$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145858.roa File: AS145858.roa (raw, json) Hash identifier: vg99VwOCowmuFpM/kh9ZREv2OR6Bce9HoG53hX/d1Ho= Subject key identifier: F1:FF:C3:16:67:95:90:C9:AB:B9:3D:5F:B4:BE:E3:94:DF:3B:5B:1B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6645B537E6CA0D157D676FA10D39B5CEE7A2C597 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145858.roa Signing time: Wed 04 Mar 2026 06:30:28 +0000 ROA not before: Wed 04 Mar 2026 06:25:28 +0000 ROA not after: Wed 03 Mar 2027 06:30:28 +0000 asID: 145858 IP address blocks: 240a:ac88::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:45:b5:37:e6:ca:0d:15:7d:67:6f:a1:0d:39:b5:ce:e7:a2:c5:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:28 2026 GMT Not After : Mar 3 06:30:28 2027 GMT Subject: CN=F1FFC316679590C9ABB93D5FB4BEE394DF3B5B1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:74:c6:8b:d7:c3:a7:bd:00:32:86:eb:49:8a: 3f:bd:d0:d9:39:72:94:ff:af:53:a5:b3:59:02:ea: b6:ee:4f:10:a9:c8:1d:88:88:a6:d0:c3:b4:db:dc: b2:25:28:3b:e9:72:73:8c:93:18:f3:b9:65:58:3c: 3c:0d:db:73:3f:64:2c:d4:63:dd:7a:98:f7:5b:df: 2c:b6:1e:fa:53:fe:c0:00:d8:b4:f0:9f:67:1b:fe: b7:52:e0:08:18:7c:11:f7:bd:fb:5d:96:52:59:a7: 71:52:c4:a8:7d:d9:23:ef:52:d0:28:a0:fa:d9:de: 4e:c5:ea:2f:62:29:33:06:2d:b0:2b:d4:33:6f:85: 1f:68:ab:7a:b2:ca:12:89:3e:0a:65:43:13:0d:48: 7b:13:1d:d6:6c:b9:28:7f:40:fc:1c:fb:ee:44:8d: 5e:ad:9f:26:93:db:ce:02:8e:9e:9f:35:13:d8:4b: c7:ac:92:57:51:86:bf:e1:6d:5a:8d:9d:52:78:f6: 3b:f0:84:50:02:a4:a4:de:22:f6:99:be:f4:af:c2: 1b:91:18:0e:0a:a0:1e:3b:35:f2:5b:cc:c5:1a:60: 89:2d:5e:91:59:d5:66:23:13:a0:81:7d:33:0a:bd: 8b:27:b4:86:50:29:2d:b4:94:af:59:87:ee:37:45: c6:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:FF:C3:16:67:95:90:C9:AB:B9:3D:5F:B4:BE:E3:94:DF:3B:5B:1B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145858.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac88::/32 Signature Algorithm: sha256WithRSAEncryption 44:d0:d4:48:34:bd:ba:7b:57:58:e8:ad:b6:02:40:15:fa:90: 0a:ca:0e:13:c5:8c:f5:8d:f6:5d:be:db:d0:96:74:42:71:e5: a3:d0:c8:39:6d:3c:72:cc:dc:82:2a:25:63:25:70:b1:87:57: d5:fd:e0:d2:30:43:c1:67:39:50:55:52:f5:40:ef:07:05:c5: cd:b0:e6:1f:f3:f7:6c:51:60:dc:4e:a7:0b:13:44:da:80:7b: 51:fc:c0:4a:df:5d:1d:01:42:f8:8f:82:0e:48:01:df:0e:27: da:64:b3:72:27:f5:90:e6:32:58:76:5e:0e:b2:26:b9:bf:e6: 42:cd:da:8c:6b:a6:49:02:6c:9d:a9:fb:53:f2:68:e7:ce:fe: 99:5e:04:03:70:6f:60:5a:04:b4:5c:74:57:5a:23:93:4f:f4: 09:ff:f3:c4:02:1a:5b:d3:78:54:eb:e0:7c:26:5c:20:8a:b9: 98:ee:17:31:b0:b3:96:74:68:75:f2:ef:f7:33:0a:39:c1:d2: 42:22:f5:c0:2c:d7:c0:be:90:3d:74:7a:df:f2:1c:7b:8d:d9: 0f:f4:a1:ab:0c:ad:4b:0d:86:cc:a0:fe:3c:6c:2f:fc:71:b4: 2f:a2:86:10:95:42:f2:02:23:35:41:68:48:97:7e:fd:6d:68: 3d:96:23:00 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZkW1N+bKDRV9Z2+hDTm1zueixZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyOFoX DTI3MDMwMzA2MzAyOFowMzExMC8GA1UEAxMoRjFGRkMzMTY2Nzk1OTBDOUFCQjkz RDVGQjRCRUUzOTRERjNCNUIxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALN0xovXw6e9ADKG60mKP73Q2TlylP+vU6WzWQLqtu5PEKnIHYiIptDDtNvc siUoO+lyc4yTGPO5ZVg8PA3bcz9kLNRj3XqY91vfLLYe+lP+wADYtPCfZxv+t1Lg CBh8Efe9+12WUlmncVLEqH3ZI+9S0Cig+tneTsXqL2IpMwYtsCvUM2+FH2irerLK Eok+CmVDEw1IexMd1my5KH9A/Bz77kSNXq2fJpPbzgKOnp81E9hLx6ySV1GGv+Ft Wo2dUnj2O/CEUAKkpN4i9pm+9K/CG5EYDgqgHjs18lvMxRpgiS1ekVnVZiMToIF9 Mwq9iye0hlApLbSUr1mH7jdFxuECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTx/8MW Z5WQyau5PV+0vuOU3ztbGzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rIgwDQYJKoZIhvcNAQELBQADggEBAETQ1Eg0vbp7V1jorbYCQBX6kArKDhPFjPWN 9l2+29CWdEJx5aPQyDltPHLM3IIqJWMlcLGHV9X94NIwQ8FnOVBVUvVA7wcFxc2w 5h/z92xRYNxOpwsTRNqAe1H8wErfXR0BQviPgg5IAd8OJ9pks3In9ZDmMlh2Xg6y Jrm/5kLN2oxrpkkCbJ2p+1PyaOfO/pleBANwb2BaBLRcdFdaI5NP9An/88QCGlvT eFTr4HwmXCCKuZjuFzGws5Z0aHXy7/czCjnB0kIi9cAs18C+kD10et/yHHuN2Q/0 oasMrUsNhsyg/jxsL/xxtC+ihhCVQvICIzVBaEiXfv1taD2WIwA= -----END CERTIFICATE-----Generated at Sat Mar 28 13:12:53 2026 by rpki-client