$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145086.roa File: AS145086.roa (raw, json) Hash identifier: FDMT3EkyI1QVaahmQ9xnZshL3VG57wQLV06kvoxZ1DA= Subject key identifier: 82:D7:EF:C2:8C:69:A4:CE:C7:FA:00:ED:92:CF:72:DC:B4:69:10:F4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2D227C57AA94E73A37E918809223AE2D1104E351 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145086.roa Signing time: Wed 04 Mar 2026 06:19:56 +0000 ROA not before: Wed 04 Mar 2026 06:14:56 +0000 ROA not after: Wed 03 Mar 2027 06:19:56 +0000 asID: 145086 IP address blocks: 240a:a984::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:22:7c:57:aa:94:e7:3a:37:e9:18:80:92:23:ae:2d:11:04:e3:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:56 2026 GMT Not After : Mar 3 06:19:56 2027 GMT Subject: CN=82D7EFC28C69A4CEC7FA00ED92CF72DCB46910F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:4a:80:9e:05:af:85:a8:9f:c4:27:2b:22:32: ac:ba:66:d1:6d:11:a2:d3:ab:ed:f1:0e:07:4d:a0: 65:45:cf:99:31:bd:87:c6:2a:09:a2:c1:81:95:a0: 20:95:b8:6e:c2:a8:8d:85:62:22:b6:9f:19:95:9f: e6:35:b1:4c:44:4a:c3:86:cd:04:16:14:8e:73:86: 8e:33:d1:eb:2c:5b:99:33:66:4b:bc:46:5f:ed:71: 41:0d:34:65:cc:00:d0:b4:c2:f5:db:da:c5:74:7f: e7:8b:49:fa:8f:3a:21:8a:1c:b4:a0:cd:b4:66:83: 8e:cb:63:d3:65:a5:60:09:62:37:48:b7:28:db:6d: eb:af:a5:d8:62:88:43:39:83:2c:b1:b4:8a:5a:0e: 72:69:49:b7:39:3c:04:58:e7:3d:e4:e9:b4:5b:63: 10:98:43:dd:90:9b:1a:c7:9d:69:5c:5b:9a:e9:f2: b3:76:3c:4b:6a:ae:0c:74:a8:72:c9:e7:e2:33:e1: 18:9a:c9:f6:e3:5d:24:cf:1d:99:3b:48:f1:f5:8c: e3:81:60:ea:a3:f0:f1:45:20:69:c4:33:39:6c:a9: bb:30:d2:33:30:fc:cd:04:b8:ef:b2:6c:aa:6a:ac: 6f:c4:f8:4f:3e:32:11:aa:ba:e7:7f:02:4c:e0:a7: 18:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:D7:EF:C2:8C:69:A4:CE:C7:FA:00:ED:92:CF:72:DC:B4:69:10:F4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145086.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a984::/32 Signature Algorithm: sha256WithRSAEncryption 8e:5e:06:41:70:e3:13:ef:0e:de:28:f7:4d:e5:c1:91:d0:26: 83:df:07:ee:90:9c:c4:cc:36:45:bf:e3:3a:55:8c:ff:f1:60: 6c:3a:b1:89:24:e6:c7:67:7f:e8:5f:a9:f6:f0:90:47:74:87: ba:b0:0e:79:3e:2c:82:5a:3c:af:46:c0:2c:7a:7e:6c:22:8b: 40:94:88:4b:37:2f:c4:cb:13:fb:21:54:64:41:0f:ad:2b:0d: 43:25:5a:16:37:9a:8c:d6:6e:fa:f3:2c:ad:49:a2:20:f6:98: 59:2b:7f:98:19:19:9d:7a:46:a1:3f:4b:04:c8:9a:a7:95:8f: 46:53:44:ec:17:3c:01:6a:c1:82:c9:23:aa:ac:85:35:8a:c1: 5f:e9:9d:89:f1:44:2c:76:90:5a:70:cd:f0:95:6e:cc:61:f3: 9a:87:e8:12:a2:88:46:a2:eb:fb:47:38:1d:ba:e2:c3:d1:84: c4:58:2c:51:cd:f1:df:24:e0:9f:fc:fe:12:37:29:6c:4a:77: fe:f6:dc:14:e9:25:cc:43:52:f3:b7:47:92:56:b3:73:ac:9e: 2f:3d:b9:ab:a5:d5:e8:62:26:9f:7f:c4:1a:12:4f:0c:c3:8a: bd:25:79:59:b9:46:87:29:cf:9b:17:70:2f:26:ed:48:eb:05: 33:62:94:0f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULSJ8V6qU5zo36RiAkiOuLREE41EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1NloX DTI3MDMwMzA2MTk1NlowMzExMC8GA1UEAxMoODJEN0VGQzI4QzY5QTRDRUM3RkEw MEVEOTJDRjcyRENCNDY5MTBGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANlKgJ4Fr4Won8QnKyIyrLpm0W0RotOr7fEOB02gZUXPmTG9h8YqCaLBgZWg IJW4bsKojYViIrafGZWf5jWxTERKw4bNBBYUjnOGjjPR6yxbmTNmS7xGX+1xQQ00 ZcwA0LTC9dvaxXR/54tJ+o86IYoctKDNtGaDjstj02WlYAliN0i3KNtt66+l2GKI QzmDLLG0iloOcmlJtzk8BFjnPeTptFtjEJhD3ZCbGsedaVxbmunys3Y8S2quDHSo csnn4jPhGJrJ9uNdJM8dmTtI8fWM44Fg6qPw8UUgacQzOWypuzDSMzD8zQS477Js qmqsb8T4Tz4yEaq6538CTOCnGM0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSC1+/C jGmkzsf6AO2Sz3LctGkQ9DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qYQwDQYJKoZIhvcNAQELBQADggEBAI5eBkFw4xPvDt4o903lwZHQJoPfB+6QnMTM NkW/4zpVjP/xYGw6sYkk5sdnf+hfqfbwkEd0h7qwDnk+LIJaPK9GwCx6fmwii0CU iEs3L8TLE/shVGRBD60rDUMlWhY3mozWbvrzLK1JoiD2mFkrf5gZGZ16RqE/SwTI mqeVj0ZTROwXPAFqwYLJI6qshTWKwV/pnYnxRCx2kFpwzfCVbsxh85qH6BKiiEai 6/tHOB264sPRhMRYLFHN8d8k4J/8/hI3KWxKd/723BTpJcxDUvO3R5JWs3Osni89 uaul1ehiJp9/xBoSTwzDir0leVm5Rocpz5sXcC8m7UjrBTNilA8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:26 2026 by rpki-client