$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145952.roa File: AS145952.roa (raw, json) Hash identifier: Vf9AbOahbq1g4CzhtuH+v5pg6d9ULZ5Vb3Y4jcJH1PI= Subject key identifier: 53:69:E0:1C:A4:F6:83:F5:14:8D:31:5E:8C:01:31:28:47:C9:FF:8E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 77AAD7EACAC7BE984AA26250BFCA1B1B484BA5EC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145952.roa Signing time: Wed 04 Mar 2026 06:29:57 +0000 ROA not before: Wed 04 Mar 2026 06:24:57 +0000 ROA not after: Wed 03 Mar 2027 06:29:57 +0000 asID: 145952 IP address blocks: 240a:ace6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:aa:d7:ea:ca:c7:be:98:4a:a2:62:50:bf:ca:1b:1b:48:4b:a5:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:57 2026 GMT Not After : Mar 3 06:29:57 2027 GMT Subject: CN=5369E01CA4F683F5148D315E8C01312847C9FF8E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:ed:6e:04:da:0f:29:9d:8a:5b:2d:e6:7e:74: 9c:be:9a:11:d9:fd:2a:73:37:16:04:2f:47:64:d9: 4d:bc:a6:ab:59:e5:f6:c7:d4:6b:15:b0:ef:dd:94: 58:f9:e1:c2:33:fa:4d:e4:d5:0a:1a:3a:1e:87:fe: f8:1f:ff:78:af:cd:09:f9:2f:18:e7:7c:d3:69:8b: 9d:3d:db:42:cf:5e:40:9a:7c:d8:9b:69:b1:57:02: 9f:2a:55:d6:f4:26:7d:54:86:32:6e:8d:b3:5c:b9: 63:b1:34:f6:c3:99:4e:ff:32:5c:37:e9:60:63:90: 5f:96:86:04:01:11:ad:63:77:46:d5:76:5b:3d:29: 17:f0:03:fd:22:5e:ab:49:71:1d:8b:6a:90:61:ca: 6c:70:2c:78:bb:0f:5c:4d:7d:2e:aa:bd:d6:6f:72: 58:4e:ed:de:ce:3c:48:09:c5:39:e1:7e:50:52:43: 45:e3:35:6b:67:5f:3a:0d:2e:08:67:a0:8c:8f:5d: 3b:53:e4:43:3b:2a:c7:44:32:ba:6e:80:4f:11:09: 3c:38:72:32:f8:e6:7d:1c:8b:be:b8:65:18:e4:67: b2:ab:7f:86:9d:c8:49:f8:e6:bf:91:60:4b:b3:f3: ba:37:2e:b6:de:93:1a:08:21:38:9a:1a:8c:11:a8: d1:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:69:E0:1C:A4:F6:83:F5:14:8D:31:5E:8C:01:31:28:47:C9:FF:8E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145952.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ace6::/32 Signature Algorithm: sha256WithRSAEncryption 7c:13:73:58:13:6c:c4:ed:ca:ef:28:76:53:6a:a1:8d:c1:e4: ba:77:0e:8f:f5:f6:b4:5a:d0:57:62:38:4d:db:0e:cd:de:ee: ba:31:6d:03:e9:4b:d4:89:9f:dc:86:a9:a1:cb:a5:70:b3:c5: a7:4f:26:24:89:7d:7a:89:dc:ee:ab:85:9b:08:0c:83:0c:1a: 11:30:92:c7:4e:f2:2c:35:da:db:44:8a:4f:3e:b5:f9:65:ce: 35:f4:45:a6:6e:7a:92:0a:e4:d1:84:2c:14:ea:bc:d4:6f:e0: 2a:1b:78:65:c9:e1:02:de:4e:7a:35:1b:94:99:fa:c6:69:53: e1:a3:0f:86:35:69:12:34:c8:d2:c2:6d:87:d9:e1:7c:19:fe: c6:ae:18:2e:e3:95:0f:f0:75:7f:8b:56:b6:ec:8a:3f:ec:06: 74:5f:5b:06:d1:b3:c6:d1:1a:67:84:3e:a9:b3:b5:79:ea:72: f8:61:11:17:ba:42:e9:35:80:0a:51:ea:2c:79:0e:48:4b:62: 6c:5b:32:90:07:bb:dd:49:04:72:6b:07:c9:5a:78:01:ce:b7: 64:0c:d1:51:8d:05:7d:02:1f:40:6f:8f:db:6e:33:d5:24:8c: ab:ce:26:d8:fd:da:30:9d:fe:8c:eb:9e:3c:64:67:80:47:f8: 1c:9f:e6:44 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUd6rX6srHvphKomJQv8obG0hLpewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1N1oX DTI3MDMwMzA2Mjk1N1owMzExMC8GA1UEAxMoNTM2OUUwMUNBNEY2ODNGNTE0OEQz MTVFOEMwMTMxMjg0N0M5RkY4RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPXtbgTaDymdilst5n50nL6aEdn9KnM3FgQvR2TZTbymq1nl9sfUaxWw792U WPnhwjP6TeTVCho6Hof++B//eK/NCfkvGOd802mLnT3bQs9eQJp82JtpsVcCnypV 1vQmfVSGMm6Ns1y5Y7E09sOZTv8yXDfpYGOQX5aGBAERrWN3RtV2Wz0pF/AD/SJe q0lxHYtqkGHKbHAseLsPXE19Lqq91m9yWE7t3s48SAnFOeF+UFJDReM1a2dfOg0u CGegjI9dO1PkQzsqx0Qyum6ATxEJPDhyMvjmfRyLvrhlGORnsqt/hp3ISfjmv5Fg S7Pzujcutt6TGgghOJoajBGo0UUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRTaeAc pPaD9RSNMV6MATEoR8n/jjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rOYwDQYJKoZIhvcNAQELBQADggEBAHwTc1gTbMTtyu8odlNqoY3B5Lp3Do/19rRa 0FdiOE3bDs3e7roxbQPpS9SJn9yGqaHLpXCzxadPJiSJfXqJ3O6rhZsIDIMMGhEw ksdO8iw12ttEik8+tfllzjX0RaZuepIK5NGELBTqvNRv4CobeGXJ4QLeTno1G5SZ +sZpU+GjD4Y1aRI0yNLCbYfZ4XwZ/sauGC7jlQ/wdX+LVrbsij/sBnRfWwbRs8bR GmeEPqmztXnqcvhhERe6Quk1gApR6ix5DkhLYmxbMpAHu91JBHJrB8laeAHOt2QM 0VGNBX0CH0Bvj9tuM9UkjKvOJtj92jCd/ozrnjxkZ4BH+Byf5kQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:45 2026 by rpki-client