$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145091.roa File: AS145091.roa (raw, json) Hash identifier: qO7SLBILW0HiY91OfLNa95XLwmF1v2LD0+cBdNcSLdY= Subject key identifier: 9A:4B:EE:5B:8D:3E:A4:B7:60:AC:38:25:BB:BD:29:6C:BD:96:73:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A998D2FB96371B2636C3A608D8AF4BDFB864F6D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145091.roa Signing time: Wed 04 Mar 2026 06:20:28 +0000 ROA not before: Wed 04 Mar 2026 06:15:28 +0000 ROA not after: Wed 03 Mar 2027 06:20:28 +0000 asID: 145091 IP address blocks: 240a:a989::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:99:8d:2f:b9:63:71:b2:63:6c:3a:60:8d:8a:f4:bd:fb:86:4f:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:28 2026 GMT Not After : Mar 3 06:20:28 2027 GMT Subject: CN=9A4BEE5B8D3EA4B760AC3825BBBD296CBD9673E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:89:19:4b:85:7b:4c:85:83:4e:58:dc:8b:69: ac:8d:bc:06:57:41:af:14:a3:11:e8:4d:cc:ef:58: 2b:f7:ec:b9:0b:ff:cd:e5:48:fd:03:d5:3b:c4:70: 98:03:90:29:95:3b:9c:b0:95:46:f9:d3:19:b9:0a: 3d:ea:46:72:d9:99:65:b5:76:e1:77:b7:00:7f:2d: 25:3f:08:45:83:0a:7f:05:54:3f:ba:67:c3:2d:0d: 22:a2:81:94:3c:6c:be:37:26:2c:d7:91:50:05:73: a6:e5:aa:4e:98:2b:ec:d0:01:b4:0c:57:5f:b4:ee: d9:b1:85:e6:d7:36:2c:25:18:d9:e5:e5:35:6e:b4: 72:e6:fd:37:fe:26:dc:8a:cb:09:3f:ca:fb:0b:53: 67:5f:a9:2d:22:a7:ef:40:19:b2:4b:1b:cc:19:97: 3d:26:67:cd:32:43:c3:82:70:ee:18:8e:73:f2:78: 98:18:11:d7:9c:99:95:03:24:f2:ce:70:15:b3:a0: 6e:55:54:ed:12:99:ce:a3:19:e6:c9:65:10:24:25: f5:c1:f5:1f:17:1e:35:55:1f:82:22:d6:fc:51:bc: ef:fc:2a:63:46:6d:56:c3:4d:ae:91:cb:22:22:63: 0a:b0:86:1e:e1:9f:c5:d6:a0:61:d9:1a:79:3f:70: a2:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:4B:EE:5B:8D:3E:A4:B7:60:AC:38:25:BB:BD:29:6C:BD:96:73:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145091.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a989::/32 Signature Algorithm: sha256WithRSAEncryption 88:04:14:eb:44:0b:7e:71:c5:e5:ab:53:b3:63:91:26:17:e8: 21:04:23:e9:7b:f1:fe:38:5d:d2:8b:dc:52:17:cd:14:5c:1b: 7f:e6:9c:ae:f6:85:ce:fc:3c:57:55:cc:d7:dd:3a:f6:9e:4d: 87:6e:a7:e5:9d:fc:d3:50:bd:b1:6f:ed:d5:0f:95:a9:b1:cd: a8:8c:68:81:ac:57:5c:aa:05:e4:57:b5:24:62:82:4b:63:88: c4:36:0e:67:cc:5f:08:f9:cb:7e:51:00:e4:4f:86:31:13:40: d7:01:cc:64:27:34:68:d9:77:be:76:c3:74:0a:32:84:79:fb: 83:71:c5:07:74:b7:be:c3:fe:c8:7a:47:12:09:f3:08:24:ab: 91:7b:23:25:a1:25:5e:fd:8e:aa:67:ca:1c:a4:19:02:cb:b5: 5a:f3:e0:fc:88:69:a7:c4:d3:da:2a:b9:82:41:e7:e9:e4:b3: 11:ba:66:2a:ff:64:f9:2e:c8:eb:27:d8:14:49:fe:47:b2:13: 04:b0:06:14:8c:51:58:9c:c2:a8:5a:8d:6f:0b:78:6e:c3:d0: 8c:fb:6e:05:2f:09:15:2c:f9:0a:61:28:d8:48:ce:82:7f:c8: 74:ce:f3:7c:37:c0:a9:39:04:3f:4a:57:6d:0d:8a:9c:56:74: 1c:9b:17:5a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKpmNL7ljcbJjbDpgjYr0vfuGT20wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyOFoX DTI3MDMwMzA2MjAyOFowMzExMC8GA1UEAxMoOUE0QkVFNUI4RDNFQTRCNzYwQUMz ODI1QkJCRDI5NkNCRDk2NzNFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOiJGUuFe0yFg05Y3ItprI28BldBrxSjEehNzO9YK/fsuQv/zeVI/QPVO8Rw mAOQKZU7nLCVRvnTGbkKPepGctmZZbV24Xe3AH8tJT8IRYMKfwVUP7pnwy0NIqKB lDxsvjcmLNeRUAVzpuWqTpgr7NABtAxXX7Tu2bGF5tc2LCUY2eXlNW60cub9N/4m 3IrLCT/K+wtTZ1+pLSKn70AZsksbzBmXPSZnzTJDw4Jw7hiOc/J4mBgR15yZlQMk 8s5wFbOgblVU7RKZzqMZ5sllECQl9cH1HxceNVUfgiLW/FG87/wqY0ZtVsNNrpHL IiJjCrCGHuGfxdagYdkaeT9wogcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSaS+5b jT6kt2CsOCW7vSlsvZZz4jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qYkwDQYJKoZIhvcNAQELBQADggEBAIgEFOtEC35xxeWrU7NjkSYX6CEEI+l78f44 XdKL3FIXzRRcG3/mnK72hc78PFdVzNfdOvaeTYdup+Wd/NNQvbFv7dUPlamxzaiM aIGsV1yqBeRXtSRigktjiMQ2DmfMXwj5y35RAORPhjETQNcBzGQnNGjZd752w3QK MoR5+4NxxQd0t77D/sh6RxIJ8wgkq5F7IyWhJV79jqpnyhykGQLLtVrz4PyIaafE 09oquYJB5+nksxG6Zir/ZPkuyOsn2BRJ/keyEwSwBhSMUVicwqhajW8LeG7D0Iz7 bgUvCRUs+QphKNhIzoJ/yHTO83w3wKk5BD9KV20NipxWdBybF1o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:49 2026 by rpki-client