$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145874.roa File: AS145874.roa (raw, json) Hash identifier: csg0CkfrgaqHEV/rgw/5T0MuevDucve+DkujbfK1Mho= Subject key identifier: 98:02:D6:98:CA:B9:47:A5:0D:52:77:20:D2:2D:45:E9:D5:6F:06:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4B6C18EAE01830FF59E4C06FE9965F7037F28100 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145874.roa Signing time: Wed 04 Mar 2026 06:30:26 +0000 ROA not before: Wed 04 Mar 2026 06:25:26 +0000 ROA not after: Wed 03 Mar 2027 06:30:26 +0000 asID: 145874 IP address blocks: 240a:ac98::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:6c:18:ea:e0:18:30:ff:59:e4:c0:6f:e9:96:5f:70:37:f2:81:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:26 2026 GMT Not After : Mar 3 06:30:26 2027 GMT Subject: CN=9802D698CAB947A50D527720D22D45E9D56F06E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:55:2e:1e:8f:2d:f7:85:cb:a8:3a:08:3c:a9: 2b:25:2b:1c:d9:37:0c:b6:e8:eb:e5:ef:50:d7:fb: e9:11:98:0e:1a:ba:c5:34:99:88:9e:6a:9b:bc:a0: 60:78:42:88:fa:b4:bb:51:06:a0:a1:a3:b6:9a:4b: 26:22:73:4c:6c:ab:24:87:99:3f:e4:34:bd:f6:d4: e0:e6:2b:b7:bd:d5:80:41:1a:3d:62:c9:3a:d9:de: 79:5b:ea:f0:72:34:bc:73:98:6b:ca:3a:f4:98:99: 4e:e4:21:9d:1f:ca:cf:17:ba:bf:a2:b0:dd:74:b6: 48:b5:52:3d:5c:75:de:2a:b2:d9:f8:3d:2c:11:c3: 57:62:09:61:d4:81:06:2b:bd:7e:e8:48:27:5a:2b: 6d:68:35:95:c0:73:5b:81:b4:a9:96:9b:81:bd:b1: f2:18:c8:38:07:a4:b2:84:46:9d:50:1c:ba:ba:a4: dd:5d:6d:21:fe:06:0e:42:9e:9e:c4:5b:ae:79:a4: 1b:4b:42:2c:2a:4f:2f:e6:71:3b:c5:66:a4:ee:a7: a6:e7:50:ec:78:6c:89:16:d1:87:28:68:27:c1:7b: 3c:72:65:0c:7c:83:ce:ce:5a:a7:99:c8:64:a2:d0: 96:3f:9e:cb:ac:e2:94:d4:39:d4:eb:e6:83:51:1b: 24:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:02:D6:98:CA:B9:47:A5:0D:52:77:20:D2:2D:45:E9:D5:6F:06:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145874.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac98::/32 Signature Algorithm: sha256WithRSAEncryption 52:39:18:da:b1:11:ba:bc:f2:58:b5:4a:d2:ed:96:7d:72:38: 58:c4:64:b5:9f:92:7e:f7:b8:95:08:1a:ed:da:c6:86:c6:b5: 56:ff:6b:02:8e:aa:69:27:fe:d7:3a:6e:eb:bf:fb:49:7e:eb: f1:fc:b2:b2:e1:8b:f9:d6:48:fa:2d:cd:c1:a0:8a:8b:c4:53: be:4b:bb:f2:f6:ad:f5:8d:66:34:fb:9e:9f:14:b7:b4:72:43: 1d:e9:b7:ba:66:47:b3:74:87:b5:7e:89:72:70:2e:05:56:73: fc:27:8e:83:f6:2b:bd:0b:bd:f4:b5:79:79:68:88:68:d6:50: 53:b0:92:bf:1f:9b:6f:4b:93:68:29:b6:a3:e1:c9:41:99:b5: fe:1f:c4:80:b3:78:e0:86:88:7d:65:74:65:bc:9f:25:f4:34: 75:62:cc:b0:f8:9a:61:c2:a7:06:f2:0d:3b:60:bb:49:a2:28: 28:8b:71:a1:f3:42:12:4b:e8:a0:6c:b9:62:17:05:3c:ce:6b: 70:ff:9a:bf:ac:be:bc:b2:9d:29:a9:94:4e:de:57:60:bc:1c: 75:c8:25:de:88:ab:03:42:a1:b3:dc:6e:8f:48:6d:f0:96:5c: 38:51:b6:82:30:1a:f2:85:ef:2e:a1:f4:ec:c0:6c:89:3c:2b: 44:ef:80:f6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUS2wY6uAYMP9Z5MBv6ZZfcDfygQAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyNloX DTI3MDMwMzA2MzAyNlowMzExMC8GA1UEAxMoOTgwMkQ2OThDQUI5NDdBNTBENTI3 NzIwRDIyRDQ1RTlENTZGMDZFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJZVLh6PLfeFy6g6CDypKyUrHNk3DLbo6+XvUNf76RGYDhq6xTSZiJ5qm7yg YHhCiPq0u1EGoKGjtppLJiJzTGyrJIeZP+Q0vfbU4OYrt73VgEEaPWLJOtneeVvq 8HI0vHOYa8o69JiZTuQhnR/Kzxe6v6Kw3XS2SLVSPVx13iqy2fg9LBHDV2IJYdSB Biu9fuhIJ1orbWg1lcBzW4G0qZabgb2x8hjIOAeksoRGnVAcurqk3V1tIf4GDkKe nsRbrnmkG0tCLCpPL+ZxO8VmpO6npudQ7HhsiRbRhyhoJ8F7PHJlDHyDzs5ap5nI ZKLQlj+ey6zilNQ51Ovmg1EbJLECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSYAtaY yrlHpQ1SdyDSLUXp1W8G4jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg3NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJgwDQYJKoZIhvcNAQELBQADggEBAFI5GNqxEbq88li1StLtln1yOFjEZLWfkn73 uJUIGu3axobGtVb/awKOqmkn/tc6buu/+0l+6/H8srLhi/nWSPotzcGgiovEU75L u/L2rfWNZjT7np8Ut7RyQx3pt7pmR7N0h7V+iXJwLgVWc/wnjoP2K70LvfS1eXlo iGjWUFOwkr8fm29Lk2gptqPhyUGZtf4fxICzeOCGiH1ldGW8nyX0NHVizLD4mmHC pwbyDTtgu0miKCiLcaHzQhJL6KBsuWIXBTzOa3D/mr+svryynSmplE7eV2C8HHXI Jd6IqwNCobPcbo9IbfCWXDhRtoIwGvKF7y6h9OzAbIk8K0TvgPY= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:13 2026 by rpki-client