$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145928.roa File: AS145928.roa (raw, json) Hash identifier: 7Cvzvgcx6BpZWi6LdESsQamZ0CgAnujipWuHwX2GPtY= Subject key identifier: C7:FA:01:4B:37:82:AF:59:99:05:1E:37:A5:FC:0E:3A:0B:24:9B:DA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0D5664990A12D15312161E75D836C64F3AA0B697 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145928.roa Signing time: Wed 04 Mar 2026 06:29:33 +0000 ROA not before: Wed 04 Mar 2026 06:24:33 +0000 ROA not after: Wed 03 Mar 2027 06:29:33 +0000 asID: 145928 IP address blocks: 240a:acce::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:56:64:99:0a:12:d1:53:12:16:1e:75:d8:36:c6:4f:3a:a0:b6:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:33 2026 GMT Not After : Mar 3 06:29:33 2027 GMT Subject: CN=C7FA014B3782AF5999051E37A5FC0E3A0B249BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:8e:6b:6a:06:17:cf:0a:78:e2:ba:e0:a2:c1: 59:bc:3a:f1:3c:9e:0d:78:c3:b8:be:8d:6b:c4:55: 19:60:fc:32:1f:6d:33:88:40:81:38:61:e2:3d:65: 15:eb:fc:17:22:44:48:a2:6c:f1:c1:33:05:a2:00: 49:c3:06:0e:bc:f2:7d:6b:5a:eb:65:45:38:1b:6d: 04:56:bc:bf:61:32:20:42:44:c6:79:a5:6d:64:3e: ff:cf:db:22:49:70:48:31:78:51:fd:13:1d:93:f4: 7f:91:80:ab:93:39:93:23:a2:eb:17:16:71:89:52: ba:fc:51:fc:87:a4:c1:2b:e1:89:48:17:ce:2f:a4: 54:4c:79:56:08:44:2c:7b:22:00:f8:ce:24:a8:59: 23:9e:31:6b:8d:c1:33:91:8e:68:8d:65:53:dd:77: 67:a9:7a:c9:d7:1a:72:69:eb:2b:c7:5f:16:c0:7a: b6:60:dc:71:10:c6:14:75:82:09:0e:a1:21:d0:cf: be:ef:f1:07:49:bb:f3:87:8d:0e:a5:13:55:34:e2: 29:d7:74:58:7a:f1:91:fa:70:23:df:5c:cd:a0:2c: 01:f7:15:16:45:26:80:f5:5e:12:cb:ee:c2:42:fb: 5b:82:c3:a0:f2:2e:a1:75:54:76:9d:12:14:87:b1: aa:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:FA:01:4B:37:82:AF:59:99:05:1E:37:A5:FC:0E:3A:0B:24:9B:DA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145928.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acce::/32 Signature Algorithm: sha256WithRSAEncryption 38:78:b3:43:5e:51:a8:4c:11:63:be:f5:40:68:61:92:36:8f: 20:59:6c:85:57:2b:d3:08:3b:8b:ec:af:56:af:ff:b6:8b:52: c8:8a:6a:c7:21:d8:7e:c4:3c:b7:5d:45:db:6b:d0:6c:08:d8: 16:cf:dc:fb:da:75:e5:df:e6:69:a8:03:8f:03:20:4a:8a:10: 1c:16:31:0b:6b:b4:96:13:ec:b0:de:1e:d4:0a:cc:24:de:15: 0f:b8:23:ae:10:5e:b6:e3:da:eb:97:e4:69:db:9b:3c:70:44: ae:fd:fc:cc:44:d6:fc:39:be:df:cc:27:60:a1:6f:6c:83:36: 45:01:29:76:ef:bd:38:82:47:19:90:b2:7f:6f:c4:70:a0:d4: a9:3c:3a:2d:f6:62:09:2e:9f:a0:e0:a2:f9:65:74:fa:13:12: 7f:70:7c:5c:32:a4:dc:2b:8e:74:7c:5d:1a:e3:dc:53:09:e8: 7e:10:42:42:2c:51:73:7b:7c:2e:33:e8:cb:11:fb:93:44:28: 33:54:00:de:43:87:86:c9:17:4f:fa:ca:3f:f2:18:a9:3c:f9: 74:bf:cc:c3:81:b6:51:3d:e3:66:01:d7:2c:cd:a7:1b:e8:4e: c5:d2:da:28:a6:af:9f:56:43:fd:f9:c8:c1:e6:ac:27:9f:24: 7f:27:5a:1b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDVZkmQoS0VMSFh512DbGTzqgtpcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzM1oX DTI3MDMwMzA2MjkzM1owMzExMC8GA1UEAxMoQzdGQTAxNEIzNzgyQUY1OTk5MDUx RTM3QTVGQzBFM0EwQjI0OUJEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJOOa2oGF88KeOK64KLBWbw68TyeDXjDuL6Na8RVGWD8Mh9tM4hAgThh4j1l Fev8FyJESKJs8cEzBaIAScMGDrzyfWta62VFOBttBFa8v2EyIEJExnmlbWQ+/8/b IklwSDF4Uf0THZP0f5GAq5M5kyOi6xcWcYlSuvxR/IekwSvhiUgXzi+kVEx5VghE LHsiAPjOJKhZI54xa43BM5GOaI1lU913Z6l6ydcacmnrK8dfFsB6tmDccRDGFHWC CQ6hIdDPvu/xB0m784eNDqUTVTTiKdd0WHrxkfpwI99czaAsAfcVFkUmgPVeEsvu wkL7W4LDoPIuoXVUdp0SFIexqpkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTH+gFL N4KvWZkFHjel/A46CySb2jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTkyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rM4wDQYJKoZIhvcNAQELBQADggEBADh4s0NeUahMEWO+9UBoYZI2jyBZbIVXK9MI O4vsr1av/7aLUsiKasch2H7EPLddRdtr0GwI2BbP3PvadeXf5mmoA48DIEqKEBwW MQtrtJYT7LDeHtQKzCTeFQ+4I64QXrbj2uuX5GnbmzxwRK79/MxE1vw5vt/MJ2Ch b2yDNkUBKXbvvTiCRxmQsn9vxHCg1Kk8Oi32Ygkun6DgovlldPoTEn9wfFwypNwr jnR8XRrj3FMJ6H4QQkIsUXN7fC4z6MsR+5NEKDNUAN5Dh4bJF0/6yj/yGKk8+XS/ zMOBtlE942YB1yzNpxvoTsXS2iimr59WQ/35yMHmrCefJH8nWhs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:59 2026 by rpki-client