$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145024.roa File: AS145024.roa (raw, json) Hash identifier: T8Ncdq8M7wda0SQPboIlaqLjmmpWADYtzP9fleyCcjs= Subject key identifier: D9:27:79:B6:3D:30:7A:92:99:A3:78:64:4C:24:43:B2:43:6F:D8:30 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 78E912E516FC74347A8D1EDCD9CBE995B0294F9E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145024.roa Signing time: Wed 04 Mar 2026 06:22:37 +0000 ROA not before: Wed 04 Mar 2026 06:17:37 +0000 ROA not after: Wed 03 Mar 2027 06:22:37 +0000 asID: 145024 IP address blocks: 240a:a946::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:e9:12:e5:16:fc:74:34:7a:8d:1e:dc:d9:cb:e9:95:b0:29:4f:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:37 2026 GMT Not After : Mar 3 06:22:37 2027 GMT Subject: CN=D92779B63D307A9299A378644C2443B2436FD830 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:94:68:02:cd:a9:c6:f6:1e:a6:36:37:42:ed: 61:a8:a7:64:43:30:4c:06:2f:84:2b:75:3b:c1:a7: 1a:8a:71:83:b1:f2:ce:ce:13:fa:8a:5c:88:b4:0f: 18:c6:0d:bb:dd:d5:8f:98:3f:f7:3a:96:91:e9:2e: a0:ae:05:2f:a5:a2:58:77:ef:ae:63:54:d8:9b:be: 46:e1:e7:f6:6c:58:6b:42:44:d3:ef:cd:9b:37:e1: ca:23:35:bb:ee:9a:9e:e6:ce:a0:2c:52:a7:3a:10: 5e:1f:26:71:45:e1:e5:ba:99:95:f4:ae:c8:a4:49: 62:4c:18:38:15:47:26:da:59:25:af:fe:71:0a:a6: de:d3:71:a6:f6:be:e4:41:0d:86:44:57:1a:e7:eb: 58:a8:6e:51:3a:d0:04:2c:ef:cb:14:71:95:26:80: 9f:68:cc:f1:f6:09:0a:92:97:f4:2c:9a:be:35:45: c2:0a:0e:22:43:e7:0b:02:d4:75:db:8f:d4:e7:25: ee:e1:16:13:7b:f0:ea:cc:ce:04:62:04:14:5a:a6: 23:66:14:01:23:14:ae:35:df:27:aa:75:92:32:54: 9a:e3:6d:28:76:d0:7d:e3:e3:4d:26:47:51:d2:ee: 8f:2c:91:06:ac:4f:81:84:78:84:f7:61:55:9b:18: d5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:27:79:B6:3D:30:7A:92:99:A3:78:64:4C:24:43:B2:43:6F:D8:30 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145024.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a946::/32 Signature Algorithm: sha256WithRSAEncryption 14:b1:70:24:40:c5:c3:b1:79:39:7f:17:b0:5e:c3:9f:6d:a8: 64:66:43:1e:93:71:10:5f:b7:8c:d0:b0:2c:37:da:e9:7c:33: 8d:9c:72:f1:40:63:a9:a6:4b:e8:65:b1:92:81:ae:e5:64:d4: 57:2c:59:55:67:28:42:3c:a4:c2:7d:ba:ec:d9:5a:b0:ec:c8: 52:49:ff:f9:9e:44:52:81:f3:16:7d:1a:61:26:ad:75:51:d4: aa:cd:53:a9:2e:92:c2:01:cc:72:0f:cd:75:74:3d:92:ff:5a: 23:06:82:7f:75:49:a4:05:71:ec:3b:7d:a4:82:0b:9c:87:50: 01:da:47:f6:08:f1:69:b1:3c:f5:ab:81:07:07:c2:ad:92:d0: f2:27:bd:25:bf:1c:1a:e0:3b:2b:d8:de:9a:50:e0:a2:ea:98: 24:89:f4:44:f8:22:7a:ca:95:71:e4:23:6b:f9:2f:73:e9:b4: c2:46:56:fb:32:e0:09:52:69:4f:8c:f5:69:fc:cc:31:a0:e1: 12:f8:56:d0:91:47:99:ce:2d:8e:25:e0:0b:c1:a8:4c:19:71: d7:dd:39:87:a6:7b:c6:61:69:b6:be:ad:a7:63:df:31:fe:af: 5c:ed:0a:4f:7c:fa:a6:b6:be:8c:1e:e8:ad:39:5e:04:40:47: a6:b5:10:f2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeOkS5Rb8dDR6jR7c2cvplbApT54wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczN1oX DTI3MDMwMzA2MjIzN1owMzExMC8GA1UEAxMoRDkyNzc5QjYzRDMwN0E5Mjk5QTM3 ODY0NEMyNDQzQjI0MzZGRDgzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJeUaALNqcb2HqY2N0LtYainZEMwTAYvhCt1O8GnGopxg7Hyzs4T+opciLQP GMYNu93Vj5g/9zqWkekuoK4FL6WiWHfvrmNU2Ju+RuHn9mxYa0JE0+/NmzfhyiM1 u+6anubOoCxSpzoQXh8mcUXh5bqZlfSuyKRJYkwYOBVHJtpZJa/+cQqm3tNxpva+ 5EENhkRXGufrWKhuUTrQBCzvyxRxlSaAn2jM8fYJCpKX9CyavjVFwgoOIkPnCwLU dduP1Ocl7uEWE3vw6szOBGIEFFqmI2YUASMUrjXfJ6p1kjJUmuNtKHbQfePjTSZH UdLujyyRBqxPgYR4hPdhVZsY1ZECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTZJ3m2 PTB6kpmjeGRMJEOyQ2/YMDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qUYwDQYJKoZIhvcNAQELBQADggEBABSxcCRAxcOxeTl/F7Bew59tqGRmQx6TcRBf t4zQsCw32ul8M42ccvFAY6mmS+hlsZKBruVk1FcsWVVnKEI8pMJ9uuzZWrDsyFJJ //meRFKB8xZ9GmEmrXVR1KrNU6kuksIBzHIPzXV0PZL/WiMGgn91SaQFcew7faSC C5yHUAHaR/YI8WmxPPWrgQcHwq2S0PInvSW/HBrgOyvY3ppQ4KLqmCSJ9ET4InrK lXHkI2v5L3PptMJGVvsy4AlSaU+M9Wn8zDGg4RL4VtCRR5nOLY4l4AvBqEwZcdfd OYeme8Zhaba+radj3zH+r1ztCk98+qa2vowe6K05XgRAR6a1EPI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:07 2026 by rpki-client