$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145876.roa File: AS145876.roa (raw, json) Hash identifier: gTG2NA1T9hOQoxAAi7+t32t1W5jBhy4e1RIoOQrmRlg= Subject key identifier: B1:71:D4:CA:74:8C:18:8F:49:65:76:28:1D:65:1D:A7:AC:8E:7B:8F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4643A46A887127C4B61C760807CF592B813DF56A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145876.roa Signing time: Wed 04 Mar 2026 06:30:30 +0000 ROA not before: Wed 04 Mar 2026 06:25:30 +0000 ROA not after: Wed 03 Mar 2027 06:30:30 +0000 asID: 145876 IP address blocks: 240a:ac9a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:43:a4:6a:88:71:27:c4:b6:1c:76:08:07:cf:59:2b:81:3d:f5:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:30 2026 GMT Not After : Mar 3 06:30:30 2027 GMT Subject: CN=B171D4CA748C188F496576281D651DA7AC8E7B8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:8c:9d:50:97:40:f3:c1:64:40:9e:21:7b:5a: 32:6d:34:06:91:d7:e2:94:7d:b1:a3:a0:5d:c2:40: 6c:15:51:0d:fd:82:ac:40:5f:a3:d2:58:fe:f4:02: aa:1c:4b:3b:ed:f5:9d:20:08:35:80:7e:d6:57:c5: 74:ae:80:19:5a:3f:c9:ba:8c:3a:62:c3:54:8c:69: 9f:33:59:43:d9:30:96:0f:e3:0b:84:93:ff:2c:0e: 12:6a:0f:c5:74:d3:eb:8b:1a:ea:90:6a:7e:8a:84: 28:2d:6f:d9:e7:d4:23:57:ba:55:bd:14:f0:c8:d7: 4c:58:3a:1d:52:b6:c9:09:55:89:23:2e:43:08:d1: 5f:56:a3:5a:76:ba:ca:11:f7:e9:d5:e7:d4:ad:c6: 24:15:10:b8:92:c6:4d:11:13:b9:3b:5e:05:7b:35: 5e:5b:46:86:8b:9a:fb:73:c7:ad:51:c7:ed:09:81: 64:fd:dc:48:ad:38:ae:3e:a0:dd:f3:f0:6f:55:de: 28:79:a4:3b:f6:51:3f:87:1e:37:56:6d:9a:92:02: 90:ca:7f:98:f3:a1:90:1e:d4:fe:8e:16:0f:4b:8d: db:a1:4b:f3:4d:78:03:aa:70:92:21:18:08:c7:f5: dd:47:16:81:58:8a:51:5e:a4:de:59:68:49:86:f6: 14:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:71:D4:CA:74:8C:18:8F:49:65:76:28:1D:65:1D:A7:AC:8E:7B:8F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145876.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac9a::/32 Signature Algorithm: sha256WithRSAEncryption 75:5d:f9:b6:73:f8:4e:52:97:0f:4f:0b:c7:bb:57:1a:c4:ea: 02:d9:54:d2:8b:90:f3:bb:49:12:f3:88:9b:8b:f0:a1:e2:17: 80:c2:45:ab:52:70:51:6e:67:f2:70:d6:52:9d:43:84:fb:c2: fd:6d:1d:4f:58:4f:54:7c:13:9f:89:1e:43:21:d7:03:45:a7: 01:c1:8d:6d:e1:f0:f4:5b:ca:71:d6:81:67:d9:d4:73:22:b1: 5a:de:ca:18:ea:bc:4d:9a:70:3c:b3:81:f8:b8:b1:24:d1:26: 44:f5:be:78:52:55:cf:71:25:2c:83:f4:73:70:7c:dc:67:8f: 32:bb:ad:7f:68:6d:7c:37:3c:8d:20:21:16:11:9a:a7:a6:43: 34:e8:1b:2d:d3:18:4f:ca:d9:7a:ca:bf:a4:9f:6d:95:ef:97: f0:14:4f:9f:ab:9c:1a:12:34:e6:13:5e:5a:11:0c:b0:10:ce: 68:48:02:7c:6e:d0:8d:0d:aa:c7:f2:0c:74:a0:ac:2a:a7:e5: 0f:22:0b:7d:0b:76:4e:c5:e4:82:98:2e:f4:14:fc:a2:58:a5: 81:63:6e:44:09:59:dc:2e:53:a5:cb:9f:1f:5d:68:5a:ac:83: e5:a7:fe:d1:1f:69:e3:80:a0:b9:6b:d1:3e:ed:6d:ae:ff:73: 07:ce:2f:93 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURkOkaohxJ8S2HHYIB89ZK4E99WowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzMFoX DTI3MDMwMzA2MzAzMFowMzExMC8GA1UEAxMoQjE3MUQ0Q0E3NDhDMTg4RjQ5NjU3 NjI4MUQ2NTFEQTdBQzhFN0I4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ+MnVCXQPPBZECeIXtaMm00BpHX4pR9saOgXcJAbBVRDf2CrEBfo9JY/vQC qhxLO+31nSAINYB+1lfFdK6AGVo/ybqMOmLDVIxpnzNZQ9kwlg/jC4ST/ywOEmoP xXTT64sa6pBqfoqEKC1v2efUI1e6Vb0U8MjXTFg6HVK2yQlViSMuQwjRX1ajWna6 yhH36dXn1K3GJBUQuJLGTRETuTteBXs1XltGhoua+3PHrVHH7QmBZP3cSK04rj6g 3fPwb1XeKHmkO/ZRP4ceN1ZtmpICkMp/mPOhkB7U/o4WD0uN26FL8014A6pwkiEY CMf13UcWgViKUV6k3lloSYb2FB0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSxcdTK dIwYj0lldigdZR2nrI57jzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJowDQYJKoZIhvcNAQELBQADggEBAHVd+bZz+E5Slw9PC8e7VxrE6gLZVNKLkPO7 SRLziJuL8KHiF4DCRatScFFuZ/Jw1lKdQ4T7wv1tHU9YT1R8E5+JHkMh1wNFpwHB jW3h8PRbynHWgWfZ1HMisVreyhjqvE2acDyzgfi4sSTRJkT1vnhSVc9xJSyD9HNw fNxnjzK7rX9obXw3PI0gIRYRmqemQzToGy3TGE/K2XrKv6SfbZXvl/AUT5+rnBoS NOYTXloRDLAQzmhIAnxu0I0NqsfyDHSgrCqn5Q8iC30Ldk7F5IKYLvQU/KJYpYFj bkQJWdwuU6XLnx9daFqsg+Wn/tEfaeOAoLlr0T7tba7/cwfOL5M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:44 2026 by rpki-client