$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/323430613a613830313a3a2f33322d3332203d3e20313434363939.roa File: 323430613a613830313a3a2f33322d3332203d3e20313434363939.roa (raw, json) Hash identifier: 1vj2fuUx3x8Yl21f0nLV9naTjqZZ757HzKdRzdMrJak= Subject key identifier: 76:C5:DF:DC:0B:C6:D8:C5:37:33:D3:0E:42:66:1D:0E:CB:7F:14:37 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 5A9A842761F97C5694AE3E2511D56B6BB2F3F004 Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/323430613a613830313a3a2f33322d3332203d3e20313434363939.roa Signing time: Wed 15 Oct 2025 07:26:27 +0000 ROA not before: Wed 15 Oct 2025 07:21:27 +0000 ROA not after: Wed 14 Oct 2026 07:26:27 +0000 asID: 144699 IP address blocks: 240a:a801::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:44:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:9a:84:27:61:f9:7c:56:94:ae:3e:25:11:d5:6b:6b:b2:f3:f0:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Oct 15 07:21:27 2025 GMT Not After : Oct 14 07:26:27 2026 GMT Subject: CN=76C5DFDC0BC6D8C53733D30E42661D0ECB7F1437 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:34:05:30:61:2c:82:3a:b8:d9:06:62:5e:3a: f6:c4:73:9b:0f:41:b4:5f:03:67:b7:aa:79:9d:a7: c0:58:f6:d9:11:1b:84:85:3c:02:2d:5b:44:1e:8f: 29:f9:5e:3b:00:54:c6:eb:e5:86:75:ee:47:20:5b: 78:04:08:79:fe:33:fb:e1:a5:26:cc:77:0b:86:10: 05:58:25:70:27:d8:27:df:2d:53:df:d5:b0:61:24: 19:eb:af:03:e6:c7:96:6d:62:e0:0c:b2:4b:7a:fd: 9f:e8:6b:c2:d2:af:37:34:65:ce:d6:da:da:7d:5d: b3:65:f1:99:c9:de:3b:21:9f:ce:f8:61:e5:24:b1: 59:55:40:25:a6:48:61:26:ff:3a:26:f2:7d:94:69: 8b:2b:40:3b:eb:8f:c9:1c:41:d9:57:42:c1:01:61: 91:40:8b:6a:90:7f:ee:61:60:73:36:b9:3d:2e:15: 9d:9d:c6:00:70:6f:18:f6:dd:98:73:0e:96:90:11: e4:0b:34:de:a6:bf:5d:f9:e4:cb:37:a4:97:1f:5a: 26:48:00:e5:d5:cf:a1:62:a9:16:7f:9b:06:91:95: 00:35:7a:0e:1d:96:8b:0b:71:ff:df:fe:f8:42:7a: ec:1d:12:f4:a9:60:47:6c:9c:d6:da:74:63:fd:e0: 92:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:C5:DF:DC:0B:C6:D8:C5:37:33:D3:0E:42:66:1D:0E:CB:7F:14:37 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/323430613a613830313a3a2f33322d3332203d3e20313434363939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a801::/32 Signature Algorithm: sha256WithRSAEncryption 05:a4:19:58:fc:80:3e:cc:f5:ae:44:6a:0f:d7:d1:da:a6:d8: 89:6f:48:91:b3:80:81:10:f6:41:9d:a4:eb:33:9b:60:89:e6: 7e:b8:33:05:10:d7:a2:9f:c4:30:e7:d3:82:91:d1:66:78:e4: a2:2a:87:3b:68:77:56:46:b4:fa:30:61:3d:99:b4:23:c7:e6: c4:74:a9:7c:98:86:72:30:ad:00:89:56:60:6d:b5:dd:c6:14: cb:36:f9:25:64:3f:bc:67:2b:e7:3b:bb:e8:67:bb:8f:95:94: 79:4b:1d:ab:e8:a0:51:ad:79:3b:c3:a0:4e:47:0c:4d:e3:44: 3f:99:8e:d0:af:04:c4:14:1e:0a:5c:e0:29:a8:4c:5e:08:66: 0a:c0:8c:b9:94:46:c7:4b:06:c5:b2:53:67:ab:42:3d:d0:77: 03:c7:44:af:11:ac:5f:0a:4c:4a:32:da:47:8f:87:c5:87:d1: 77:eb:1c:53:94:74:df:89:08:1e:e7:56:5e:d1:05:e9:72:97: 1a:94:1d:13:70:d8:5a:33:2a:9f:c6:7b:ee:2d:f4:3c:92:6f: 2d:65:4b:12:05:75:5a:e2:42:88:47:98:d7:0b:23:f2:0c:db: ae:cd:2f:66:4c:6f:8c:72:09:16:fe:4d:2e:b2:48:64:15:1f: 1a:83:4d:a9 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgIUWpqEJ2H5fFaUrj4lEdVra7Lz8AQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTAxNTA3MjEyN1oX DTI2MTAxNDA3MjYyN1owMzExMC8GA1UEAxMoNzZDNURGREMwQkM2RDhDNTM3MzNE MzBFNDI2NjFEMEVDQjdGMTQzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIY0BTBhLII6uNkGYl469sRzmw9BtF8DZ7eqeZ2nwFj22REbhIU8Ai1bRB6P KfleOwBUxuvlhnXuRyBbeAQIef4z++GlJsx3C4YQBVglcCfYJ98tU9/VsGEkGeuv A+bHlm1i4AyyS3r9n+hrwtKvNzRlztba2n1ds2XxmcneOyGfzvhh5SSxWVVAJaZI YSb/OibyfZRpiytAO+uPyRxB2VdCwQFhkUCLapB/7mFgcza5PS4VnZ3GAHBvGPbd mHMOlpAR5As03qa/Xfnkyzeklx9aJkgA5dXPoWKpFn+bBpGVADV6Dh2Wiwtx/9/+ +EJ67B0S9KlgR2yc1tp0Y/3gkk8CAwEAAaOCAfMwggHvMB0GA1UdDgQWBBR2xd/c C8bYxTcz0w5CZh0Oy38UNzAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyMHwGCCsGAQUFBwELBHAwbjBsBggrBgEFBQcwC4ZgcnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8zMjM0MzA2MTNhNjEzODMwMzEzYTNh MmYzMzMyMmQzMzMyMjAzZDNlMjAzMTM0MzQzNjM5Mzkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkCqgB MA0GCSqGSIb3DQEBCwUAA4IBAQAFpBlY/IA+zPWuRGoP19HaptiJb0iRs4CBEPZB naTrM5tgieZ+uDMFENein8Qw59OCkdFmeOSiKoc7aHdWRrT6MGE9mbQjx+bEdKl8 mIZyMK0AiVZgbbXdxhTLNvklZD+8ZyvnO7voZ7uPlZR5Sx2r6KBRrXk7w6BORwxN 40Q/mY7QrwTEFB4KXOApqExeCGYKwIy5lEbHSwbFslNnq0I90HcDx0SvEaxfCkxK MtpHj4fFh9F36xxTlHTfiQge51Ze0QXpcpcalB0TcNhaMyqfxnvuLfQ8km8tZUsS BXVa4kKIR5jXCyPyDNuuzS9mTG+McgkW/k0uskhkFR8ag02p -----END CERTIFICATE-----Generated at Wed Nov 5 11:30:35 2025 by rpki-client