$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145914.roa File: AS145914.roa (raw, json) Hash identifier: ZazXst7LOh7dw24CD0beJJoSjsFSg3SoWdF2tJqWZmk= Subject key identifier: F2:E3:3D:4F:34:B5:50:5B:9C:3C:A7:A5:15:46:D8:EB:F5:9B:C0:65 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 374665A79568E38B2E927611CB0ED77628621A13 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145914.roa Signing time: Wed 04 Mar 2026 06:29:35 +0000 ROA not before: Wed 04 Mar 2026 06:24:35 +0000 ROA not after: Wed 03 Mar 2027 06:29:35 +0000 asID: 145914 IP address blocks: 240a:acc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:46:65:a7:95:68:e3:8b:2e:92:76:11:cb:0e:d7:76:28:62:1a:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:35 2026 GMT Not After : Mar 3 06:29:35 2027 GMT Subject: CN=F2E33D4F34B5505B9C3CA7A51546D8EBF59BC065 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:23:e9:63:69:9e:57:42:34:d6:59:f2:05:0a: 1e:f0:83:0d:bb:b2:44:28:e1:47:9f:fd:e0:ff:e9: d6:66:00:ca:16:8e:d4:42:75:dc:3e:d0:dd:52:24: 5d:c4:40:4f:eb:e1:19:4f:77:4a:0c:f0:04:d0:32: 01:6d:e0:79:79:29:95:09:57:8f:0e:da:96:19:eb: 36:16:bd:27:5e:5a:1f:88:93:f6:c3:e4:81:94:c9: 2e:e1:61:e6:86:c5:de:53:ea:b7:f0:60:4c:4e:c8: 15:2f:ef:e1:78:d9:c8:bc:0b:f8:03:49:55:c9:7d: f8:2d:e9:7f:28:dd:8b:30:c3:4a:fd:f3:25:ab:e7: d8:31:b8:7a:9c:c7:17:a7:15:cb:6a:57:cd:64:b5: c1:66:80:dd:8c:7f:18:8b:bd:8f:d5:d4:d1:15:d2: b7:d8:3d:b1:ed:0c:8b:a1:71:29:b7:a0:3e:58:c6: 88:f0:55:84:85:99:73:11:20:43:87:79:7e:54:b8: 41:2e:fb:74:0e:df:83:ad:b7:d3:73:0e:69:63:48: 0e:45:c5:02:ec:4d:44:9c:02:15:05:79:c7:47:a9: 96:7e:b2:8b:39:2b:31:9a:e0:8a:da:c1:92:a7:5d: 5d:bb:48:14:67:53:dd:83:a7:1d:51:04:88:93:77: 6a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:E3:3D:4F:34:B5:50:5B:9C:3C:A7:A5:15:46:D8:EB:F5:9B:C0:65 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145914.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acc0::/32 Signature Algorithm: sha256WithRSAEncryption 3b:c4:dd:e0:d6:a3:5a:a2:f6:4e:f5:56:46:60:65:a5:e5:f2: 9f:4a:a5:6e:d6:59:9e:06:aa:71:76:88:8c:0d:b3:1c:53:fd: 4b:e4:3d:75:a1:26:4f:7c:e2:38:c7:04:8b:ea:ba:0f:37:36: d8:12:4d:bb:ba:f5:65:00:a5:da:8a:7e:eb:ae:d8:65:71:55: bb:36:f3:79:40:45:1d:34:d8:68:d9:a6:13:56:59:76:46:44: ae:75:ec:02:d1:30:ad:a4:5d:00:43:a3:a0:28:20:63:36:4f: 9d:25:e9:c3:b6:97:56:57:80:e4:90:7f:14:e3:1b:be:cf:58: b6:54:91:be:45:71:db:2a:83:fb:33:c9:20:fa:51:35:b7:f3: 2a:ab:4a:36:ce:30:45:4c:e5:6b:6a:0e:fe:b0:b8:90:b7:6b: ff:3a:85:c1:99:5f:e2:ff:51:34:a7:50:34:26:1d:e7:8d:27: 73:44:4e:f7:b8:b6:00:5e:19:d4:e6:46:df:c0:92:18:09:f0: f4:f9:c6:7c:4b:51:f0:b8:63:07:4c:13:dd:20:e3:39:b7:8b: cf:3a:06:61:54:e6:1d:31:e9:98:a8:71:82:d8:66:53:f3:57: 16:c5:53:10:76:8b:8f:1f:e5:a6:8a:6e:42:4a:f1:64:f9:1f: 79:34:71:94 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUN0Zlp5Vo44suknYRyw7XdihiGhMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzNVoX DTI3MDMwMzA2MjkzNVowMzExMC8GA1UEAxMoRjJFMzNENEYzNEI1NTA1QjlDM0NB N0E1MTU0NkQ4RUJGNTlCQzA2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMkj6WNpnldCNNZZ8gUKHvCDDbuyRCjhR5/94P/p1mYAyhaO1EJ13D7Q3VIk XcRAT+vhGU93SgzwBNAyAW3geXkplQlXjw7alhnrNha9J15aH4iT9sPkgZTJLuFh 5obF3lPqt/BgTE7IFS/v4XjZyLwL+ANJVcl9+C3pfyjdizDDSv3zJavn2DG4epzH F6cVy2pXzWS1wWaA3Yx/GIu9j9XU0RXSt9g9se0Mi6FxKbegPljGiPBVhIWZcxEg Q4d5flS4QS77dA7fg62303MOaWNIDkXFAuxNRJwCFQV5x0epln6yizkrMZrgitrB kqddXbtIFGdT3YOnHVEEiJN3agsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTy4z1P NLVQW5w8p6UVRtjr9ZvAZTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTkxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rMAwDQYJKoZIhvcNAQELBQADggEBADvE3eDWo1qi9k71VkZgZaXl8p9KpW7WWZ4G qnF2iIwNsxxT/UvkPXWhJk984jjHBIvqug83NtgSTbu69WUApdqKfuuu2GVxVbs2 83lARR002GjZphNWWXZGRK517ALRMK2kXQBDo6AoIGM2T50l6cO2l1ZXgOSQfxTj G77PWLZUkb5Fcdsqg/szySD6UTW38yqrSjbOMEVM5WtqDv6wuJC3a/86hcGZX+L/ UTSnUDQmHeeNJ3NETve4tgBeGdTmRt/AkhgJ8PT5xnxLUfC4YwdME90g4zm3i886 BmFU5h0x6ZiocYLYZlPzVxbFUxB2i48f5aaKbkJK8WT5H3k0cZQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:46 2026 by rpki-client