$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145008.roa File: AS145008.roa (raw, json) Hash identifier: H5GCUsk+xP+KQmlp6VbIPm00h/X3L31KYruLRpF4Qrg= Subject key identifier: 7E:BF:C8:51:88:52:71:66:56:7C:BB:4E:22:97:31:FB:30:5A:79:FB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 54A871D8CA34E47A07B1E7EFB71BCCE3ADF41262 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145008.roa Signing time: Wed 04 Mar 2026 06:19:37 +0000 ROA not before: Wed 04 Mar 2026 06:14:37 +0000 ROA not after: Wed 03 Mar 2027 06:19:37 +0000 asID: 145008 IP address blocks: 240a:a936::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:a8:71:d8:ca:34:e4:7a:07:b1:e7:ef:b7:1b:cc:e3:ad:f4:12:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:37 2026 GMT Not After : Mar 3 06:19:37 2027 GMT Subject: CN=7EBFC85188527166567CBB4E229731FB305A79FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3e:3c:39:ac:91:7e:e1:cc:d1:9c:7a:68:a4: 27:ac:31:6d:b3:94:db:06:45:43:33:1b:32:ee:24: 8c:ab:1c:5a:71:99:f2:15:e7:f6:06:32:54:4a:3c: a0:47:be:67:74:ff:b3:f7:88:24:fa:28:5e:95:47: a1:b2:33:e8:31:41:10:4e:9c:fb:42:a2:ad:96:64: 6e:7c:9b:8b:70:dc:7c:80:fd:9b:8c:3c:60:7a:8f: 44:b8:6e:1a:f1:c9:91:30:7d:cf:03:6c:35:1f:66: e4:3e:43:ae:b7:42:9c:10:3d:96:8a:a1:a9:15:4e: 0b:f3:41:96:dd:21:d0:ff:ac:9a:fe:bd:6c:93:a6: 53:84:0b:2b:5a:fe:ff:38:c8:96:8c:7f:5e:49:bd: 07:20:61:56:1a:fe:be:16:aa:d9:d5:46:0a:a8:15: 9b:0c:0b:95:53:5d:54:2b:1a:90:54:e1:b7:48:dc: 41:96:46:65:21:96:82:50:2e:ea:ea:80:f7:52:cf: cd:ff:42:e0:b0:3c:b9:bb:db:0b:84:06:11:8a:15: 2d:09:bc:d3:0b:bd:b0:9a:3c:2b:e3:7f:95:b6:c4: 6b:4c:d1:f4:bb:72:02:ae:7c:ba:81:7f:ad:cc:58: 68:11:cb:3a:15:58:6b:eb:98:ff:ad:fe:6d:08:4e: 97:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:BF:C8:51:88:52:71:66:56:7C:BB:4E:22:97:31:FB:30:5A:79:FB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145008.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a936::/32 Signature Algorithm: sha256WithRSAEncryption 01:fd:6f:5c:e5:3f:bf:50:68:83:18:41:15:c3:cb:fb:90:c6: e8:10:0d:da:22:17:51:ff:52:53:97:55:f3:5f:85:78:1f:b1: 7a:a8:32:b3:7f:7d:72:5c:2c:21:f6:68:0b:83:1e:7d:75:93: 6f:3f:e3:3f:fa:77:99:21:7a:16:f1:10:38:54:d5:7e:ab:de: 51:94:8f:20:57:9c:50:88:90:22:d0:57:18:56:bb:13:b4:32: 9d:f3:37:9e:8c:89:ee:3a:ee:7c:f4:02:71:c9:b2:bd:db:a4: 71:e7:da:16:17:28:75:58:12:e0:63:fb:5a:9d:73:a5:35:59: 95:c9:76:08:02:d7:2e:46:c3:11:da:98:ef:9e:66:b7:87:e7: 80:8b:38:dd:cc:d6:2c:58:71:a1:3c:ac:89:09:40:50:10:64: 97:29:7b:fc:e3:dc:5e:f7:d3:a5:ea:86:95:4d:ee:f0:30:a4: f8:b8:9e:b9:57:78:75:10:7c:b6:9d:1f:4b:27:3f:09:ee:f4: 83:e6:3c:ec:a4:73:10:23:4a:62:1c:6d:47:ef:6e:c9:a5:26: f1:95:f5:46:c5:53:7c:0a:5c:62:4e:9b:6a:65:78:28:ce:60: 07:ce:0f:fd:17:6d:be:d6:23:cd:b4:30:bd:44:d6:47:59:bd: 82:22:e3:e5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVKhx2Mo05HoHsefvtxvM4630EmIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzN1oX DTI3MDMwMzA2MTkzN1owMzExMC8GA1UEAxMoN0VCRkM4NTE4ODUyNzE2NjU2N0NC QjRFMjI5NzMxRkIzMDVBNzlGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0+PDmskX7hzNGcemikJ6wxbbOU2wZFQzMbMu4kjKscWnGZ8hXn9gYyVEo8 oEe+Z3T/s/eIJPooXpVHobIz6DFBEE6c+0KirZZkbnybi3DcfID9m4w8YHqPRLhu GvHJkTB9zwNsNR9m5D5DrrdCnBA9loqhqRVOC/NBlt0h0P+smv69bJOmU4QLK1r+ /zjIlox/Xkm9ByBhVhr+vhaq2dVGCqgVmwwLlVNdVCsakFTht0jcQZZGZSGWglAu 6uqA91LPzf9C4LA8ubvbC4QGEYoVLQm80wu9sJo8K+N/lbbEa0zR9LtyAq58uoF/ rcxYaBHLOhVYa+uY/63+bQhOl00CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR+v8hR iFJxZlZ8u04ilzH7MFp5+zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qTYwDQYJKoZIhvcNAQELBQADggEBAAH9b1zlP79QaIMYQRXDy/uQxugQDdoiF1H/ UlOXVfNfhXgfsXqoMrN/fXJcLCH2aAuDHn11k28/4z/6d5khehbxEDhU1X6r3lGU jyBXnFCIkCLQVxhWuxO0Mp3zN56Mie467nz0AnHJsr3bpHHn2hYXKHVYEuBj+1qd c6U1WZXJdggC1y5GwxHamO+eZreH54CLON3M1ixYcaE8rIkJQFAQZJcpe/zj3F73 06XqhpVN7vAwpPi4nrlXeHUQfLadH0snPwnu9IPmPOykcxAjSmIcbUfvbsmlJvGV 9UbFU3wKXGJOm2pleCjOYAfOD/0Xbb7WI820ML1E1kdZvYIi4+U= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:31 2026 by rpki-client