$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145857.roa File: AS145857.roa (raw, json) Hash identifier: lfJYbhr9BfHogLtn59jqC+R4wSv0Pyk7ZQz1Kb8Kt+g= Subject key identifier: F9:AD:B4:50:0A:2A:85:9E:47:2E:4D:38:8E:2B:DB:D5:C4:3F:0E:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2AC234E27919E686906A88A26581815B16C22AC3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145857.roa Signing time: Wed 04 Mar 2026 06:30:56 +0000 ROA not before: Wed 04 Mar 2026 06:25:56 +0000 ROA not after: Wed 03 Mar 2027 06:30:56 +0000 asID: 145857 IP address blocks: 240a:ac87::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:c2:34:e2:79:19:e6:86:90:6a:88:a2:65:81:81:5b:16:c2:2a:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:56 2026 GMT Not After : Mar 3 06:30:56 2027 GMT Subject: CN=F9ADB4500A2A859E472E4D388E2BDBD5C43F0E34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:4d:5d:78:7d:a0:2f:1e:d9:d6:7a:f4:f2:cb: f1:35:5d:fa:b3:5e:aa:7a:8e:24:00:a9:ea:87:ad: a9:d7:bb:2a:f6:f0:38:2d:cd:62:0a:06:70:1f:5d: 18:86:f1:86:23:83:9e:fd:39:28:39:14:40:2e:82: 9c:4a:bd:04:e8:82:fd:a8:ad:5f:a3:25:62:bb:e1: 56:b4:bd:fd:65:1d:6c:0a:f7:86:62:55:97:f3:0c: e2:99:f8:86:42:a0:e1:d0:f4:2a:97:52:46:3a:53: 60:1a:1e:44:b2:66:91:ac:19:8a:86:14:bb:59:aa: 94:e8:9e:36:05:e8:d6:77:52:d8:0c:be:a5:f9:94: c9:06:0e:b7:38:5a:07:9d:19:d5:e4:0c:f9:38:52: 0f:ed:58:4a:d7:dd:ec:05:13:61:5e:02:9b:0c:96: 3e:a6:69:15:49:b2:6d:da:a0:5d:cc:12:77:78:f4: 01:0e:5e:61:cc:68:bb:22:93:4c:8d:ed:9d:08:4d: c9:de:2d:e8:47:66:d0:24:fd:57:17:77:a2:b8:fd: aa:71:ca:b4:df:c8:9c:d5:86:9b:8a:0a:84:10:3d: 9e:30:02:e4:c4:b2:e6:df:b6:f6:45:21:d0:e3:3e: 1f:e9:ff:c2:3e:1e:a5:46:b8:3e:f9:99:6a:e0:72: b0:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:AD:B4:50:0A:2A:85:9E:47:2E:4D:38:8E:2B:DB:D5:C4:3F:0E:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145857.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac87::/32 Signature Algorithm: sha256WithRSAEncryption 18:1e:04:14:fb:7d:30:d1:6d:56:07:c7:a7:ce:6f:c8:3a:2c: 21:50:ce:08:42:a1:34:26:af:94:33:37:47:32:71:c4:e4:4b: bb:2e:f1:4d:df:ca:fd:e8:aa:7c:2a:6a:a7:7e:72:81:5e:f9: 27:2b:e3:62:f4:38:63:d6:3d:d8:ff:90:83:2d:8a:1f:06:9f: 3b:7f:6d:98:e7:52:f4:50:e6:4b:4b:7d:88:c7:94:76:68:b2: a2:5e:51:d0:2c:ef:39:5c:b0:7d:d0:c5:2d:de:71:6f:3d:7f: 6a:26:b5:0c:d1:be:80:3b:cd:e9:71:8c:2b:ff:3a:48:88:ea: 6e:35:64:dc:5f:43:5b:fe:5c:8e:3e:19:a8:aa:12:6d:8a:3c: 0d:77:80:1c:8f:72:17:72:62:25:71:57:32:a6:f9:29:8d:e2: f3:3f:0a:76:3e:82:ae:fa:4e:a6:ad:b8:b3:a8:d9:1d:bc:2f: 3a:3e:9b:6f:92:4f:d0:5b:60:83:a1:ee:23:78:39:b3:4f:1f: e5:4e:d6:ed:b7:65:63:ef:6a:b6:b0:e2:40:9f:cf:40:be:93: be:6c:36:12:ee:f5:1c:26:69:c0:1b:22:6d:fc:04:0d:7d:9f: b2:b7:27:27:3b:73:b8:7f:ac:5e:f6:31:7e:d6:b7:10:bf:aa: 7d:dc:e8:34 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKsI04nkZ5oaQaoiiZYGBWxbCKsMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1NloX DTI3MDMwMzA2MzA1NlowMzExMC8GA1UEAxMoRjlBREI0NTAwQTJBODU5RTQ3MkU0 RDM4OEUyQkRCRDVDNDNGMEUzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlNXXh9oC8e2dZ69PLL8TVd+rNeqnqOJACp6oetqde7KvbwOC3NYgoGcB9d GIbxhiODnv05KDkUQC6CnEq9BOiC/aitX6MlYrvhVrS9/WUdbAr3hmJVl/MM4pn4 hkKg4dD0KpdSRjpTYBoeRLJmkawZioYUu1mqlOieNgXo1ndS2Ay+pfmUyQYOtzha B50Z1eQM+ThSD+1YStfd7AUTYV4CmwyWPqZpFUmybdqgXcwSd3j0AQ5eYcxouyKT TI3tnQhNyd4t6Edm0CT9Vxd3orj9qnHKtN/InNWGm4oKhBA9njAC5MSy5t+29kUh 0OM+H+n/wj4epUa4PvmZauBysG0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT5rbRQ CiqFnkcuTTiOK9vVxD8ONDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rIcwDQYJKoZIhvcNAQELBQADggEBABgeBBT7fTDRbVYHx6fOb8g6LCFQzghCoTQm r5QzN0cyccTkS7su8U3fyv3oqnwqaqd+coFe+Scr42L0OGPWPdj/kIMtih8Gnzt/ bZjnUvRQ5ktLfYjHlHZosqJeUdAs7zlcsH3QxS3ecW89f2omtQzRvoA7zelxjCv/ OkiI6m41ZNxfQ1v+XI4+GaiqEm2KPA13gByPchdyYiVxVzKm+SmN4vM/CnY+gq76 TqatuLOo2R28Lzo+m2+ST9BbYIOh7iN4ObNPH+VO1u23ZWPvaraw4kCfz0C+k75s NhLu9RwmacAbIm38BA19n7K3Jyc7c7h/rF72MX7WtxC/qn3c6DQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:57 2026 by rpki-client