$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145797.roa File: AS145797.roa (raw, json) Hash identifier: ikTblU6r73yWRTSVx2CodQSSxrP7niKlY3cdAHpCW08= Subject key identifier: BA:3F:F8:F2:A8:7C:25:51:6A:E9:FF:AE:3D:E4:48:B9:CD:80:43:B8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 35F033185674E78E57AF7F294C3A7E7D6E0F30E7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145797.roa Signing time: Wed 04 Mar 2026 06:30:22 +0000 ROA not before: Wed 04 Mar 2026 06:25:22 +0000 ROA not after: Wed 03 Mar 2027 06:30:22 +0000 asID: 145797 IP address blocks: 240a:ac4b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:f0:33:18:56:74:e7:8e:57:af:7f:29:4c:3a:7e:7d:6e:0f:30:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:22 2026 GMT Not After : Mar 3 06:30:22 2027 GMT Subject: CN=BA3FF8F2A87C25516AE9FFAE3DE448B9CD8043B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:d7:90:38:f2:8e:eb:a3:45:a5:ef:13:d1:c1: 98:26:0d:40:3c:ef:6b:9c:ac:d9:3f:bf:78:05:7f: 7e:34:c6:57:e7:2c:8f:43:92:1f:42:f3:89:3d:d2: 4a:d8:49:46:f5:9f:fb:bd:4c:a2:de:fa:62:39:52: 60:ef:d5:80:b5:f9:bc:8e:5a:65:e9:73:51:f3:98: 4a:09:3d:2f:0d:ff:ad:b5:84:6a:d4:68:01:2d:3d: f6:56:a2:6f:42:0a:61:ba:16:b7:8b:9a:21:2d:a8: cf:e7:48:a5:2e:74:1d:56:f8:e1:95:3e:68:e1:5a: 5c:eb:a5:6a:4c:7c:36:8a:79:0e:44:2a:18:f0:0b: 35:ac:6e:71:35:1e:b0:72:22:7e:fc:14:33:36:3b: d2:51:c3:67:e5:90:ca:c0:70:09:c4:c9:08:89:4d: 10:67:51:bf:37:68:2a:67:1e:6e:ee:d8:2e:df:4e: ac:d5:4b:09:f5:4a:db:3d:8b:1b:1a:68:c4:b4:d8: 61:15:9a:28:97:d6:b1:3a:b2:0e:37:1c:cd:0d:7f: 71:b1:8e:3b:30:9f:e9:5a:97:d8:d2:c6:c7:70:5b: e7:2e:f8:34:38:4e:43:7f:44:f7:1e:6f:ac:e8:3c: 88:db:1c:69:83:24:d9:6e:13:0c:60:25:d4:03:33: cc:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:3F:F8:F2:A8:7C:25:51:6A:E9:FF:AE:3D:E4:48:B9:CD:80:43:B8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145797.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac4b::/32 Signature Algorithm: sha256WithRSAEncryption 52:96:fe:f9:b1:14:18:e7:b5:e5:e4:fb:ff:b3:7e:39:3b:03: 16:ea:ff:e9:48:04:c1:d7:fc:d0:f4:0e:cd:d6:66:56:c3:20: 72:71:34:d8:7b:d4:16:34:46:20:0b:44:c7:74:9c:ae:14:82: 25:87:88:29:b5:ab:f1:6a:bd:96:93:0f:94:a4:87:d8:4a:5c: bc:80:82:08:a6:27:54:99:29:19:cc:d7:32:48:b2:e1:42:ed: 85:31:1a:7b:56:2e:c2:14:78:1b:55:5b:6b:0a:8b:ba:da:a0: 20:9a:eb:e5:a9:f5:fa:72:b3:7d:a5:7c:41:85:d9:4b:ec:36: 60:05:1e:fa:3e:5d:18:f6:68:ed:9a:88:11:bd:46:bf:61:44: ed:b5:65:1c:e1:36:1d:30:7b:4c:03:22:04:72:d2:34:85:3e: 5a:37:4e:66:cb:7a:8c:53:ff:1a:ec:32:d2:44:f4:17:68:4a: 25:f3:54:c4:c2:9a:0f:8e:2f:dd:30:fc:5f:6b:09:c7:04:69: 25:69:c7:73:03:c9:68:7d:fd:6a:b8:6b:69:da:6c:a2:35:7b: f6:a8:f1:4e:ca:a5:e3:fb:f4:f5:b1:05:23:9d:d8:48:2b:d2: 10:db:03:fe:aa:a4:3e:6a:f6:3d:e7:41:ae:d0:56:09:f8:25: c1:70:62:bf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNfAzGFZ0545Xr38pTDp+fW4PMOcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyMloX DTI3MDMwMzA2MzAyMlowMzExMC8GA1UEAxMoQkEzRkY4RjJBODdDMjU1MTZBRTlG RkFFM0RFNDQ4QjlDRDgwNDNCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjXkDjyjuujRaXvE9HBmCYNQDzva5ys2T+/eAV/fjTGV+csj0OSH0LziT3S SthJRvWf+71Mot76YjlSYO/VgLX5vI5aZelzUfOYSgk9Lw3/rbWEatRoAS099lai b0IKYboWt4uaIS2oz+dIpS50HVb44ZU+aOFaXOulakx8Nop5DkQqGPALNaxucTUe sHIifvwUMzY70lHDZ+WQysBwCcTJCIlNEGdRvzdoKmcebu7YLt9OrNVLCfVK2z2L GxpoxLTYYRWaKJfWsTqyDjcczQ1/cbGOOzCf6VqX2NLGx3Bb5y74NDhOQ39E9x5v rOg8iNscaYMk2W4TDGAl1AMzzDMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS6P/jy qHwlUWrp/6495Ei5zYBDuDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rEswDQYJKoZIhvcNAQELBQADggEBAFKW/vmxFBjnteXk+/+zfjk7Axbq/+lIBMHX /ND0Ds3WZlbDIHJxNNh71BY0RiALRMd0nK4UgiWHiCm1q/FqvZaTD5Skh9hKXLyA ggimJ1SZKRnM1zJIsuFC7YUxGntWLsIUeBtVW2sKi7raoCCa6+Wp9fpys32lfEGF 2UvsNmAFHvo+XRj2aO2aiBG9Rr9hRO21ZRzhNh0we0wDIgRy0jSFPlo3TmbLeoxT /xrsMtJE9BdoSiXzVMTCmg+OL90w/F9rCccEaSVpx3MDyWh9/Wq4a2nabKI1e/ao 8U7KpeP79PWxBSOd2Egr0hDbA/6qpD5q9j3nQa7QVgn4JcFwYr8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:08 2026 by rpki-client