$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145801.roa File: AS145801.roa (raw, json) Hash identifier: YZ4JpFEkxVb3QI3OW5A0VIlQl6dsflejOFsXhWkGG9Q= Subject key identifier: 9A:97:9A:2C:A7:D6:32:7B:FF:C5:5E:94:92:BD:F9:BA:6D:78:68:46 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4089E87BD32D2FF52CD8D12FCBAB1CED6BD66367 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145801.roa Signing time: Wed 04 Mar 2026 06:30:19 +0000 ROA not before: Wed 04 Mar 2026 06:25:19 +0000 ROA not after: Wed 03 Mar 2027 06:30:19 +0000 asID: 145801 IP address blocks: 240a:ac4f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:89:e8:7b:d3:2d:2f:f5:2c:d8:d1:2f:cb:ab:1c:ed:6b:d6:63:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:19 2026 GMT Not After : Mar 3 06:30:19 2027 GMT Subject: CN=9A979A2CA7D6327BFFC55E9492BDF9BA6D786846 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:db:36:e8:09:b5:12:53:2b:8f:fd:bb:c2:a7: df:dc:14:ec:e0:91:5e:88:a7:6a:36:5f:33:06:37: a3:5c:77:2c:23:21:03:6b:f9:be:f4:6f:03:af:0e: cd:f0:09:a9:39:c8:e7:53:90:4f:ad:30:63:76:88: 9c:38:5e:2e:1c:9d:ce:5d:c9:df:dd:fa:34:45:bb: 70:08:39:c0:2a:9f:9b:e2:18:59:d5:81:a9:d5:2f: 0a:cd:42:a9:19:fd:43:24:54:a0:49:26:85:38:14: 15:0a:5e:43:59:46:70:f0:52:21:fa:63:5a:77:a5: f7:3b:fd:97:3f:a7:29:df:f3:a9:24:e8:4c:d0:50: fe:eb:d8:b0:a4:c4:86:ee:88:a9:ba:8a:14:5a:11: 7d:0e:55:90:3d:09:8b:7a:be:0b:96:ee:5c:5d:18: d5:00:8d:4d:bc:9e:14:5d:a0:91:56:44:e9:5b:44: 5c:9f:63:37:86:56:12:a9:e9:09:3a:fd:5c:b7:45: 2e:3d:e6:f9:b3:06:fe:f5:ac:fb:4b:2c:e4:46:6c: f4:9a:2e:da:02:2c:6e:f7:b6:8e:9b:6d:dc:77:85: 76:27:fd:18:06:eb:7e:57:4b:8f:26:99:a5:cf:ef: b0:95:0e:3c:5c:67:5b:d8:3f:d1:cf:95:a4:d0:b7: f8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:97:9A:2C:A7:D6:32:7B:FF:C5:5E:94:92:BD:F9:BA:6D:78:68:46 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145801.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac4f::/32 Signature Algorithm: sha256WithRSAEncryption 31:e5:5a:9b:2a:c4:58:91:fa:76:7e:a5:b0:07:ab:cc:5d:2b: a2:1d:09:ad:b0:ec:c6:ff:92:c0:31:9b:29:0d:4d:f1:a8:1f: 10:a6:b4:7d:c5:fd:49:88:3f:04:d9:54:aa:0a:0e:bd:9a:5b: b8:f9:2d:f4:d0:33:db:3c:60:b8:58:ba:b1:d7:3f:e0:9e:04: 4c:9b:33:2a:fa:22:81:fd:34:67:72:3f:85:43:77:90:3e:af: 3b:23:e4:cf:87:8d:02:5d:95:5d:c3:f9:e3:5d:18:e9:95:76: bc:fe:c0:78:74:ce:7a:3b:59:94:da:4a:a1:08:b5:2f:d0:21: 59:9b:b5:c3:38:88:64:27:a0:58:7e:b0:de:16:b7:06:b2:67: 9c:6b:7f:80:bd:59:e3:58:13:45:de:63:23:14:1e:2f:f7:ef: ab:19:39:5e:8d:b9:99:b0:a0:23:ee:b2:e6:0e:f2:ee:63:ce: 2e:5c:09:b0:9c:cb:14:08:4e:8b:c9:a8:73:e9:12:f9:fa:05: 2d:56:e8:ac:25:ac:97:7f:f5:46:60:da:63:2a:33:14:72:c9: 7a:fa:2f:62:1d:ec:dc:54:30:d8:af:e6:8d:e0:a4:21:67:48: b0:bf:1f:73:1c:c6:81:52:ce:50:c8:e8:fe:41:90:7c:ed:80: 3a:5f:7c:03 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQInoe9MtL/Us2NEvy6sc7WvWY2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxOVoX DTI3MDMwMzA2MzAxOVowMzExMC8GA1UEAxMoOUE5NzlBMkNBN0Q2MzI3QkZGQzU1 RTk0OTJCREY5QkE2RDc4Njg0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANLbNugJtRJTK4/9u8Kn39wU7OCRXoinajZfMwY3o1x3LCMhA2v5vvRvA68O zfAJqTnI51OQT60wY3aInDheLhydzl3J3936NEW7cAg5wCqfm+IYWdWBqdUvCs1C qRn9QyRUoEkmhTgUFQpeQ1lGcPBSIfpjWnel9zv9lz+nKd/zqSToTNBQ/uvYsKTE hu6IqbqKFFoRfQ5VkD0Ji3q+C5buXF0Y1QCNTbyeFF2gkVZE6VtEXJ9jN4ZWEqnp CTr9XLdFLj3m+bMG/vWs+0ss5EZs9Jou2gIsbve2jptt3HeFdif9GAbrfldLjyaZ pc/vsJUOPFxnW9g/0c+VpNC3+J0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSal5os p9Yye//FXpSSvfm6bXhoRjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTgwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rE8wDQYJKoZIhvcNAQELBQADggEBADHlWpsqxFiR+nZ+pbAHq8xdK6IdCa2w7Mb/ ksAxmykNTfGoHxCmtH3F/UmIPwTZVKoKDr2aW7j5LfTQM9s8YLhYurHXP+CeBEyb Myr6IoH9NGdyP4VDd5A+rzsj5M+HjQJdlV3D+eNdGOmVdrz+wHh0zno7WZTaSqEI tS/QIVmbtcM4iGQnoFh+sN4WtwayZ5xrf4C9WeNYE0XeYyMUHi/376sZOV6NuZmw oCPusuYO8u5jzi5cCbCcyxQITovJqHPpEvn6BS1W6KwlrJd/9UZg2mMqMxRyyXr6 L2Id7NxUMNiv5o3gpCFnSLC/H3McxoFSzlDI6P5BkHztgDpffAM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:41 2026 by rpki-client