$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145011.roa File: AS145011.roa (raw, json) Hash identifier: ubHp/G0yAQb9Jjb69+/SUYrldkCPylbw+24LPEkRTuI= Subject key identifier: 2A:02:B5:DD:8B:1D:0A:5F:13:5A:27:3F:32:6F:57:75:96:E2:BC:7D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 16F100F3AA460DE176D417F0296B1417880B2AB2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145011.roa Signing time: Wed 04 Mar 2026 06:20:59 +0000 ROA not before: Wed 04 Mar 2026 06:15:59 +0000 ROA not after: Wed 03 Mar 2027 06:20:59 +0000 asID: 145011 IP address blocks: 240a:a939::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:f1:00:f3:aa:46:0d:e1:76:d4:17:f0:29:6b:14:17:88:0b:2a:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:59 2026 GMT Not After : Mar 3 06:20:59 2027 GMT Subject: CN=2A02B5DD8B1D0A5F135A273F326F577596E2BC7D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:84:5a:8a:ae:f0:97:5a:03:b6:27:a6:8f:88: 84:9c:fc:2f:cc:c8:8b:9b:ac:14:4e:61:52:2f:9e: b0:d9:81:b3:cf:08:ee:e4:b8:07:b2:69:62:14:66: c8:02:f9:0c:2d:3e:30:f0:57:9d:d3:fa:c8:e3:a0: 27:63:52:23:98:46:86:e8:d8:a0:6a:3b:49:78:ab: 42:60:51:09:38:21:59:5b:35:54:33:e3:49:98:05: 86:1d:fe:66:c7:c2:d3:97:83:7e:02:2e:7a:a5:8f: 41:fb:47:42:23:9c:46:0e:39:31:13:80:25:62:5d: 7c:74:f1:58:36:5c:39:4b:84:a7:9a:c7:3e:2d:0b: 6c:30:03:db:45:fd:c8:02:49:7d:45:6f:f1:aa:8f: 81:d0:e3:11:0e:c6:93:f4:2a:54:f6:aa:b3:0a:02: 68:b0:a0:87:46:e6:24:f6:cb:86:16:c5:45:69:c0: 8f:35:b1:1a:06:47:c4:1e:b2:68:b6:20:3a:bd:fd: 5e:c9:49:c3:a3:a4:11:ad:e3:b2:c1:30:f9:dd:4d: 5d:77:52:c6:e6:96:35:65:e0:e2:71:79:12:54:be: ce:89:c6:36:c1:9c:aa:90:95:a9:ff:cb:0d:8a:97: c7:f6:dc:9f:c1:dd:83:76:57:52:09:70:ed:dc:e5: b6:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:02:B5:DD:8B:1D:0A:5F:13:5A:27:3F:32:6F:57:75:96:E2:BC:7D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145011.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a939::/32 Signature Algorithm: sha256WithRSAEncryption 7f:87:0e:af:84:91:ed:87:02:62:75:70:09:25:5c:f8:26:92: 5f:50:27:1b:64:84:10:df:30:7f:5e:83:97:87:ea:a2:d7:13: 28:5f:ed:ee:e9:da:50:ea:64:ff:79:ef:cf:5d:cd:1a:47:17: c5:e4:f7:47:14:01:49:c8:07:36:dd:9d:96:eb:9e:3e:98:25: 2f:39:87:30:78:6a:12:57:d2:01:20:c6:6e:f4:bd:6b:cd:c8: 67:64:e1:d2:f7:e2:61:d9:17:17:69:c6:92:53:05:c9:be:8c: 05:5f:b9:72:4b:40:7b:ac:52:f3:32:23:0d:f9:67:ad:f1:8d: 03:fe:6a:da:fe:7a:3d:cc:3e:55:c1:8a:7d:36:4b:fb:23:30: f4:b2:5c:2d:db:07:2b:e4:78:8c:86:6d:8c:e9:08:66:db:7d: cc:b1:07:a4:99:a3:b5:8b:68:7e:56:33:94:53:8a:47:f7:c1: 96:23:d8:69:ed:7d:85:61:49:ed:c5:8f:8e:47:7f:42:44:6c: 1a:59:c9:03:60:90:13:9b:88:41:ff:2d:54:4c:55:07:87:33: d8:c2:fe:88:ae:dd:35:92:36:45:35:d4:ce:e4:b5:d6:5f:a1: 4b:5c:db:7c:50:b0:f9:fb:f1:60:18:6e:50:d8:56:89:c3:ad: 3a:5b:c1:41 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFvEA86pGDeF21BfwKWsUF4gLKrIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1OVoX DTI3MDMwMzA2MjA1OVowMzExMC8GA1UEAxMoMkEwMkI1REQ4QjFEMEE1RjEzNUEy NzNGMzI2RjU3NzU5NkUyQkM3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKOEWoqu8JdaA7Ynpo+IhJz8L8zIi5usFE5hUi+esNmBs88I7uS4B7JpYhRm yAL5DC0+MPBXndP6yOOgJ2NSI5hGhujYoGo7SXirQmBRCTghWVs1VDPjSZgFhh3+ ZsfC05eDfgIueqWPQftHQiOcRg45MROAJWJdfHTxWDZcOUuEp5rHPi0LbDAD20X9 yAJJfUVv8aqPgdDjEQ7Gk/QqVPaqswoCaLCgh0bmJPbLhhbFRWnAjzWxGgZHxB6y aLYgOr39XslJw6OkEa3jssEw+d1NXXdSxuaWNWXg4nF5ElS+zonGNsGcqpCVqf/L DYqXx/bcn8Hdg3ZXUglw7dzltrcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQqArXd ix0KXxNaJz8yb1d1luK8fTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qTkwDQYJKoZIhvcNAQELBQADggEBAH+HDq+Eke2HAmJ1cAklXPgmkl9QJxtkhBDf MH9eg5eH6qLXEyhf7e7p2lDqZP95789dzRpHF8Xk90cUAUnIBzbdnZbrnj6YJS85 hzB4ahJX0gEgxm70vWvNyGdk4dL34mHZFxdpxpJTBcm+jAVfuXJLQHusUvMyIw35 Z63xjQP+atr+ej3MPlXBin02S/sjMPSyXC3bByvkeIyGbYzpCGbbfcyxB6SZo7WL aH5WM5RTikf3wZYj2GntfYVhSe3Fj45Hf0JEbBpZyQNgkBObiEH/LVRMVQeHM9jC /oiu3TWSNkU11M7ktdZfoUtc23xQsPn78WAYblDYVonDrTpbwUE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:06 2026 by rpki-client