$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145027.roa File: AS145027.roa (raw, json) Hash identifier: KG+WnQ0CHcaEVqW/h2pBXO+77TRuwfigBgrvG1uL4SA= Subject key identifier: 86:92:BA:6C:43:06:0F:C7:DD:6A:65:A8:D1:1D:35:7D:2E:BA:E5:F5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0E6922F92BEFFA06DB4EDF1F7232B2E9F0235A69 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145027.roa Signing time: Wed 04 Mar 2026 06:19:21 +0000 ROA not before: Wed 04 Mar 2026 06:14:21 +0000 ROA not after: Wed 03 Mar 2027 06:19:21 +0000 asID: 145027 IP address blocks: 240a:a949::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:69:22:f9:2b:ef:fa:06:db:4e:df:1f:72:32:b2:e9:f0:23:5a:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:21 2026 GMT Not After : Mar 3 06:19:21 2027 GMT Subject: CN=8692BA6C43060FC7DD6A65A8D11D357D2EBAE5F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:54:2c:63:9b:80:4d:f3:36:08:b8:12:46:58: 58:e2:f8:92:cc:e8:51:6a:b1:4d:8e:f0:03:e2:b7: dc:f3:81:53:81:a5:3f:4b:de:04:5d:bd:a7:eb:c8: ce:f5:b9:6f:80:a6:8a:2a:8a:f8:39:d9:59:91:4c: 6a:4f:c3:01:4f:d8:ae:77:4b:49:94:b3:19:64:8e: 26:07:9d:a8:21:c5:bf:44:07:ce:50:e2:c0:9d:7a: 08:3c:b0:9e:00:0e:d9:f9:f7:71:ea:a8:b5:a1:a0: be:b8:e2:25:a0:da:cd:ab:47:a2:49:f4:74:1c:30: e8:8e:e4:d7:1b:53:2e:96:91:54:08:ba:ab:cc:2b: b3:06:db:a4:62:34:42:b9:f4:78:5f:7b:f0:96:8b: 97:56:b0:75:cc:db:40:3f:38:47:3e:cb:08:dc:df: 98:b5:1a:25:56:98:fc:ad:56:1c:67:89:79:69:f8: e0:37:fa:37:07:9f:4b:6f:02:fb:7e:a7:ab:c9:d9: f1:fb:6c:73:a3:df:9c:38:21:78:e7:14:31:71:48: ee:49:96:01:7c:31:9f:33:1d:f4:2d:d3:cc:16:91: be:2d:a6:84:4e:6f:38:ae:fb:1f:95:04:a8:73:3c: 20:95:83:48:14:57:f8:51:72:71:6b:df:27:cd:98: 96:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:92:BA:6C:43:06:0F:C7:DD:6A:65:A8:D1:1D:35:7D:2E:BA:E5:F5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145027.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a949::/32 Signature Algorithm: sha256WithRSAEncryption d7:b2:12:40:1f:f8:09:48:10:67:86:e1:31:5f:0f:c0:ae:f5: fa:20:45:06:cb:52:40:8c:eb:30:78:6d:52:1c:d3:b5:ed:9f: 7e:9e:16:be:e0:5b:c4:69:b6:ef:ec:23:cb:68:9f:fa:d8:91: fe:4e:4a:88:70:49:2b:3f:b1:76:7d:9c:16:27:7a:19:7f:30: 04:96:e1:8e:48:b6:cc:16:a8:7a:00:1b:c7:f8:ac:02:28:fc: 18:af:23:17:3d:88:21:64:df:fa:03:82:f9:4e:f7:f7:dd:b7: 63:8c:fa:42:84:d6:e3:eb:44:b6:29:88:4f:7d:b7:9e:51:44: 7b:18:be:c3:bc:e7:69:32:58:09:44:62:bd:0f:56:5c:bc:1c: 8c:0d:4d:80:29:18:c3:2d:f9:c8:ec:b5:bb:26:3a:6d:66:f3: 39:92:ab:d8:9b:68:07:48:dc:39:56:59:b0:bc:2b:84:99:38: e3:f3:41:c0:bd:1e:ba:f3:1c:6b:f8:e5:2b:4c:4d:4d:14:8c: 94:9d:26:d6:89:d0:d6:26:e3:fc:84:78:75:68:96:c1:48:7d: 0a:8a:1f:0e:d1:71:1d:e7:71:20:17:1f:08:51:47:82:c8:f2: 05:1f:12:c7:51:3b:ba:76:65:18:d8:f4:37:da:8d:be:bc:52: 5b:c0:e3:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDmki+Svv+gbbTt8fcjKy6fAjWmkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyMVoX DTI3MDMwMzA2MTkyMVowMzExMC8GA1UEAxMoODY5MkJBNkM0MzA2MEZDN0RENkE2 NUE4RDExRDM1N0QyRUJBRTVGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKFULGObgE3zNgi4EkZYWOL4kszoUWqxTY7wA+K33POBU4GlP0veBF29p+vI zvW5b4CmiiqK+DnZWZFMak/DAU/YrndLSZSzGWSOJgedqCHFv0QHzlDiwJ16CDyw ngAO2fn3ceqotaGgvrjiJaDazatHokn0dBww6I7k1xtTLpaRVAi6q8wrswbbpGI0 Qrn0eF978JaLl1awdczbQD84Rz7LCNzfmLUaJVaY/K1WHGeJeWn44Df6NwefS28C +36nq8nZ8ftsc6PfnDgheOcUMXFI7kmWAXwxnzMd9C3TzBaRvi2mhE5vOK77H5UE qHM8IJWDSBRX+FFycWvfJ82YluUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSGkrps QwYPx91qZajRHTV9Lrrl9TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qUkwDQYJKoZIhvcNAQELBQADggEBANeyEkAf+AlIEGeG4TFfD8Cu9fogRQbLUkCM 6zB4bVIc07Xtn36eFr7gW8Rptu/sI8ton/rYkf5OSohwSSs/sXZ9nBYnehl/MASW 4Y5ItswWqHoAG8f4rAIo/BivIxc9iCFk3/oDgvlO9/fdt2OM+kKE1uPrRLYpiE99 t55RRHsYvsO852kyWAlEYr0PVly8HIwNTYApGMMt+cjstbsmOm1m8zmSq9ibaAdI 3DlWWbC8K4SZOOPzQcC9HrrzHGv45StMTU0UjJSdJtaJ0NYm4/yEeHVolsFIfQqK Hw7RcR3ncSAXHwhRR4LI8gUfEsdRO7p2ZRjY9Dfajb68UlvA49Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:15 2026 by rpki-client