$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145885.roa File: AS145885.roa (raw, json) Hash identifier: Nx8/BzIxn7c09+f/ehPicQUXTeik5NJbkBlSOrfaw1k= Subject key identifier: 6F:03:F0:24:BD:93:2E:CD:1E:19:DC:D5:CC:2A:F6:31:7F:56:57:CE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6EFE4A7E0018456F04CEF044E393F172C7F61DC3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145885.roa Signing time: Wed 04 Mar 2026 06:30:09 +0000 ROA not before: Wed 04 Mar 2026 06:25:09 +0000 ROA not after: Wed 03 Mar 2027 06:30:09 +0000 asID: 145885 IP address blocks: 240a:aca3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:fe:4a:7e:00:18:45:6f:04:ce:f0:44:e3:93:f1:72:c7:f6:1d:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:09 2026 GMT Not After : Mar 3 06:30:09 2027 GMT Subject: CN=6F03F024BD932ECD1E19DCD5CC2AF6317F5657CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:4a:56:c5:60:58:05:6e:18:68:79:c8:72:5e: e3:6a:a9:c8:f5:3b:71:8f:9f:02:69:4e:cf:31:ce: 27:09:47:9d:7e:04:6d:12:1e:a2:11:84:02:a7:1f: 10:1b:11:a2:98:29:bc:e5:f5:78:25:a5:4a:0e:fe: 66:89:e2:36:5d:18:9d:5e:bb:af:dd:3d:08:17:c5: ba:c2:8c:cf:96:db:29:b8:90:f2:97:ec:20:39:cc: 7e:6a:c0:30:06:dc:12:80:60:5e:c4:52:9e:6c:c9: b3:34:9c:65:56:7e:b6:de:db:b9:4e:38:bc:d0:27: 7b:7c:53:c8:13:57:9c:80:d2:a3:90:f9:b8:2c:48: 4b:6b:38:0d:1a:5f:1d:ad:fc:0d:a4:97:c9:42:45: de:63:65:26:f2:70:49:a2:79:d1:34:60:8d:8d:be: be:2b:fd:55:bc:e8:f3:74:ec:7a:ec:8e:f6:30:3d: ad:af:ed:a2:7c:17:60:dc:3f:df:a7:ca:c5:aa:b4: 49:78:fb:8c:b0:ec:ad:58:58:b8:b5:33:cb:22:e2: 78:64:a8:77:49:a9:7a:25:aa:b7:67:3d:8b:57:1f: 90:43:93:6f:49:a8:1c:28:82:28:a5:1a:fc:35:0c: 3e:6f:18:2d:b2:15:ba:77:de:08:5a:7f:d7:4d:2f: ad:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:03:F0:24:BD:93:2E:CD:1E:19:DC:D5:CC:2A:F6:31:7F:56:57:CE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145885.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aca3::/32 Signature Algorithm: sha256WithRSAEncryption ad:e1:c1:fa:e8:a9:b9:01:d3:51:fb:03:1f:8e:2c:37:36:6a: fd:66:81:5a:52:73:e9:6f:30:77:43:3d:b1:d5:df:d1:22:7f: 02:6d:f1:dc:8f:ff:a6:48:53:8e:e6:af:90:49:b3:d3:ce:7c: 15:e1:59:48:00:27:90:fc:e4:01:0a:93:97:77:1c:4f:1c:d3: b8:ff:00:02:95:e1:a4:73:fb:b1:c1:b4:a4:cd:8f:ee:8a:19: ea:9f:b4:ba:f2:d8:f1:9d:5a:8f:27:49:05:a1:0d:9f:09:dc: af:a9:52:5e:31:e8:ab:12:26:49:4d:04:b3:12:75:d1:2b:a8: 2e:04:cd:2f:6b:2e:1a:1a:82:0d:f1:41:56:a4:08:87:1e:d2: 16:0b:8b:53:d7:b7:d3:76:b6:82:72:63:c9:ea:cc:a4:49:ae: 7b:4e:b7:18:fb:c3:93:8c:40:ec:bf:76:8b:a9:0e:1d:a1:92: 99:e4:02:a6:3d:b7:8c:d4:f5:bc:3b:b9:24:48:5f:ed:57:f5: 76:b2:aa:5e:5b:ff:49:bc:98:a6:e5:68:95:fb:71:c6:bd:72: 71:63:a9:04:20:2c:01:10:d9:dd:23:08:13:3d:a2:a8:53:dd: 78:49:8e:0e:72:20:8f:40:a6:11:be:e2:03:72:4d:c2:4c:4c: 4a:af:bb:a7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbv5KfgAYRW8EzvBE45Pxcsf2HcMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwOVoX DTI3MDMwMzA2MzAwOVowMzExMC8GA1UEAxMoNkYwM0YwMjRCRDkzMkVDRDFFMTlE Q0Q1Q0MyQUY2MzE3RjU2NTdDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMxKVsVgWAVuGGh5yHJe42qpyPU7cY+fAmlOzzHOJwlHnX4EbRIeohGEAqcf EBsRopgpvOX1eCWlSg7+ZoniNl0YnV67r909CBfFusKMz5bbKbiQ8pfsIDnMfmrA MAbcEoBgXsRSnmzJszScZVZ+tt7buU44vNAne3xTyBNXnIDSo5D5uCxIS2s4DRpf Ha38DaSXyUJF3mNlJvJwSaJ50TRgjY2+viv9Vbzo83TseuyO9jA9ra/tonwXYNw/ 36fKxaq0SXj7jLDsrVhYuLUzyyLieGSod0mpeiWqt2c9i1cfkEOTb0moHCiCKKUa /DUMPm8YLbIVunfeCFp/100vrbsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRvA/Ak vZMuzR4Z3NXMKvYxf1ZXzjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rKMwDQYJKoZIhvcNAQELBQADggEBAK3hwfroqbkB01H7Ax+OLDc2av1mgVpSc+lv MHdDPbHV39EifwJt8dyP/6ZIU47mr5BJs9POfBXhWUgAJ5D85AEKk5d3HE8c07j/ AAKV4aRz+7HBtKTNj+6KGeqftLry2PGdWo8nSQWhDZ8J3K+pUl4x6KsSJklNBLMS ddErqC4EzS9rLhoagg3xQVakCIce0hYLi1PXt9N2toJyY8nqzKRJrntOtxj7w5OM QOy/doupDh2hkpnkAqY9t4zU9bw7uSRIX+1X9Xayql5b/0m8mKblaJX7cca9cnFj qQQgLAEQ2d0jCBM9oqhT3XhJjg5yII9AphG+4gNyTcJMTEqvu6c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:50 2026 by rpki-client