$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145884.roa File: AS145884.roa (raw, json) Hash identifier: F1xoWnUf2PiHKdg4dvF/rRucIbSYNWPZAmLIHduwFiM= Subject key identifier: A5:EB:BB:F8:66:97:AF:5C:2C:C9:B3:D5:9C:B8:E6:0F:82:BB:7D:56 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7507049F3BE0D9873456B7FC79ECAC5C3B60986C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145884.roa Signing time: Wed 04 Mar 2026 06:30:30 +0000 ROA not before: Wed 04 Mar 2026 06:25:30 +0000 ROA not after: Wed 03 Mar 2027 06:30:30 +0000 asID: 145884 IP address blocks: 240a:aca2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:07:04:9f:3b:e0:d9:87:34:56:b7:fc:79:ec:ac:5c:3b:60:98:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:30 2026 GMT Not After : Mar 3 06:30:30 2027 GMT Subject: CN=A5EBBBF86697AF5C2CC9B3D59CB8E60F82BB7D56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:20:d2:cb:d8:b7:55:ba:1d:f6:f1:45:4c:0f: 2a:8f:d7:fb:84:ae:23:b2:b2:46:ae:35:bb:9c:19: d7:37:e1:dd:c0:6c:7d:8a:61:23:65:0a:8c:f4:dc: cd:62:05:0d:b9:cf:2c:c8:aa:07:80:42:23:e4:83: 54:48:34:29:24:e6:e1:a4:f8:05:ba:f9:a7:7e:4f: 50:0d:27:55:d6:3f:4a:15:38:91:4a:7c:63:d2:db: a4:4b:76:28:cc:ee:d9:53:89:78:58:9e:8c:d0:9e: 33:55:a4:e1:a6:d8:67:70:fa:1a:2c:f1:65:57:da: 7f:3a:dd:a1:c6:df:66:57:d7:35:b4:f3:c4:25:e5: 83:e6:bf:f9:ee:65:99:46:cf:e8:e0:be:54:51:55: c4:42:53:df:07:5e:08:a1:b8:bd:34:64:7f:d8:c6: 5b:15:61:01:9d:34:a7:3d:44:ba:f6:8d:fa:8c:1b: ab:b5:a9:59:e0:ea:f8:a3:ee:09:db:28:01:dc:b6: c8:91:bd:1c:24:bc:b5:1c:32:0b:b3:12:45:cd:35: b4:fb:ac:8a:4e:71:34:0e:5d:57:cf:ec:80:2c:98: 95:3f:ec:6d:4a:f1:26:a4:2f:b1:bd:41:f8:9e:e5: 34:1d:9b:d5:86:bc:2d:c9:0e:0f:9f:b7:6a:3d:14: 96:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:EB:BB:F8:66:97:AF:5C:2C:C9:B3:D5:9C:B8:E6:0F:82:BB:7D:56 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145884.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aca2::/32 Signature Algorithm: sha256WithRSAEncryption 01:f3:a6:61:0c:47:4a:de:0f:f7:ac:46:79:c9:be:d3:b1:38: 52:ea:b8:08:7b:8e:95:1f:92:c9:b3:1a:01:52:f1:ef:5f:0c: 05:a2:cc:50:47:bc:a8:ee:79:de:cb:c1:4b:f4:43:83:ca:33: 64:58:60:5a:16:5a:e5:65:3e:76:10:b5:54:8f:b6:0a:12:41: 6d:e1:f6:39:d5:d5:69:11:2e:3e:35:92:8e:8e:e6:03:41:01: 92:a4:49:42:22:1a:28:08:40:d7:36:6c:26:e1:26:4a:94:7a: 8c:ae:07:27:85:7e:0b:15:e1:ac:ca:f6:6e:1f:a3:98:6a:be: e3:53:2e:c6:f2:10:b8:6b:da:cf:5b:74:f0:16:e0:98:ef:42: 15:aa:fb:b2:2a:ef:2f:86:00:9c:6e:79:3d:ee:d4:f2:d9:80: 0d:0f:b5:19:42:cf:aa:a5:ad:08:bc:f1:bf:96:34:ff:02:47: f8:db:55:a4:ff:dc:75:b1:39:c8:ad:36:3c:26:9b:0f:39:6b: ca:3c:bb:f4:03:8f:68:65:58:fa:29:b8:8a:d9:3c:d6:64:8a: 5c:63:7d:2b:99:79:e0:0f:d3:f7:df:a6:af:cf:27:a0:7a:c7: ca:ae:af:59:15:33:df:6e:37:34:2e:13:60:6c:24:4b:8e:f9: b5:7a:83:a5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdQcEnzvg2Yc0Vrf8eeysXDtgmGwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzMFoX DTI3MDMwMzA2MzAzMFowMzExMC8GA1UEAxMoQTVFQkJCRjg2Njk3QUY1QzJDQzlC M0Q1OUNCOEU2MEY4MkJCN0Q1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMkg0svYt1W6HfbxRUwPKo/X+4SuI7KyRq41u5wZ1zfh3cBsfYphI2UKjPTc zWIFDbnPLMiqB4BCI+SDVEg0KSTm4aT4Bbr5p35PUA0nVdY/ShU4kUp8Y9LbpEt2 KMzu2VOJeFiejNCeM1Wk4abYZ3D6GizxZVfafzrdocbfZlfXNbTzxCXlg+a/+e5l mUbP6OC+VFFVxEJT3wdeCKG4vTRkf9jGWxVhAZ00pz1EuvaN+owbq7WpWeDq+KPu CdsoAdy2yJG9HCS8tRwyC7MSRc01tPusik5xNA5dV8/sgCyYlT/sbUrxJqQvsb1B +J7lNB2b1Ya8LckOD5+3aj0UlmsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSl67v4 ZpevXCzJs9WcuOYPgrt9VjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rKIwDQYJKoZIhvcNAQELBQADggEBAAHzpmEMR0reD/esRnnJvtOxOFLquAh7jpUf ksmzGgFS8e9fDAWizFBHvKjued7LwUv0Q4PKM2RYYFoWWuVlPnYQtVSPtgoSQW3h 9jnV1WkRLj41ko6O5gNBAZKkSUIiGigIQNc2bCbhJkqUeoyuByeFfgsV4azK9m4f o5hqvuNTLsbyELhr2s9bdPAW4JjvQhWq+7Iq7y+GAJxueT3u1PLZgA0PtRlCz6ql rQi88b+WNP8CR/jbVaT/3HWxOcitNjwmmw85a8o8u/QDj2hlWPopuIrZPNZkilxj fSuZeeAP0/ffpq/PJ6B6x8qur1kVM99uNzQuE2BsJEuO+bV6g6U= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:06 2026 by rpki-client