$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145943.roa File: AS145943.roa (raw, json) Hash identifier: 6CUNt9khN0CiBEe2IMcc3/hbnDfwLxm1Tfq4xIEpHxo= Subject key identifier: 1E:72:E3:22:2A:53:AA:81:8E:8E:AA:ED:9B:B0:6B:BA:D4:89:2A:3B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 01A8EF9DA474DC5C65F1FDC8943EAF5EFAA38E88 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145943.roa Signing time: Wed 04 Mar 2026 06:31:02 +0000 ROA not before: Wed 04 Mar 2026 06:26:02 +0000 ROA not after: Wed 03 Mar 2027 06:31:02 +0000 asID: 145943 IP address blocks: 240a:acdd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:a8:ef:9d:a4:74:dc:5c:65:f1:fd:c8:94:3e:af:5e:fa:a3:8e:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:02 2026 GMT Not After : Mar 3 06:31:02 2027 GMT Subject: CN=1E72E3222A53AA818E8EAAED9BB06BBAD4892A3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:74:9a:ee:b8:1e:3f:4b:d0:3b:dd:43:80:6b: 1c:b0:18:e9:55:b4:7c:06:2c:0e:d5:f7:34:ad:ec: 52:55:2c:c7:22:20:e0:0d:5f:01:db:de:86:02:ac: a1:d5:d0:ec:4c:a5:df:40:09:b1:0c:63:fd:75:1a: 44:91:45:8d:5c:bb:64:5f:24:92:82:c6:de:25:0b: 98:ae:14:1d:13:1f:23:ce:8a:4f:2d:03:20:ce:16: e3:4b:3f:f6:87:ab:e8:b0:5f:bd:c8:7b:1c:97:27: 46:fe:68:ad:89:fb:1d:22:c6:6b:9d:bc:b5:35:ab: 23:a8:e7:62:f5:d4:07:80:40:58:7b:d2:24:15:9a: fe:45:f5:32:e0:44:11:97:99:4d:58:14:d8:e3:e7: 13:f3:5b:6d:2e:1d:a5:f1:04:6f:4e:08:12:0e:10: 5b:42:bd:e1:2d:76:6e:6d:6f:8a:e1:57:65:2e:66: 3b:07:02:27:d2:10:16:83:1a:7b:40:dd:71:f7:e8: e7:ba:70:f4:b1:6a:ab:e8:99:7a:02:e3:d5:91:59: 4f:ea:13:85:a3:c7:07:02:fb:e8:4c:30:1b:63:2a: 6e:18:5e:a8:0a:d6:c6:20:e5:15:48:06:08:e8:48: 21:48:55:8b:1f:1d:8d:c1:78:ad:67:bc:2b:b3:3b: 7b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:72:E3:22:2A:53:AA:81:8E:8E:AA:ED:9B:B0:6B:BA:D4:89:2A:3B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145943.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acdd::/32 Signature Algorithm: sha256WithRSAEncryption bf:75:e8:1e:2a:78:05:34:68:d9:15:c4:ae:db:b3:82:55:71: 38:a5:3d:fe:b8:ff:0c:40:b2:67:44:2a:43:d4:bd:28:2f:27: 0e:f6:6c:59:4b:bd:7c:6d:16:d8:a4:40:6f:5d:4a:25:6b:f4: e3:6d:21:0a:99:e4:8c:15:ff:2e:c1:73:c0:0c:c9:51:d7:9f: 03:ac:a6:76:6d:0f:dd:ce:83:42:66:07:d5:75:59:19:f7:05: a6:0a:7b:40:38:27:ae:cb:1b:99:25:1f:c6:7b:fc:62:2e:23: 3f:02:8f:cc:7c:50:14:06:84:d3:5d:55:0b:ca:d1:59:59:19: 0c:4c:be:bd:8b:8f:c5:31:24:34:c2:5f:a8:13:4a:71:f7:2a: 45:98:ee:2b:43:e1:15:7a:6b:ce:1f:a2:be:90:f0:88:aa:f1: 15:55:d9:1c:4f:93:80:ca:f9:ae:fe:b8:ac:25:9c:8d:6c:db: 15:ed:ff:b6:06:1b:ec:e2:3b:e9:c0:77:1e:07:4f:90:67:5e: 5d:4b:e1:b4:c9:44:73:ef:2f:96:89:ba:b6:b1:e9:2e:b8:5e: 9a:12:0f:e2:7c:df:9f:f9:34:d5:d1:af:92:52:1e:29:5a:30: e2:0c:07:ec:fd:8b:7f:ae:3e:c0:cf:5b:61:58:df:86:6b:e8: 75:24:2b:ea -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAajvnaR03Fxl8f3IlD6vXvqjjogwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwMloX DTI3MDMwMzA2MzEwMlowMzExMC8GA1UEAxMoMUU3MkUzMjIyQTUzQUE4MThFOEVB QUVEOUJCMDZCQkFENDg5MkEzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOR0mu64Hj9L0DvdQ4BrHLAY6VW0fAYsDtX3NK3sUlUsxyIg4A1fAdvehgKs odXQ7Eyl30AJsQxj/XUaRJFFjVy7ZF8kkoLG3iULmK4UHRMfI86KTy0DIM4W40s/ 9oer6LBfvch7HJcnRv5orYn7HSLGa528tTWrI6jnYvXUB4BAWHvSJBWa/kX1MuBE EZeZTVgU2OPnE/NbbS4dpfEEb04IEg4QW0K94S12bm1viuFXZS5mOwcCJ9IQFoMa e0Ddcffo57pw9LFqq+iZegLj1ZFZT+oThaPHBwL76EwwG2MqbhheqArWxiDlFUgG COhIIUhVix8djcF4rWe8K7M7e9sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQecuMi KlOqgY6Oqu2bsGu61IkqOzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rN0wDQYJKoZIhvcNAQELBQADggEBAL916B4qeAU0aNkVxK7bs4JVcTilPf64/wxA smdEKkPUvSgvJw72bFlLvXxtFtikQG9dSiVr9ONtIQqZ5IwV/y7Bc8AMyVHXnwOs pnZtD93Og0JmB9V1WRn3BaYKe0A4J67LG5klH8Z7/GIuIz8Cj8x8UBQGhNNdVQvK 0VlZGQxMvr2Lj8UxJDTCX6gTSnH3KkWY7itD4RV6a84for6Q8Iiq8RVV2RxPk4DK +a7+uKwlnI1s2xXt/7YGG+ziO+nAdx4HT5BnXl1L4bTJRHPvL5aJurax6S64XpoS D+J835/5NNXRr5JSHilaMOIMB+z9i3+uPsDPW2FY34Zr6HUkK+o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:10 2026 by rpki-client