$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145966.roa File: AS145966.roa (raw, json) Hash identifier: IdYNA0tXl+4ekhd+ht4aaeKmfb4J9gI8wJaKVSuGWWQ= Subject key identifier: E6:97:B2:36:05:52:F3:8C:D7:65:93:6C:5E:1E:17:5C:A5:DC:0B:D5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A3ACD938A59BDD77A67149B58D9565F5F46FF67 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145966.roa Signing time: Wed 04 Mar 2026 06:29:42 +0000 ROA not before: Wed 04 Mar 2026 06:24:42 +0000 ROA not after: Wed 03 Mar 2027 06:29:42 +0000 asID: 145966 IP address blocks: 240a:acf4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:3a:cd:93:8a:59:bd:d7:7a:67:14:9b:58:d9:56:5f:5f:46:ff:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:42 2026 GMT Not After : Mar 3 06:29:42 2027 GMT Subject: CN=E697B2360552F38CD765936C5E1E175CA5DC0BD5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ff:26:92:ab:03:6f:5e:a1:a5:6f:32:9f:d1: 4a:b8:ef:73:3d:70:10:df:bd:da:4c:69:8c:f8:cd: b2:85:a6:ce:9a:10:8d:4c:90:18:64:ad:76:53:66: e5:69:6b:6a:5e:e4:70:c5:d8:10:57:8c:4d:6b:cb: 6c:80:d8:84:ac:07:8c:e9:e8:d6:07:ae:61:74:8c: e3:e8:bd:79:a8:5b:f1:18:ac:e5:2b:a0:c0:af:6e: da:d7:1d:49:74:02:1c:a6:71:3d:21:fe:f0:4e:35: d8:b4:1e:2a:25:4c:54:64:32:0f:2a:3a:e3:a6:24: 02:d2:be:e3:9a:9e:7f:92:67:d4:08:60:1c:50:2d: 8f:af:62:ba:c3:b6:f7:99:76:3a:55:93:97:1f:ad: 21:82:2e:b8:9d:36:ec:3a:7c:65:18:fd:51:13:ab: 74:87:e6:c1:cc:66:d0:f8:31:7f:66:8f:72:d5:15: ec:a1:53:28:27:d8:53:f3:1c:35:bc:af:13:65:0a: 7b:ed:b3:25:58:44:8b:78:89:8d:76:bc:7f:de:bd: 69:3f:01:7d:c0:3c:2b:ea:05:de:d4:d3:31:1b:d3: 67:6d:4f:2b:a7:8c:b0:83:52:56:c1:9d:0a:3c:b9: f1:20:75:17:a2:86:34:ea:d8:cd:68:5c:47:d2:00: 02:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:97:B2:36:05:52:F3:8C:D7:65:93:6C:5E:1E:17:5C:A5:DC:0B:D5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145966.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acf4::/32 Signature Algorithm: sha256WithRSAEncryption 0d:c5:2b:b0:d5:38:98:7d:ed:72:21:de:bc:ca:d6:c5:16:4b: ed:b3:cf:be:a1:82:ec:40:b8:7e:31:7f:0f:d1:a7:8b:ac:e2: 02:76:4c:5f:b3:24:08:08:b6:29:ec:71:8a:f4:d7:8c:b8:5c: 9e:84:e9:62:80:18:aa:10:39:4e:95:d8:73:8a:71:ec:df:e4: 5f:5b:e4:c9:b7:29:f9:21:ed:21:3d:56:06:a8:b3:9a:ac:fe: 90:83:8d:f3:8a:2a:a2:39:01:85:03:8e:91:18:ea:0d:24:59: 16:9f:63:04:75:46:53:f6:3f:8e:80:e0:bd:5c:f4:ce:0e:8d: 61:a5:16:86:c3:4f:0f:28:b0:5c:d7:de:9f:2d:7e:ee:63:dc: bb:8e:20:a2:2b:af:7d:01:92:a8:25:79:14:62:ef:35:52:e3: 4d:05:fa:b2:66:87:9b:49:1e:4a:50:05:93:17:be:a0:d1:1f: 23:a5:98:46:1e:15:21:e0:5a:c8:82:4b:12:2f:97:c4:69:8b: f7:2a:83:5d:cb:86:47:00:6c:59:b2:e5:00:5f:4b:1c:37:a0: 98:aa:da:bf:3c:a8:85:20:dd:75:db:6c:c6:63:04:a6:eb:d2: e2:34:ed:d1:7b:f2:fb:02:42:03:e0:a3:1b:97:fa:b8:56:7e: b0:de:66:5c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKjrNk4pZvdd6ZxSbWNlWX19G/2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0MloX DTI3MDMwMzA2Mjk0MlowMzExMC8GA1UEAxMoRTY5N0IyMzYwNTUyRjM4Q0Q3NjU5 MzZDNUUxRTE3NUNBNURDMEJENTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMT/JpKrA29eoaVvMp/RSrjvcz1wEN+92kxpjPjNsoWmzpoQjUyQGGStdlNm 5Wlral7kcMXYEFeMTWvLbIDYhKwHjOno1geuYXSM4+i9eahb8Ris5SugwK9u2tcd SXQCHKZxPSH+8E412LQeKiVMVGQyDyo646YkAtK+45qef5Jn1AhgHFAtj69iusO2 95l2OlWTlx+tIYIuuJ027Dp8ZRj9UROrdIfmwcxm0Pgxf2aPctUV7KFTKCfYU/Mc NbyvE2UKe+2zJVhEi3iJjXa8f969aT8BfcA8K+oF3tTTMRvTZ21PK6eMsINSVsGd Cjy58SB1F6KGNOrYzWhcR9IAAnsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTml7I2 BVLzjNdlk2xeHhdcpdwL1TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk2Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rPQwDQYJKoZIhvcNAQELBQADggEBAA3FK7DVOJh97XIh3rzK1sUWS+2zz76hguxA uH4xfw/Rp4us4gJ2TF+zJAgItinscYr014y4XJ6E6WKAGKoQOU6V2HOKcezf5F9b 5Mm3Kfkh7SE9Vgaos5qs/pCDjfOKKqI5AYUDjpEY6g0kWRafYwR1RlP2P46A4L1c 9M4OjWGlFobDTw8osFzX3p8tfu5j3LuOIKIrr30BkqgleRRi7zVS400F+rJmh5tJ HkpQBZMXvqDRHyOlmEYeFSHgWsiCSxIvl8Rpi/cqg13LhkcAbFmy5QBfSxw3oJiq 2r88qIUg3XXbbMZjBKbr0uI07dF78vsCQgPgoxuX+rhWfrDeZlw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:58 2026 by rpki-client