$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145899.roa File: AS145899.roa (raw, json) Hash identifier: LLLxwXjcZwYZIcnXZuMEk4L4MbEJk/UnCzliD6Y7R00= Subject key identifier: 12:23:3A:57:7B:D4:E6:AC:B4:D2:90:BB:A5:8F:05:59:31:DF:63:AC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 06B35BECDE232CDFD1AD578D33AF2280E287E09F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145899.roa Signing time: Wed 04 Mar 2026 06:30:34 +0000 ROA not before: Wed 04 Mar 2026 06:25:34 +0000 ROA not after: Wed 03 Mar 2027 06:30:34 +0000 asID: 145899 IP address blocks: 240a:acb1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:b3:5b:ec:de:23:2c:df:d1:ad:57:8d:33:af:22:80:e2:87:e0:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:34 2026 GMT Not After : Mar 3 06:30:34 2027 GMT Subject: CN=12233A577BD4E6ACB4D290BBA58F055931DF63AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:95:14:cb:ec:30:05:19:df:b3:c3:c6:ff:c9: 31:20:8b:13:ac:c2:54:8e:cc:0e:8f:80:1d:f4:07: 6e:b9:27:5f:07:d2:8e:07:ce:63:a3:7d:6a:e4:af: c2:8b:5f:19:b3:68:0d:57:a3:40:ba:cf:b0:f8:14: e0:a0:1c:d7:11:0a:64:83:1a:2a:78:5c:18:d3:82: 13:53:b5:86:d0:6e:6b:25:6d:8b:04:cb:f2:f2:81: 01:2d:a5:89:f4:f7:62:ce:ad:ba:21:fe:42:4b:e5: 84:69:fc:b0:77:b2:b3:45:01:c3:28:54:6c:13:d2: b5:e2:c1:b4:8f:c1:cf:d0:0e:f9:0a:b4:ec:0b:c5: b2:9c:48:7d:14:57:37:fc:db:c4:a4:3a:9b:e9:33: 4b:0a:fa:d3:b7:17:e7:3d:58:0c:07:b3:0c:ec:4c: 4e:f2:bc:27:a9:87:0d:35:22:2e:e5:df:41:79:bc: 83:cd:82:60:f4:51:49:de:08:52:61:95:17:f7:28: a0:92:9c:1d:cc:b1:54:aa:5f:57:be:51:b3:32:37: b0:41:e6:18:6f:a7:d6:35:f2:e7:20:4d:81:b0:7f: c8:68:2c:69:39:8a:9f:e3:76:23:26:7e:44:69:70: 81:61:25:84:f3:26:f7:c4:48:da:f7:1e:5f:d5:18: 1e:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:23:3A:57:7B:D4:E6:AC:B4:D2:90:BB:A5:8F:05:59:31:DF:63:AC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145899.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acb1::/32 Signature Algorithm: sha256WithRSAEncryption c8:09:12:eb:c9:97:7b:3c:d2:2b:59:e6:74:53:89:87:13:78: 62:b1:d8:d1:c9:06:81:ce:7b:41:82:51:a5:bd:9b:77:0d:d0: c9:6d:30:b8:fa:52:fe:5a:91:ad:85:eb:5e:10:96:22:f9:3f: f9:53:4e:8d:b9:47:94:b1:e1:98:bb:72:44:f1:91:bf:9e:6e: bd:6c:b9:92:78:ab:aa:f0:ee:bd:49:5e:8f:99:3b:9e:c7:77: 64:09:0f:18:22:fe:23:a6:28:26:38:02:43:a0:4d:d3:9e:13: 2a:c6:f0:b8:2c:4e:fc:85:e0:09:7b:c9:30:f5:4c:8e:53:7e: 5d:4b:79:a7:50:0a:7a:1b:91:69:5b:d7:15:6c:1f:ad:7b:74: 1e:f5:e5:4d:3e:64:d8:61:ba:32:f1:ff:bd:74:89:55:5c:05: d9:c5:43:68:75:ad:3b:12:58:dc:a4:9d:83:cd:a8:c7:bd:e9: df:47:a0:7b:23:78:13:1f:83:e9:f3:28:34:f2:da:62:60:07: e5:fd:9a:a6:32:cb:c2:c9:a8:2b:e0:e2:3e:e1:f4:7d:09:a2: 6e:4b:b2:da:7a:99:94:24:99:a5:1f:ff:03:b8:84:d0:6e:85: 6b:f1:b6:bd:f9:7d:df:04:80:1b:1d:fc:a4:f6:b5:cb:91:c6: ca:60:a0:a0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBrNb7N4jLN/RrVeNM68igOKH4J8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzNFoX DTI3MDMwMzA2MzAzNFowMzExMC8GA1UEAxMoMTIyMzNBNTc3QkQ0RTZBQ0I0RDI5 MEJCQTU4RjA1NTkzMURGNjNBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaVFMvsMAUZ37PDxv/JMSCLE6zCVI7MDo+AHfQHbrknXwfSjgfOY6N9auSv wotfGbNoDVejQLrPsPgU4KAc1xEKZIMaKnhcGNOCE1O1htBuayVtiwTL8vKBAS2l ifT3Ys6tuiH+QkvlhGn8sHeys0UBwyhUbBPSteLBtI/Bz9AO+Qq07AvFspxIfRRX N/zbxKQ6m+kzSwr607cX5z1YDAezDOxMTvK8J6mHDTUiLuXfQXm8g82CYPRRSd4I UmGVF/cooJKcHcyxVKpfV75RszI3sEHmGG+n1jXy5yBNgbB/yGgsaTmKn+N2IyZ+ RGlwgWElhPMm98RI2vceX9UYHhkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQSIzpX e9TmrLTSkLuljwVZMd9jrDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rLEwDQYJKoZIhvcNAQELBQADggEBAMgJEuvJl3s80itZ5nRTiYcTeGKx2NHJBoHO e0GCUaW9m3cN0MltMLj6Uv5aka2F614QliL5P/lTTo25R5Sx4Zi7ckTxkb+ebr1s uZJ4q6rw7r1JXo+ZO57Hd2QJDxgi/iOmKCY4AkOgTdOeEyrG8LgsTvyF4Al7yTD1 TI5Tfl1LeadQCnobkWlb1xVsH617dB715U0+ZNhhujLx/710iVVcBdnFQ2h1rTsS WNyknYPNqMe96d9HoHsjeBMfg+nzKDTy2mJgB+X9mqYyy8LJqCvg4j7h9H0Jom5L stp6mZQkmaUf/wO4hNBuhWvxtr35fd8EgBsd/KT2tcuRxspgoKA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:25 2026 by rpki-client