$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145838.roa File: AS145838.roa (raw, json) Hash identifier: 5MYBPA5l9pa9HKSSI0qT2KvesmA+RY5/NCwOtEy3yuc= Subject key identifier: E9:55:AC:C4:E4:A5:FD:3E:86:E0:80:77:75:12:D5:EF:B5:D8:31:53 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D4BF0D4A05E3FB0342F8F181A0CB8548CB5F49D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145838.roa Signing time: Wed 04 Mar 2026 06:30:35 +0000 ROA not before: Wed 04 Mar 2026 06:25:35 +0000 ROA not after: Wed 03 Mar 2027 06:30:35 +0000 asID: 145838 IP address blocks: 240a:ac74::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:4b:f0:d4:a0:5e:3f:b0:34:2f:8f:18:1a:0c:b8:54:8c:b5:f4:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:35 2026 GMT Not After : Mar 3 06:30:35 2027 GMT Subject: CN=E955ACC4E4A5FD3E86E080777512D5EFB5D83153 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:16:fb:a0:ed:c0:52:de:fb:c4:bb:ed:34:1f: f2:c9:0a:e6:55:76:a8:b7:65:5b:17:99:17:b3:b6: 89:b4:65:77:f6:a2:55:5e:71:aa:7c:bb:24:87:42: 87:71:37:0a:27:13:14:25:19:5b:fc:d4:c5:49:1a: 7e:81:7b:8f:56:44:58:14:8e:d4:cb:0f:2d:18:ed: 82:60:1e:a2:c9:94:66:0f:6d:1d:2b:3b:4c:f8:8d: 22:5a:2d:78:6f:bc:d6:16:53:0b:24:b7:9d:3d:82: 1c:73:64:22:76:85:3b:16:2d:9e:17:f3:8a:9f:07: a3:6e:a7:75:37:25:f0:32:8d:32:38:05:fe:6c:aa: ee:cd:24:dd:27:48:58:57:60:83:08:b8:7b:44:9c: 47:27:24:43:9d:2f:68:5d:26:b1:66:d4:dd:6e:7b: 51:60:3c:e1:fa:27:7d:46:bb:e3:60:c5:cc:1a:2a: 32:b8:8c:5d:e9:98:13:c8:dc:8b:a2:44:2a:84:66: 4d:22:db:1e:6b:ee:ff:58:1d:cb:b0:20:e2:d7:cd: 82:cf:da:b5:43:f7:f2:f8:c3:a4:e3:8c:ce:76:2a: a9:f3:63:ea:0e:b6:e0:7d:3a:6d:a8:8b:2b:d5:0b: b7:01:a7:31:03:5c:f1:91:e4:2a:a1:5a:39:94:f2: 1c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:55:AC:C4:E4:A5:FD:3E:86:E0:80:77:75:12:D5:EF:B5:D8:31:53 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac74::/32 Signature Algorithm: sha256WithRSAEncryption 38:7e:cf:77:dd:f6:cd:3a:4b:39:09:8b:a9:a6:4e:39:a4:37: 4c:f0:1f:66:40:6f:0b:be:c8:c8:46:84:87:ce:94:e5:23:a2: 49:08:f8:0c:d5:14:1c:59:21:fd:fe:d2:6f:21:bc:b6:b1:fc: 0a:a2:b8:b5:8f:d0:cd:ac:01:47:84:04:c0:be:0d:7e:0d:99: 30:38:6c:f4:94:0c:36:eb:8e:8c:81:67:ee:39:aa:5b:e1:49: 90:f0:c8:ed:1f:36:a5:d0:24:fc:6d:b9:38:1f:d6:f3:b5:29: c5:46:21:ab:df:fe:5f:16:da:8c:96:08:62:ff:9a:89:fb:12: 5e:96:91:99:94:4d:1e:1e:fc:e8:24:8d:7b:c4:6b:72:3a:b0: ef:24:2a:06:a0:96:b4:b4:61:c7:7d:88:6f:f9:ec:4b:e4:cb: e7:a0:09:78:fa:0c:00:2e:d4:f0:6b:be:39:16:6b:88:51:1c: 01:d3:e9:38:21:1d:c7:f3:a6:fb:44:e6:94:78:e8:a3:fa:39: 9e:4d:91:2b:e9:98:25:15:72:3c:0c:66:58:f9:40:97:06:2d: db:fd:7c:08:9c:cf:90:10:2b:02:e7:a2:73:11:91:29:13:fb: b7:26:3a:bb:f8:e6:20:a5:7f:f0:4f:df:28:af:7b:2a:5d:48: 50:5f:d4:3d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPUvw1KBeP7A0L48YGgy4VIy19J0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzNVoX DTI3MDMwMzA2MzAzNVowMzExMC8GA1UEAxMoRTk1NUFDQzRFNEE1RkQzRTg2RTA4 MDc3NzUxMkQ1RUZCNUQ4MzE1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMMW+6DtwFLe+8S77TQf8skK5lV2qLdlWxeZF7O2ibRld/aiVV5xqny7JIdC h3E3CicTFCUZW/zUxUkafoF7j1ZEWBSO1MsPLRjtgmAeosmUZg9tHSs7TPiNIlot eG+81hZTCyS3nT2CHHNkInaFOxYtnhfzip8Ho26ndTcl8DKNMjgF/myq7s0k3SdI WFdggwi4e0ScRyckQ50vaF0msWbU3W57UWA84fonfUa742DFzBoqMriMXemYE8jc i6JEKoRmTSLbHmvu/1gdy7Ag4tfNgs/atUP38vjDpOOMznYqqfNj6g624H06baiL K9ULtwGnMQNc8ZHkKqFaOZTyHNECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTpVazE 5KX9PobggHd1EtXvtdgxUzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTgzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rHQwDQYJKoZIhvcNAQELBQADggEBADh+z3fd9s06SzkJi6mmTjmkN0zwH2ZAbwu+ yMhGhIfOlOUjokkI+AzVFBxZIf3+0m8hvLax/AqiuLWP0M2sAUeEBMC+DX4NmTA4 bPSUDDbrjoyBZ+45qlvhSZDwyO0fNqXQJPxtuTgf1vO1KcVGIavf/l8W2oyWCGL/ mon7El6WkZmUTR4e/OgkjXvEa3I6sO8kKgaglrS0Ycd9iG/57Evky+egCXj6DAAu 1PBrvjkWa4hRHAHT6TghHcfzpvtE5pR46KP6OZ5NkSvpmCUVcjwMZlj5QJcGLdv9 fAicz5AQKwLnonMRkSkT+7cmOrv45iClf/BP3yiveypdSFBf1D0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:42 2026 by rpki-client