$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145871.roa File: AS145871.roa (raw, json) Hash identifier: aAAlKZCYociuW1fY6pevaEH3qREy1z9CM/5C99JCqUo= Subject key identifier: 6D:71:49:CF:E0:2A:91:B6:FB:7B:B5:B1:7E:59:9D:49:91:09:1B:52 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 682FBA0D78AB44515F166DF88BC2E9B4F1B2F534 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145871.roa Signing time: Wed 04 Mar 2026 06:29:47 +0000 ROA not before: Wed 04 Mar 2026 06:24:47 +0000 ROA not after: Wed 03 Mar 2027 06:29:47 +0000 asID: 145871 IP address blocks: 240a:ac95::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:2f:ba:0d:78:ab:44:51:5f:16:6d:f8:8b:c2:e9:b4:f1:b2:f5:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:47 2026 GMT Not After : Mar 3 06:29:47 2027 GMT Subject: CN=6D7149CFE02A91B6FB7BB5B17E599D4991091B52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:0f:3a:1f:b3:1a:8a:61:fe:73:62:b8:6b:67: bb:a0:b2:45:f1:d4:36:f3:ee:14:2b:db:3d:e5:6e: ee:dc:62:c3:7a:a3:cd:a0:ff:d9:c0:92:c7:27:4d: 14:8a:f7:ea:ff:39:25:96:1a:27:db:43:23:98:4c: 7e:ef:b4:39:ac:5d:98:d7:6d:95:a7:91:f9:d3:6d: 6b:b5:ff:26:34:b6:fd:1e:cb:33:b3:d6:66:15:6e: fc:d9:8a:90:66:e4:c6:38:82:5b:8b:be:44:9a:f8: c7:fe:bf:50:33:7d:aa:f4:fd:cb:66:38:c2:70:cb: ad:fa:85:f1:c4:b3:77:0a:d1:f6:9f:df:20:47:a7: 31:ef:eb:0c:a7:30:95:94:c9:92:c2:5b:a8:e3:60: 0e:91:ea:ad:6e:97:65:48:11:0b:17:e1:54:70:5f: ab:dd:8b:e0:5a:db:2a:fc:4b:b2:b2:27:25:82:1b: 69:14:e6:26:57:19:1c:14:b6:3e:f0:5d:60:86:5c: 0d:dc:32:19:68:80:35:ee:d4:c2:82:c8:0e:e1:5f: 1f:d2:f0:c5:37:90:75:ec:89:91:08:bd:7f:c3:0f: 4e:f0:59:8d:dd:1a:97:91:ca:9e:ad:77:0e:60:c3: 11:b0:d1:c8:93:8b:fc:4b:c4:a9:89:1b:84:09:f9: dd:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:71:49:CF:E0:2A:91:B6:FB:7B:B5:B1:7E:59:9D:49:91:09:1B:52 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145871.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac95::/32 Signature Algorithm: sha256WithRSAEncryption 9e:b6:77:a7:16:a4:67:b4:4b:03:5d:33:94:2c:37:41:b9:22: 7f:0e:f3:49:09:fc:5c:fe:a1:a0:4f:aa:95:c0:8f:dc:94:5e: 9d:df:9f:af:4a:f5:01:4e:bf:7c:30:46:82:ac:1f:b6:c7:c5: 4b:2d:f1:ad:0e:15:9e:6f:dc:ed:25:27:f3:ea:11:88:3b:86: e8:53:e0:2b:f9:23:94:bd:bf:63:0a:4e:4c:7e:ec:a0:96:a9: 76:52:db:14:96:ba:8a:8d:6f:07:b5:10:52:58:48:21:a3:67: 67:5f:c2:69:00:3f:18:7b:01:8c:0b:ca:e8:bb:15:62:c5:9c: 57:d5:d7:7a:a5:b3:90:f4:e7:83:b7:ce:c0:14:18:9b:21:c0: 53:72:a8:63:36:5d:5a:ad:b5:ec:5a:b6:ea:9e:46:73:eb:12: a1:16:d7:1d:c0:dc:fb:a2:c1:3d:72:b4:82:f9:ea:86:5b:16: ff:1e:3c:c1:d8:bf:0d:a2:e0:dc:5e:7b:fb:87:35:57:60:5f: 21:51:99:03:87:2a:39:8c:9b:8e:45:84:7c:05:6e:45:cb:cf: 4f:74:7c:57:90:41:96:53:61:99:85:38:3e:13:b1:40:33:ef: b1:22:d7:ee:a6:96:dc:24:14:c8:a6:4c:7e:50:b7:66:69:ae: 61:ef:ce:79 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaC+6DXirRFFfFm34i8LptPGy9TQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0N1oX DTI3MDMwMzA2Mjk0N1owMzExMC8GA1UEAxMoNkQ3MTQ5Q0ZFMDJBOTFCNkZCN0JC NUIxN0U1OTlENDk5MTA5MUI1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYPOh+zGoph/nNiuGtnu6CyRfHUNvPuFCvbPeVu7txiw3qjzaD/2cCSxydN FIr36v85JZYaJ9tDI5hMfu+0OaxdmNdtlaeR+dNta7X/JjS2/R7LM7PWZhVu/NmK kGbkxjiCW4u+RJr4x/6/UDN9qvT9y2Y4wnDLrfqF8cSzdwrR9p/fIEenMe/rDKcw lZTJksJbqONgDpHqrW6XZUgRCxfhVHBfq92L4FrbKvxLsrInJYIbaRTmJlcZHBS2 PvBdYIZcDdwyGWiANe7UwoLIDuFfH9LwxTeQdeyJkQi9f8MPTvBZjd0al5HKnq13 DmDDEbDRyJOL/EvEqYkbhAn53RECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRtcUnP 4CqRtvt7tbF+WZ1JkQkbUjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJUwDQYJKoZIhvcNAQELBQADggEBAJ62d6cWpGe0SwNdM5QsN0G5In8O80kJ/Fz+ oaBPqpXAj9yUXp3fn69K9QFOv3wwRoKsH7bHxUst8a0OFZ5v3O0lJ/PqEYg7huhT 4Cv5I5S9v2MKTkx+7KCWqXZS2xSWuoqNbwe1EFJYSCGjZ2dfwmkAPxh7AYwLyui7 FWLFnFfV13qls5D054O3zsAUGJshwFNyqGM2XVqttexatuqeRnPrEqEW1x3A3Pui wT1ytIL56oZbFv8ePMHYvw2i4Nxee/uHNVdgXyFRmQOHKjmMm45FhHwFbkXLz090 fFeQQZZTYZmFOD4TsUAz77Ei1+6mltwkFMimTH5Qt2ZprmHvznk= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:01 2026 by rpki-client