$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145958.roa File: AS145958.roa (raw, json) Hash identifier: D9J1jX828n/3/xUDLXR5Sh73XEysVpkbNJqH9BQDJmA= Subject key identifier: C8:5C:EE:3C:78:51:86:77:4B:3B:BE:E7:8E:0D:B3:02:28:E4:C4:73 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 69AA1EAD67C06AB74214D023AECADD715BE298C5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145958.roa Signing time: Wed 04 Mar 2026 06:29:41 +0000 ROA not before: Wed 04 Mar 2026 06:24:41 +0000 ROA not after: Wed 03 Mar 2027 06:29:41 +0000 asID: 145958 IP address blocks: 240a:acec::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:aa:1e:ad:67:c0:6a:b7:42:14:d0:23:ae:ca:dd:71:5b:e2:98:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:41 2026 GMT Not After : Mar 3 06:29:41 2027 GMT Subject: CN=C85CEE3C785186774B3BBEE78E0DB30228E4C473 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:3d:cc:10:4c:40:d4:31:c2:f2:6b:bb:b0:c4: 9a:7b:5b:96:23:8f:6a:55:64:0f:63:68:f6:e7:77: 04:d3:34:fc:d1:09:df:48:0b:ba:8d:48:96:4e:86: 6d:fa:cf:80:42:3c:4a:3f:fc:bd:f2:c9:70:dd:72: 1c:49:0b:2e:2c:40:b0:46:e7:49:6f:d4:2a:26:9d: a0:d2:7a:b5:69:d9:fc:54:e3:f2:15:21:7c:85:7a: 22:62:4a:c9:a1:3f:29:27:b2:b4:e0:02:d5:c6:46: 55:1f:7c:b6:1f:66:be:02:9d:96:b8:e8:53:06:35: c6:47:5d:84:5f:9e:2d:d7:60:56:e4:25:1d:b7:fb: 1f:db:53:8b:be:61:e7:55:76:c2:4a:be:39:2f:b7: 67:8e:b7:86:39:ed:39:3b:91:57:d2:51:d0:5c:00: 5e:1a:54:54:6e:8b:0c:40:5b:3d:b4:6f:4a:d9:79: 5c:28:13:b1:ec:bf:ed:1f:60:40:e8:e6:b5:39:b4: 6f:4c:da:a8:80:5e:dd:5c:93:ca:08:34:a1:28:55: da:61:62:e6:a3:b8:e8:ae:f7:85:28:2f:1b:2a:d0: 8d:5c:8c:ac:34:80:bc:d1:14:64:c3:5e:73:d8:5d: d7:18:d4:43:dd:df:b0:fb:3c:02:b9:c4:71:d3:a7: 3c:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:5C:EE:3C:78:51:86:77:4B:3B:BE:E7:8E:0D:B3:02:28:E4:C4:73 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145958.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acec::/32 Signature Algorithm: sha256WithRSAEncryption 9f:8c:08:1c:da:c7:99:96:05:f3:40:b2:08:fd:38:cf:ad:02: e6:72:03:ba:1a:2a:2f:ef:66:fb:b8:f4:22:df:85:41:13:73: 4a:c5:80:c7:d4:39:3a:5b:b1:e6:f1:f5:60:3b:da:3d:c4:42: 4d:fe:b4:e4:a6:75:12:11:31:00:26:c8:01:43:99:f1:6e:ce: e4:66:40:b5:60:f3:27:03:cd:bd:6d:d2:c2:e9:9d:4c:e9:ff: a1:10:27:a6:36:cb:a1:84:65:96:66:f3:c3:e6:86:6a:c7:a3: 5d:52:72:93:ab:d5:52:c8:54:d7:88:c1:48:fa:aa:c6:67:1c: 07:0b:4f:9b:61:ef:fa:3b:e2:a7:40:c3:b1:c9:f2:7a:d9:fc: 22:90:3d:a0:9d:14:68:5f:1d:7b:a6:b5:ea:28:ee:34:f9:65: db:d1:20:d3:b9:b6:ba:74:78:79:7c:04:0c:ee:79:0a:4c:15: 19:04:cc:58:24:8e:18:89:3e:e7:ab:cf:3b:5d:1c:76:d8:7a: c5:93:76:68:53:e9:5c:07:a5:38:44:cc:da:69:da:07:de:8e: 9a:83:f2:1d:15:fa:9e:89:1f:4b:d2:d5:9d:cd:9d:82:38:f2: cd:6d:d9:6c:11:f7:aa:5d:c4:8b:aa:44:9a:11:72:09:10:c3: 0c:ac:99:45 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaaoerWfAardCFNAjrsrdcVvimMUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0MVoX DTI3MDMwMzA2Mjk0MVowMzExMC8GA1UEAxMoQzg1Q0VFM0M3ODUxODY3NzRCM0JC RUU3OEUwREIzMDIyOEU0QzQ3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAME9zBBMQNQxwvJru7DEmntbliOPalVkD2No9ud3BNM0/NEJ30gLuo1Ilk6G bfrPgEI8Sj/8vfLJcN1yHEkLLixAsEbnSW/UKiadoNJ6tWnZ/FTj8hUhfIV6ImJK yaE/KSeytOAC1cZGVR98th9mvgKdlrjoUwY1xkddhF+eLddgVuQlHbf7H9tTi75h 51V2wkq+OS+3Z463hjntOTuRV9JR0FwAXhpUVG6LDEBbPbRvStl5XCgTsey/7R9g QOjmtTm0b0zaqIBe3VyTygg0oShV2mFi5qO46K73hSgvGyrQjVyMrDSAvNEUZMNe c9hd1xjUQ93fsPs8ArnEcdOnPG0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTIXO48 eFGGd0s7vueODbMCKOTEczAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rOwwDQYJKoZIhvcNAQELBQADggEBAJ+MCBzax5mWBfNAsgj9OM+tAuZyA7oaKi/v Zvu49CLfhUETc0rFgMfUOTpbsebx9WA72j3EQk3+tOSmdRIRMQAmyAFDmfFuzuRm QLVg8ycDzb1t0sLpnUzp/6EQJ6Y2y6GEZZZm88PmhmrHo11ScpOr1VLIVNeIwUj6 qsZnHAcLT5th7/o74qdAw7HJ8nrZ/CKQPaCdFGhfHXumteoo7jT5ZdvRINO5trp0 eHl8BAzueQpMFRkEzFgkjhiJPuerzztdHHbYesWTdmhT6VwHpThEzNpp2gfejpqD 8h0V+p6JH0vS1Z3NnYI48s1t2WwR96pdxIuqRJoRcgkQwwysmUU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:15 2026 by rpki-client