$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145924.roa File: AS145924.roa (raw, json) Hash identifier: VVyBcMfwUMP/pTTVlFjvlecc+Klmx50igIo1f2DwoLQ= Subject key identifier: CF:E0:81:25:66:BB:38:71:0D:E5:9B:F5:26:67:45:DA:D5:9E:CA:54 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 366DAE1CA60DD2EA9B062A717FB029C1F338FC5D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145924.roa Signing time: Wed 04 Mar 2026 06:30:48 +0000 ROA not before: Wed 04 Mar 2026 06:25:48 +0000 ROA not after: Wed 03 Mar 2027 06:30:48 +0000 asID: 145924 IP address blocks: 240a:acca::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:6d:ae:1c:a6:0d:d2:ea:9b:06:2a:71:7f:b0:29:c1:f3:38:fc:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:48 2026 GMT Not After : Mar 3 06:30:48 2027 GMT Subject: CN=CFE0812566BB38710DE59BF5266745DAD59ECA54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:79:cb:a2:f8:60:5c:44:dc:64:1d:79:b9:db: 15:c9:b5:91:03:49:0c:6e:6c:5f:09:e9:28:3f:41: e7:26:b2:c7:dd:0d:6e:c1:c4:63:58:8e:a6:f0:ee: 19:96:7f:a0:6c:a4:44:20:ad:3a:05:8f:a7:cb:cd: 51:af:2b:30:8e:76:40:89:7a:47:32:e7:1f:72:7c: ff:9a:74:eb:5c:48:4d:7c:a2:f6:68:f0:3f:74:6a: 49:83:b1:89:09:a9:82:e9:a5:0d:d6:13:c5:ca:c3: 5e:4a:69:29:9c:10:18:63:ec:7e:90:d0:b4:66:a1: 38:ef:f4:69:4e:7c:56:6d:58:33:c5:11:a0:ef:7c: 75:85:e3:7a:04:ec:d4:ba:92:80:e9:3c:a7:28:e9: c3:d8:1a:92:e7:35:3d:8e:c2:b8:1e:a4:6c:ab:cb: 19:d7:f7:13:8d:c1:50:d4:32:c8:2e:c5:4c:59:ce: 6d:19:78:4c:49:f7:bf:e8:55:ea:54:c8:bb:69:6e: 96:df:c7:38:c1:41:56:84:9b:eb:7f:21:56:13:6c: f6:bd:79:d8:17:f6:39:9b:03:e7:0e:07:8b:df:83: 71:e5:64:0d:27:45:80:df:2b:36:7e:a7:c0:45:f0: b1:46:54:fd:da:61:01:ed:1f:60:da:bb:3a:df:e5: 48:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:E0:81:25:66:BB:38:71:0D:E5:9B:F5:26:67:45:DA:D5:9E:CA:54 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145924.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acca::/32 Signature Algorithm: sha256WithRSAEncryption c8:97:25:13:db:c8:45:e6:c2:d4:d3:cc:78:84:dc:ca:37:64: ae:0d:0c:b0:8a:0b:af:8d:20:06:1a:38:f7:9c:10:e6:20:f2: ef:6c:31:81:b8:87:4c:79:5b:4f:01:3d:92:2a:fd:7c:47:ca: 15:19:92:fe:e3:32:bc:84:7e:99:2c:ce:b2:24:2c:71:f4:40: 5e:77:ed:c5:60:43:fe:cb:9e:14:ee:41:2c:0d:70:cb:dc:1b: fd:a9:15:34:dc:2f:02:99:0a:0b:99:ca:a0:61:48:50:8b:f9: 18:f5:4f:1a:89:d2:63:e4:f0:4f:53:22:14:ec:fc:33:db:21: 57:7e:6e:1d:12:4e:40:2b:fc:f8:1e:71:ae:05:5c:bb:0a:6a: 91:b1:bc:4a:7a:40:ca:3e:3a:97:c5:af:da:58:b3:57:45:3d: 4e:8f:98:e2:8c:f9:c7:cf:99:e9:60:27:9f:78:30:d7:2b:84: 0e:70:27:8e:89:ab:63:75:54:c7:45:3c:6f:d2:a1:ad:31:59: 9d:cb:a8:d0:bf:df:e1:e1:65:69:e4:b5:5b:8a:3d:3d:21:c9: d0:30:89:1d:8c:4b:a3:52:31:e9:cb:ec:45:03:f1:db:be:4f: e5:7b:c9:47:a7:97:7c:c3:f5:02:2c:64:5c:e0:04:2e:cf:fe: 18:ec:05:2f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNm2uHKYN0uqbBipxf7ApwfM4/F0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0OFoX DTI3MDMwMzA2MzA0OFowMzExMC8GA1UEAxMoQ0ZFMDgxMjU2NkJCMzg3MTBERTU5 QkY1MjY2NzQ1REFENTlFQ0E1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIp5y6L4YFxE3GQdebnbFcm1kQNJDG5sXwnpKD9B5yayx90NbsHEY1iOpvDu GZZ/oGykRCCtOgWPp8vNUa8rMI52QIl6RzLnH3J8/5p061xITXyi9mjwP3RqSYOx iQmpgumlDdYTxcrDXkppKZwQGGPsfpDQtGahOO/0aU58Vm1YM8URoO98dYXjegTs 1LqSgOk8pyjpw9gakuc1PY7CuB6kbKvLGdf3E43BUNQyyC7FTFnObRl4TEn3v+hV 6lTIu2lult/HOMFBVoSb638hVhNs9r152Bf2OZsD5w4Hi9+DceVkDSdFgN8rNn6n wEXwsUZU/dphAe0fYNq7Ot/lSGUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTP4IEl Zrs4cQ3lm/UmZ0Xa1Z7KVDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTkyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rMowDQYJKoZIhvcNAQELBQADggEBAMiXJRPbyEXmwtTTzHiE3Mo3ZK4NDLCKC6+N IAYaOPecEOYg8u9sMYG4h0x5W08BPZIq/XxHyhUZkv7jMryEfpkszrIkLHH0QF53 7cVgQ/7LnhTuQSwNcMvcG/2pFTTcLwKZCguZyqBhSFCL+Rj1TxqJ0mPk8E9TIhTs /DPbIVd+bh0STkAr/Pgeca4FXLsKapGxvEp6QMo+OpfFr9pYs1dFPU6PmOKM+cfP melgJ594MNcrhA5wJ46Jq2N1VMdFPG/Soa0xWZ3LqNC/3+HhZWnktVuKPT0hydAw iR2MS6NSMenL7EUD8du+T+V7yUenl3zD9QIsZFzgBC7P/hjsBS8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:05 2026 by rpki-client