3d:bf:43:ce:bd:e5:e0:2d:ea:18:26:4b:75:5b:10: 8f:42:3e:38:46:43:d0:65:db:e6:67:7a:83:f6:e5:46:e5:44: 7c:b4:d2:a0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUctGmRwpOIYTzix07m0mcrbBOIVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyOVoX DTI3MDMwMzA2MzAyOVowMzExMC8GA1UEAxMoQTAxNzYxQzQ2QURGOEMwMzE3MUI2 RUM2Mzg5M0UwQzYxRDZFMjBFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKxsRQvUMUdTisH6SkekFpHgpmrY3Z+/21iN6PGjqg9dC92Z7CjqjHbC6K14 gGz3qWlAE/Gs596Z9K0JF8WXEvEBZnHixvuWQFyGypUf3abfvTOCPIM8yP6Vvm69 ZPdlbMVYrlx1IXamtT8koQZ5WVBKaPqEkGUEq/XQ0aCPfKC1xpjesmXtQ7PpPmGJ D5nvuDqHAHooFUElwVor8HL0PAH4lx+t12z04vU3f7pmU44cGh8ynIGyIRfppKTc ViAMDBRxB4JXb8Ryo6uGXMRp2Fnxjkr0a5j+swXdorF1JkHinAXpu4QzfMptl3S/ jrUOybp3dRDmo2B96HDHBrRbWmcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSgF2HE at+MAxcbbsY4k+DGHW4g7TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rDUwDQYJKoZIhvcNAQELBQADggEBAB7jh/rF+mK5oMvkagI8VGonHfn8hLmnaRb9 VGKBW0En3Sn93EtTiuV5y9Qq6Gdhewj8XZaqdKOjLyEQTrxg+kd7RWsDatjbt/Is OpKa55CSv3eCdu/nObYC/A6CXqzjCGC87aB1zlRrwVrUMe1YbMS/tAMd4BDZovGL ON2MiqwCKMwDVQw3ARTO3aFChgdBTQfu/P/gRpE54BX/PJCvHZw0CYgJ7gdlpOtG vsxmnYLYUQIG13bz0dM+MW4C/kT4o11S9SMvJdX1XgCFgbYFFUshIcPky0DCcPrP XT2/Q8695eAt6hgmS3VbEI9CPjhGQ9Bl2+ZneoP25UblRHy00qA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:51 2026 by rpki-client