$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145023.roa File: AS145023.roa (raw, json) Hash identifier: 37Bg/FSnZNY5Eg4Lo9ccxipPGf/y8Yara5oBLsNZnn4= Subject key identifier: E0:E7:B7:15:ED:4C:18:85:74:0F:17:81:2C:23:6F:D2:72:2D:13:23 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7D91C55F87CF35013761A3998A50728958539AC0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145023.roa Signing time: Wed 04 Mar 2026 06:21:43 +0000 ROA not before: Wed 04 Mar 2026 06:16:43 +0000 ROA not after: Wed 03 Mar 2027 06:21:43 +0000 asID: 145023 IP address blocks: 240a:a945::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:91:c5:5f:87:cf:35:01:37:61:a3:99:8a:50:72:89:58:53:9a:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:43 2026 GMT Not After : Mar 3 06:21:43 2027 GMT Subject: CN=E0E7B715ED4C1885740F17812C236FD2722D1323 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:1f:bf:6c:ab:55:63:e8:b8:95:f9:3b:81:e1: d6:0b:ae:ff:89:58:a7:61:fc:02:fc:0d:b9:48:f0: 04:b6:e5:f5:97:97:91:31:28:af:84:a7:2c:f2:02: 18:13:f6:d9:21:91:da:69:26:a1:6b:71:06:91:98: a9:f8:05:61:9c:e5:e8:70:27:ad:5e:3c:83:f1:9f: 77:65:bd:79:ec:a0:44:10:a8:21:ad:9f:bc:1e:a3: 78:59:87:9a:1e:6a:8f:08:20:9c:28:6e:c0:ca:60: 66:89:7a:fa:be:bb:e3:0f:91:11:aa:53:55:15:08: 89:d8:93:6b:3e:b9:8a:ee:65:ac:c8:41:d8:ad:a0: 8b:d9:a8:40:ae:6c:52:fb:c9:21:65:80:fc:f2:78: 45:89:3e:4e:52:0f:75:d0:ed:71:4f:b7:c9:cf:b2: 71:22:26:a5:16:af:74:0d:7e:1f:74:13:b6:b8:0f: e5:20:d9:ae:e0:7c:be:91:32:b4:42:d1:92:cb:48: 02:f0:f1:a9:f2:99:bf:ce:a1:17:2e:0e:09:3e:34: 31:14:32:14:ca:fa:03:2f:6c:6c:0a:d1:68:bf:7e: cc:7b:7f:7e:7a:03:8b:c0:00:00:f2:f8:f0:f3:b8: 48:7b:eb:76:67:ba:e7:63:b3:ba:54:0a:1b:49:5c: 86:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:E7:B7:15:ED:4C:18:85:74:0F:17:81:2C:23:6F:D2:72:2D:13:23 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145023.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a945::/32 Signature Algorithm: sha256WithRSAEncryption 83:36:89:39:4c:50:2f:af:fb:2a:26:ae:29:ab:67:41:f5:75: e3:14:29:82:83:69:57:8c:57:2d:e6:c4:12:a2:7e:18:2f:39: 21:e2:cc:f2:db:5e:2c:1f:48:b5:b1:76:dd:a7:cf:a4:87:2e: 2d:94:0a:26:cb:3b:25:66:d8:8d:3e:c7:d3:46:b1:36:c8:19: 4d:ef:3d:df:c0:6a:aa:47:a9:41:ac:68:87:3e:2b:35:a2:65: ae:f7:c5:09:89:8d:1f:b3:f2:aa:82:57:f0:64:4a:a6:72:0b: fc:2f:07:60:ee:ec:58:2b:f6:d4:88:e4:6d:bf:0d:f9:0c:5a: eb:db:96:14:ff:06:d8:14:7c:82:0a:a0:19:01:40:37:97:a8: 93:8a:ed:06:5d:e2:a1:85:ff:3e:a7:12:72:f3:ad:ef:68:26: f9:71:55:80:54:87:82:ca:54:b5:6a:35:21:d4:8c:cb:3e:06: 6c:34:ef:5f:c2:97:e5:c3:03:06:3c:e8:64:86:64:ec:45:14: 14:5a:33:8e:6c:b0:70:11:17:c1:51:0b:87:3b:72:7e:65:63: cb:bd:92:c7:1d:76:aa:46:74:72:d6:18:72:83:9b:30:27:0b: 0a:88:3d:29:f6:9e:a5:e7:cd:f5:0b:e3:66:42:52:1b:37:6f: 09:ee:87:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfZHFX4fPNQE3YaOZilByiVhTmsAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0M1oX DTI3MDMwMzA2MjE0M1owMzExMC8GA1UEAxMoRTBFN0I3MTVFRDRDMTg4NTc0MEYx NzgxMkMyMzZGRDI3MjJEMTMyMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPAfv2yrVWPouJX5O4Hh1guu/4lYp2H8AvwNuUjwBLbl9ZeXkTEor4SnLPIC GBP22SGR2mkmoWtxBpGYqfgFYZzl6HAnrV48g/Gfd2W9eeygRBCoIa2fvB6jeFmH mh5qjwggnChuwMpgZol6+r674w+REapTVRUIidiTaz65iu5lrMhB2K2gi9moQK5s UvvJIWWA/PJ4RYk+TlIPddDtcU+3yc+ycSImpRavdA1+H3QTtrgP5SDZruB8vpEy tELRkstIAvDxqfKZv86hFy4OCT40MRQyFMr6Ay9sbArRaL9+zHt/fnoDi8AAAPL4 8PO4SHvrdme652OzulQKG0lchmsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTg57cV 7UwYhXQPF4EsI2/Sci0TIzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qUUwDQYJKoZIhvcNAQELBQADggEBAIM2iTlMUC+v+yomrimrZ0H1deMUKYKDaVeM Vy3mxBKifhgvOSHizPLbXiwfSLWxdt2nz6SHLi2UCibLOyVm2I0+x9NGsTbIGU3v Pd/AaqpHqUGsaIc+KzWiZa73xQmJjR+z8qqCV/BkSqZyC/wvB2Du7Fgr9tSI5G2/ DfkMWuvblhT/BtgUfIIKoBkBQDeXqJOK7QZd4qGF/z6nEnLzre9oJvlxVYBUh4LK VLVqNSHUjMs+Bmw071/Cl+XDAwY86GSGZOxFFBRaM45ssHARF8FRC4c7cn5lY8u9 kscddqpGdHLWGHKDmzAnCwqIPSn2nqXnzfUL42ZCUhs3bwnuhyk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:48 2026 by rpki-client