$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145790.roa File: AS145790.roa (raw, json) Hash identifier: LgYl3NWu4DXEmemRuciu9+tUkgOjuyQXaU+iYEHUNZY= Subject key identifier: CB:E1:0A:37:7B:A5:CD:11:21:A7:F1:D4:6C:2C:25:4A:E2:F6:66:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 69B49A1F6091D1833EA1239C50D319E7B7E3C50D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145790.roa Signing time: Wed 04 Mar 2026 06:29:49 +0000 ROA not before: Wed 04 Mar 2026 06:24:49 +0000 ROA not after: Wed 03 Mar 2027 06:29:49 +0000 asID: 145790 IP address blocks: 240a:ac44::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:b4:9a:1f:60:91:d1:83:3e:a1:23:9c:50:d3:19:e7:b7:e3:c5:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:49 2026 GMT Not After : Mar 3 06:29:49 2027 GMT Subject: CN=CBE10A377BA5CD1121A7F1D46C2C254AE2F666E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:15:e7:62:5d:13:49:8d:b2:90:79:4e:da:cb: 76:0a:eb:15:fd:ab:54:95:1c:c9:d9:0f:9f:cc:f8: e3:6e:2d:04:a0:36:5a:01:7b:69:9d:87:ff:15:a4: 94:90:b7:fe:da:85:fc:e5:28:52:a6:34:ed:2a:54: 7e:89:16:43:e2:6a:e0:f8:77:67:84:ab:38:f0:f3: 06:80:c8:2b:66:ef:cf:ae:f1:21:25:a6:7d:5d:da: d4:6b:75:9b:96:ab:f4:a4:39:eb:3d:97:c4:d0:f4: 70:b0:29:45:18:c6:64:19:89:c1:3e:7a:e4:24:b0: f0:1b:35:89:11:e5:2f:26:0e:63:5a:d1:88:cf:61: 84:ed:ca:46:79:22:49:65:42:ae:fe:83:a8:3e:f6: 4b:29:2f:d9:1a:67:76:aa:d4:36:ab:4b:d9:27:0c: 8f:97:07:bf:c3:cd:f8:43:07:dc:1f:37:bd:d2:5d: a9:c5:ba:78:8f:fd:e3:4f:cb:a6:9a:b7:de:85:c2: 63:56:75:a7:76:52:45:aa:3b:14:d7:f7:b5:7b:51: 2d:c3:2a:b8:9b:cb:94:27:cf:05:1e:b3:62:bd:20: ff:23:c5:7e:76:c1:bc:bf:34:db:2c:a7:91:5e:67: 44:c8:5e:b8:5d:4e:4c:2b:4b:50:8a:a3:ec:6b:1f: 2f:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:E1:0A:37:7B:A5:CD:11:21:A7:F1:D4:6C:2C:25:4A:E2:F6:66:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145790.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac44::/32 Signature Algorithm: sha256WithRSAEncryption 21:d8:92:0a:df:89:0c:50:dd:fc:d7:e5:c0:b3:b5:36:f3:60: 32:94:0f:05:62:ac:38:36:fc:b7:54:aa:2c:5b:37:44:88:42: 0b:e5:f2:62:15:1b:6f:52:f5:ef:a4:9e:7b:76:0d:c3:b6:2f: 6e:11:6b:af:14:26:07:8e:56:f0:81:3a:09:65:8e:63:e3:c1: 60:fb:67:8e:6f:79:b0:52:66:c7:43:fc:f6:9a:21:15:b6:b0: e9:dc:93:75:b5:e6:05:fe:f9:a9:d9:48:6c:22:7d:bf:f0:bc: 2f:bc:c9:26:45:60:b8:31:a1:f6:de:1b:83:6c:12:28:51:2d: ea:81:05:64:2a:01:e0:8a:b2:52:89:2e:80:7e:a1:0c:07:3f: bc:b4:d4:15:4f:bd:4c:ea:14:a8:8d:c2:ba:a5:b9:68:9b:75: 7a:6b:73:93:41:09:1e:d4:84:7c:06:e3:4f:08:5d:30:68:32: 40:8e:38:ba:3c:0a:a8:6b:02:7a:b0:6b:a2:07:2b:9f:43:80: 3e:17:6c:18:6a:fa:df:ee:c9:d0:cd:8c:9a:7b:cc:f8:03:0e: c4:85:5f:bc:a9:c2:df:a3:75:e1:97:94:68:81:fe:76:7e:25: 49:06:ff:16:55:92:cd:20:c5:18:9c:41:42:7f:16:5b:83:cf: 29:0e:49:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUabSaH2CR0YM+oSOcUNMZ57fjxQ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0OVoX DTI3MDMwMzA2Mjk0OVowMzExMC8GA1UEAxMoQ0JFMTBBMzc3QkE1Q0QxMTIxQTdG MUQ0NkMyQzI1NEFFMkY2NjZFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQV52JdE0mNspB5TtrLdgrrFf2rVJUcydkPn8z4424tBKA2WgF7aZ2H/xWk lJC3/tqF/OUoUqY07SpUfokWQ+Jq4Ph3Z4SrOPDzBoDIK2bvz67xISWmfV3a1Gt1 m5ar9KQ56z2XxND0cLApRRjGZBmJwT565CSw8Bs1iRHlLyYOY1rRiM9hhO3KRnki SWVCrv6DqD72Sykv2RpndqrUNqtL2ScMj5cHv8PN+EMH3B83vdJdqcW6eI/940/L ppq33oXCY1Z1p3ZSRao7FNf3tXtRLcMquJvLlCfPBR6zYr0g/yPFfnbBvL802yyn kV5nRMheuF1OTCtLUIqj7GsfL3kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTL4Qo3 e6XNESGn8dRsLCVK4vZm4jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc5MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rEQwDQYJKoZIhvcNAQELBQADggEBACHYkgrfiQxQ3fzX5cCztTbzYDKUDwVirDg2 /LdUqixbN0SIQgvl8mIVG29S9e+knnt2DcO2L24Ra68UJgeOVvCBOglljmPjwWD7 Z45vebBSZsdD/PaaIRW2sOnck3W15gX++anZSGwifb/wvC+8ySZFYLgxofbeG4Ns EihRLeqBBWQqAeCKslKJLoB+oQwHP7y01BVPvUzqFKiNwrqluWibdXprc5NBCR7U hHwG408IXTBoMkCOOLo8CqhrAnqwa6IHK59DgD4XbBhq+t/uydDNjJp7zPgDDsSF X7ypwt+jdeGXlGiB/nZ+JUkG/xZVks0gxRicQUJ/FluDzykOSTI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:48 2026 by rpki-client