$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145883.roa File: AS145883.roa (raw, json) Hash identifier: YZiXl6OS7E6iyqUbd/fh0p+ly4Q+VO/G3jI3uFYaZs8= Subject key identifier: 86:B1:D9:C0:0E:89:38:9F:84:EA:3C:A6:35:08:75:79:A5:FE:14:F0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7A5D55477ADEB918ED4D101405B5D422E87AC0E8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145883.roa Signing time: Wed 04 Mar 2026 06:30:08 +0000 ROA not before: Wed 04 Mar 2026 06:25:08 +0000 ROA not after: Wed 03 Mar 2027 06:30:08 +0000 asID: 145883 IP address blocks: 240a:aca1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:5d:55:47:7a:de:b9:18:ed:4d:10:14:05:b5:d4:22:e8:7a:c0:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:08 2026 GMT Not After : Mar 3 06:30:08 2027 GMT Subject: CN=86B1D9C00E89389F84EA3CA635087579A5FE14F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:92:4a:25:fb:74:f1:3d:1b:42:36:50:7a:40: a2:e9:cf:95:28:91:08:1f:99:a9:78:c6:c1:5f:a8: 59:37:d8:2f:5b:1d:ff:8f:80:d9:4d:c8:02:69:9d: 57:d2:2d:bb:9e:b6:d5:3c:a0:6f:42:2d:ec:e7:8f: 3d:7e:e6:65:75:2c:b7:bd:42:d9:f7:86:8a:58:3f: a4:96:83:72:38:a1:f4:e9:61:45:09:bc:72:37:a6: 12:51:eb:4f:9c:7a:30:01:84:2d:91:90:17:b6:2c: 99:ce:7e:43:99:66:25:77:36:f4:f7:8b:cd:62:1a: 1c:32:6b:51:b3:6d:3d:0f:c2:6c:bb:32:34:b0:c8: c4:58:51:9b:bc:ab:d0:35:dd:12:c1:2a:77:8f:72: 5f:bd:d4:73:72:61:7f:e2:5b:7d:d7:c1:9c:75:63: ab:c8:a3:8c:78:e3:c3:c5:7c:59:35:d5:aa:b9:63: ba:10:05:4e:c5:cc:cf:ce:c5:b4:b8:cf:ba:7d:3f: e1:67:69:b8:3c:2e:c4:01:21:78:b1:d1:35:da:8b: 7e:e7:80:64:89:88:ac:2c:cd:47:e3:1f:fa:40:d4: f8:cd:11:bf:38:37:20:9d:6c:3b:e2:aa:87:ac:94: a8:62:72:7d:f3:52:09:95:80:cb:9c:e0:25:56:50: 74:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:B1:D9:C0:0E:89:38:9F:84:EA:3C:A6:35:08:75:79:A5:FE:14:F0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145883.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aca1::/32 Signature Algorithm: sha256WithRSAEncryption 81:9f:ce:5b:e4:2d:9c:fe:f7:95:3b:06:27:3a:05:82:83:a2: 74:07:03:d9:24:7a:e0:46:b3:73:a1:6a:fc:5c:64:8a:40:f7: a7:6b:94:9d:43:a2:fc:9f:d5:04:ce:e8:86:a9:53:24:60:de: 76:ea:0d:b8:f0:8c:64:2b:dd:0f:cd:ef:f8:ca:4c:09:cd:67: a0:8b:cd:0f:6b:5f:a2:12:ae:2a:47:32:7c:4e:f2:aa:bc:a2: 97:5f:e5:12:2e:3b:0d:4b:f8:69:5b:49:7a:2a:ab:0f:39:c4: 33:d7:86:e1:85:d8:5d:bd:3d:87:ad:3a:72:d2:61:93:27:a5: ad:7d:13:a6:01:17:17:66:f2:ab:4e:b1:fb:eb:d3:7e:f3:7a: ee:85:7a:7e:ff:83:01:52:c7:b9:6a:66:fb:3c:05:be:f4:ea: 0c:70:12:c0:f9:a7:1e:1e:7c:0b:60:3c:49:0f:74:a4:57:6a: 0b:c5:42:90:43:24:72:0c:f3:eb:5a:b8:32:67:24:2e:79:42: 0b:65:eb:2c:0e:6d:68:7b:12:50:d5:7e:87:28:b5:d2:fc:8d: 08:39:d7:e8:66:e8:d7:e0:4a:65:71:10:46:f0:47:c5:9b:93: 18:3b:ee:ad:ce:d0:42:5e:1b:54:b8:41:60:34:45:a4:38:b3: 1d:3e:74:ff -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUel1VR3reuRjtTRAUBbXUIuh6wOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwOFoX DTI3MDMwMzA2MzAwOFowMzExMC8GA1UEAxMoODZCMUQ5QzAwRTg5Mzg5Rjg0RUEz Q0E2MzUwODc1NzlBNUZFMTRGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6SSiX7dPE9G0I2UHpAounPlSiRCB+ZqXjGwV+oWTfYL1sd/4+A2U3IAmmd V9Itu5621Tygb0It7OePPX7mZXUst71C2feGilg/pJaDcjih9OlhRQm8cjemElHr T5x6MAGELZGQF7Ysmc5+Q5lmJXc29PeLzWIaHDJrUbNtPQ/CbLsyNLDIxFhRm7yr 0DXdEsEqd49yX73Uc3Jhf+JbfdfBnHVjq8ijjHjjw8V8WTXVqrljuhAFTsXMz87F tLjPun0/4WdpuDwuxAEheLHRNdqLfueAZImIrCzNR+Mf+kDU+M0Rvzg3IJ1sO+Kq h6yUqGJyffNSCZWAy5zgJVZQdLsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSGsdnA Dok4n4TqPKY1CHV5pf4U8DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg4My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rKEwDQYJKoZIhvcNAQELBQADggEBAIGfzlvkLZz+95U7Bic6BYKDonQHA9kkeuBG s3OhavxcZIpA96drlJ1Dovyf1QTO6IapUyRg3nbqDbjwjGQr3Q/N7/jKTAnNZ6CL zQ9rX6ISripHMnxO8qq8opdf5RIuOw1L+GlbSXoqqw85xDPXhuGF2F29PYetOnLS YZMnpa19E6YBFxdm8qtOsfvr037zeu6Fen7/gwFSx7lqZvs8Bb706gxwEsD5px4e fAtgPEkPdKRXagvFQpBDJHIM8+tauDJnJC55Qgtl6ywObWh7ElDVfocotdL8jQg5 1+hm6NfgSmVxEEbwR8Wbkxg77q3O0EJeG1S4QWA0RaQ4sx0+dP8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:34 2026 by rpki-client