$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145073.roa File: AS145073.roa (raw, json) Hash identifier: X9N3oFt91h5qWpyJ1F0tpL8XJB6Bp2/1YmsHZYgVSMI= Subject key identifier: 5D:53:A7:D5:C0:A2:17:B1:9C:3E:4E:CF:05:C8:92:41:44:6A:B0:32 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 09ECE65C0771D079BAA805E968AB48361BC494C2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145073.roa Signing time: Wed 04 Mar 2026 06:22:30 +0000 ROA not before: Wed 04 Mar 2026 06:17:30 +0000 ROA not after: Wed 03 Mar 2027 06:22:30 +0000 asID: 145073 IP address blocks: 240a:a977::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:ec:e6:5c:07:71:d0:79:ba:a8:05:e9:68:ab:48:36:1b:c4:94:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:30 2026 GMT Not After : Mar 3 06:22:30 2027 GMT Subject: CN=5D53A7D5C0A217B19C3E4ECF05C89241446AB032 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ea:26:02:bd:bc:00:8f:ed:d1:37:09:f3:62: 10:8c:40:38:79:cc:41:73:6e:90:97:b3:a1:31:2b: e4:0f:1b:88:8a:33:15:4c:4d:92:79:57:7e:f3:3c: 6e:a1:6d:7b:00:65:96:a0:a1:19:63:7a:ab:96:2d: d0:65:9e:b6:e5:58:d1:0f:43:57:33:ca:40:b5:39: c4:1e:f8:10:a5:bf:35:6e:01:91:3b:92:ac:14:d3: 4a:19:36:cb:db:5a:e9:f6:d5:ad:07:d9:5f:14:2e: bf:2b:ee:77:14:f5:f1:d1:44:f3:12:16:f0:99:ed: 8e:cd:e2:37:01:a9:39:df:81:18:9a:28:fa:70:ec: ca:a5:35:4e:6a:98:a2:08:57:81:92:25:6b:fb:3b: 87:60:95:05:88:60:1d:2d:8e:af:a4:88:45:e5:d1: 28:9d:d0:78:cb:31:07:5b:2e:58:06:1b:1d:bf:d9: fc:29:aa:51:a8:b5:fc:d5:0b:00:2a:d5:ac:9e:6b: 17:8a:84:81:8b:17:01:63:bc:1d:ec:4f:7b:76:70: 46:47:50:8c:47:ee:d2:5c:f8:40:02:bd:28:7c:75: 7e:b8:73:6f:77:fd:52:61:92:fc:c8:59:78:d1:b6: 75:ca:de:62:fb:8f:1b:a2:c0:77:28:03:2e:f6:ae: 56:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:53:A7:D5:C0:A2:17:B1:9C:3E:4E:CF:05:C8:92:41:44:6A:B0:32 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145073.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a977::/32 Signature Algorithm: sha256WithRSAEncryption 48:89:7a:17:16:37:01:ef:6a:f7:01:b9:13:d9:28:b7:00:8f: 14:06:01:21:9c:b4:cb:be:24:40:71:97:d9:65:f1:9b:a0:37: 53:7f:72:44:57:03:d9:21:cb:87:65:62:39:a5:7d:6e:12:8f: 76:ee:ce:66:b6:06:a0:bc:80:22:d7:73:7f:1c:cd:8d:68:31: e6:27:d3:90:7b:88:cc:97:f2:e2:d6:5b:54:10:88:10:6a:70: 5b:3e:9b:0a:1e:fa:ee:82:dc:30:18:37:ac:10:2b:ce:e0:10: 43:db:18:73:f7:c4:b0:26:20:07:79:a1:73:7b:b4:d2:9c:48: 57:57:19:1d:6a:a3:f4:3e:bb:29:e5:03:ad:55:c6:12:98:58: ed:9e:7f:c7:ad:02:65:8e:22:fb:4b:bd:d7:e4:ad:0d:57:52: 3a:70:25:97:8f:61:93:e6:35:e2:d9:51:8f:e0:2c:fd:b8:d8: b0:fd:c9:b4:d2:fc:70:df:79:39:96:14:56:b5:62:02:da:57: 47:7f:95:fd:f0:d4:3e:4d:bc:be:eb:91:f2:ec:ea:98:46:b6: a8:d3:24:f6:89:68:3d:22:ce:e5:b1:47:a3:0d:e6:85:53:e7: f6:fc:e5:ec:5c:5f:b9:78:5e:13:34:55:ab:91:8c:77:a2:f1: 11:95:32:e3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCezmXAdx0Hm6qAXpaKtINhvElMIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczMFoX DTI3MDMwMzA2MjIzMFowMzExMC8GA1UEAxMoNUQ1M0E3RDVDMEEyMTdCMTlDM0U0 RUNGMDVDODkyNDE0NDZBQjAzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfqJgK9vACP7dE3CfNiEIxAOHnMQXNukJezoTEr5A8biIozFUxNknlXfvM8 bqFtewBllqChGWN6q5Yt0GWetuVY0Q9DVzPKQLU5xB74EKW/NW4BkTuSrBTTShk2 y9ta6fbVrQfZXxQuvyvudxT18dFE8xIW8Jntjs3iNwGpOd+BGJoo+nDsyqU1TmqY oghXgZIla/s7h2CVBYhgHS2Or6SIReXRKJ3QeMsxB1suWAYbHb/Z/CmqUai1/NUL ACrVrJ5rF4qEgYsXAWO8HexPe3ZwRkdQjEfu0lz4QAK9KHx1frhzb3f9UmGS/MhZ eNG2dcreYvuPG6LAdygDLvauVu8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRdU6fV wKIXsZw+Ts8FyJJBRGqwMjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qXcwDQYJKoZIhvcNAQELBQADggEBAEiJehcWNwHvavcBuRPZKLcAjxQGASGctMu+ JEBxl9ll8ZugN1N/ckRXA9khy4dlYjmlfW4Sj3buzma2BqC8gCLXc38czY1oMeYn 05B7iMyX8uLWW1QQiBBqcFs+mwoe+u6C3DAYN6wQK87gEEPbGHP3xLAmIAd5oXN7 tNKcSFdXGR1qo/Q+uynlA61VxhKYWO2ef8etAmWOIvtLvdfkrQ1XUjpwJZePYZPm NeLZUY/gLP242LD9ybTS/HDfeTmWFFa1YgLaV0d/lf3w1D5NvL7rkfLs6phGtqjT JPaJaD0izuWxR6MN5oVT5/b85excX7l4XhM0VauRjHei8RGVMuM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:42 2026 by rpki-client