$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145963.roa File: AS145963.roa (raw, json) Hash identifier: 0p6NbojYmSxfxGGF/zLptHAAHIAheKdX+veyabgn/GY= Subject key identifier: 58:D4:35:2B:41:5C:60:F2:AC:41:B1:75:3A:F7:DF:FD:14:82:35:F6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 56D22FCDF429B26FB95EC2DDD8C2DC8F372CAE19 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145963.roa Signing time: Wed 04 Mar 2026 06:30:15 +0000 ROA not before: Wed 04 Mar 2026 06:25:15 +0000 ROA not after: Wed 03 Mar 2027 06:30:15 +0000 asID: 145963 IP address blocks: 240a:acf1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:d2:2f:cd:f4:29:b2:6f:b9:5e:c2:dd:d8:c2:dc:8f:37:2c:ae:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:15 2026 GMT Not After : Mar 3 06:30:15 2027 GMT Subject: CN=58D4352B415C60F2AC41B1753AF7DFFD148235F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:08:9e:6d:e0:44:12:cf:53:70:6f:99:ff:13: e4:c0:19:60:8a:bb:df:a9:14:1d:da:1e:cc:e8:23: 98:f3:c9:ec:33:74:3c:d3:fc:d3:0f:3d:46:67:cd: 07:14:a1:43:fd:bd:09:c4:b4:e2:d6:c0:15:dd:45: dd:7e:6e:db:9b:a6:f4:89:3e:01:a1:c6:f1:c8:33: 14:a4:10:24:d7:fa:1a:f6:7b:5e:23:13:6e:48:d0: 3b:8e:6f:bf:8c:3c:e8:0a:2c:16:73:26:03:2b:27: cd:89:da:4e:af:56:56:a3:93:02:a4:02:94:e1:49: e6:3e:b5:12:e6:19:cb:a8:a1:59:8e:1c:b5:89:9d: c2:79:32:b4:0a:f0:07:a0:fa:47:9b:c3:af:43:29: 0b:24:74:73:7c:ba:dc:fb:ea:c5:fb:74:ad:d2:67: c4:46:d9:01:d3:33:68:3b:53:22:2b:56:ca:fc:b1: d0:81:21:53:70:81:80:9c:ff:97:2a:e8:8c:96:0b: 8b:57:3a:d1:0c:4d:7e:67:1c:40:57:db:3f:49:2c: c1:a5:6b:b1:d2:5a:d8:01:03:20:b3:78:34:1d:09: 16:53:5d:86:a9:07:1b:95:9e:5f:a2:fa:5a:00:27: b9:6e:15:25:98:9a:b3:72:57:b3:4b:02:eb:bf:2c: 5b:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:D4:35:2B:41:5C:60:F2:AC:41:B1:75:3A:F7:DF:FD:14:82:35:F6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145963.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acf1::/32 Signature Algorithm: sha256WithRSAEncryption c9:f2:79:32:7b:a2:6e:8d:51:3a:bd:49:17:4c:00:7b:78:d1: cd:52:e1:b0:29:9e:e6:b8:7d:d3:c7:c7:1f:40:e9:5d:a4:f5: 85:79:6b:44:21:f9:5b:21:b4:7c:4d:91:4c:86:a3:68:d1:0d: e7:9e:0e:ca:f4:3f:37:11:fd:81:e6:2a:0f:25:e7:49:3a:98: 95:12:2c:e1:96:fc:bd:04:fc:9b:e6:cd:52:a8:5c:7a:98:ca: b3:5e:d8:a5:66:64:50:ea:f6:d2:ca:fb:06:8f:25:a8:57:d6: ff:1b:8f:13:9a:76:ba:d5:d5:72:2f:dd:3f:5a:ac:71:3b:9d: a9:2c:02:c5:1d:0a:89:c7:dc:ea:71:72:63:39:aa:ca:69:dc: f3:c9:80:eb:26:3d:1e:39:aa:5a:f3:d4:c9:15:0d:2c:63:e8: fe:b0:e3:57:ca:9c:2e:58:9b:23:6e:f7:a3:ce:77:e7:2d:30: 46:5d:e7:2f:e6:09:cc:fa:f9:42:43:f3:61:34:6a:83:e1:e7: 02:ef:b1:a7:a8:1b:9c:18:b8:8e:cb:6d:ea:c5:08:5d:f9:82: 3a:0e:cd:2f:fc:4e:e2:41:3c:28:c8:11:ba:87:56:fd:2a:09: 53:73:26:95:11:c4:4d:72:23:b1:1a:de:5a:89:cd:e6:8a:1e: 74:bf:25:13 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVtIvzfQpsm+5XsLd2MLcjzcsrhkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxNVoX DTI3MDMwMzA2MzAxNVowMzExMC8GA1UEAxMoNThENDM1MkI0MTVDNjBGMkFDNDFC MTc1M0FGN0RGRkQxNDgyMzVGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM4Inm3gRBLPU3Bvmf8T5MAZYIq736kUHdoezOgjmPPJ7DN0PNP80w89RmfN BxShQ/29CcS04tbAFd1F3X5u25um9Ik+AaHG8cgzFKQQJNf6GvZ7XiMTbkjQO45v v4w86AosFnMmAysnzYnaTq9WVqOTAqQClOFJ5j61EuYZy6ihWY4ctYmdwnkytArw B6D6R5vDr0MpCyR0c3y63Pvqxft0rdJnxEbZAdMzaDtTIitWyvyx0IEhU3CBgJz/ lyrojJYLi1c60QxNfmccQFfbP0kswaVrsdJa2AEDILN4NB0JFlNdhqkHG5WeX6L6 WgAnuW4VJZias3JXs0sC678sW3kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRY1DUr QVxg8qxBsXU699/9FII19jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rPEwDQYJKoZIhvcNAQELBQADggEBAMnyeTJ7om6NUTq9SRdMAHt40c1S4bApnua4 fdPHxx9A6V2k9YV5a0Qh+VshtHxNkUyGo2jRDeeeDsr0PzcR/YHmKg8l50k6mJUS LOGW/L0E/JvmzVKoXHqYyrNe2KVmZFDq9tLK+waPJahX1v8bjxOadrrV1XIv3T9a rHE7naksAsUdConH3OpxcmM5qspp3PPJgOsmPR45qlrz1MkVDSxj6P6w41fKnC5Y myNu96POd+ctMEZd5y/mCcz6+UJD82E0aoPh5wLvsaeoG5wYuI7LberFCF35gjoO zS/8TuJBPCjIEbqHVv0qCVNzJpURxE1yI7Ea3lqJzeaKHnS/JRM= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:20 2026 by rpki-client