$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145094.roa File: AS145094.roa (raw, json) Hash identifier: CMxGZItB2Yom+SQHNxqSiLIOul9pqY2GyDhEsW1KZF4= Subject key identifier: 21:F2:94:EE:99:83:B4:97:EC:42:4E:47:81:B4:C5:BB:0C:AC:E9:7C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 273C6DFB0BE5FD2E13872A4D15D5D9518B87A141 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145094.roa Signing time: Wed 04 Mar 2026 06:22:36 +0000 ROA not before: Wed 04 Mar 2026 06:17:36 +0000 ROA not after: Wed 03 Mar 2027 06:22:36 +0000 asID: 145094 IP address blocks: 240a:a98c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:3c:6d:fb:0b:e5:fd:2e:13:87:2a:4d:15:d5:d9:51:8b:87:a1:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:36 2026 GMT Not After : Mar 3 06:22:36 2027 GMT Subject: CN=21F294EE9983B497EC424E4781B4C5BB0CACE97C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:7f:81:98:bd:a4:8a:49:cf:b3:3e:e5:c9:b5: 20:41:f3:9e:a7:3c:ce:90:16:34:cc:75:1f:b0:39: 67:98:41:e0:bd:2a:42:01:5c:44:68:56:9a:e0:61: 08:b3:99:06:58:78:19:e9:56:21:6b:1a:5c:3c:6a: 32:5a:3d:2c:03:bf:3a:45:ba:f9:b5:7b:91:e8:29: e2:23:15:45:de:2b:f2:2d:98:7d:96:f3:83:09:c8: 08:24:3a:d7:4f:3f:1f:63:ad:9d:1e:4e:d5:0a:be: 1b:f9:21:4f:55:f4:c9:c1:97:04:33:84:12:0a:01: 71:74:22:31:08:46:6b:43:a1:fc:08:85:af:c5:7c: d8:bb:83:b7:db:eb:29:5f:2e:8d:47:b8:bf:6d:3e: d4:b2:92:08:ef:fe:a8:b9:1d:ed:8b:47:39:83:e2: 46:25:5a:ce:a3:1c:f2:6b:e7:cd:d8:e2:1b:99:8a: 32:04:8f:48:54:1c:33:f8:f6:99:43:20:a3:1c:30: cc:71:64:5a:98:a6:ef:61:22:15:1c:a9:fe:60:cb: 47:6d:c3:a4:76:1f:e1:81:e1:da:d7:d0:e6:87:88: 55:c2:2f:4c:1e:14:a4:b7:97:f2:08:60:05:f8:3e: de:1a:9b:02:d7:72:f4:81:a5:1c:ea:b5:ab:4c:eb: ed:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:F2:94:EE:99:83:B4:97:EC:42:4E:47:81:B4:C5:BB:0C:AC:E9:7C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145094.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a98c::/32 Signature Algorithm: sha256WithRSAEncryption bf:79:ff:a4:b9:39:a3:24:44:47:15:f8:38:37:50:59:1f:f4: 25:4d:9a:98:f1:ac:af:aa:89:fe:d1:d8:0b:84:d6:45:62:e3: 69:85:4e:90:01:41:57:07:28:40:9d:95:64:c6:cb:6f:8f:84: 56:11:06:40:af:7f:c1:61:56:3a:ca:c1:93:dc:a8:09:2a:10: a8:56:c5:d5:50:34:37:99:9d:36:d5:c4:04:e5:a1:09:4a:65: ce:53:9f:7a:82:d8:49:a1:65:c4:7d:fc:8d:b8:bd:9c:e4:e0: 01:1d:2b:de:b3:10:44:92:1d:aa:47:b6:27:6e:94:78:79:75: d9:b3:9b:53:2d:36:db:65:93:f0:ad:a9:6a:17:8e:a6:fc:27: 74:a6:22:dc:0f:b7:1b:28:16:5e:0f:53:d9:52:e4:7c:95:07: b2:f0:e1:01:bf:67:30:6a:a4:c9:44:54:9f:e2:64:54:21:22: b2:b7:a6:f8:9c:0b:4a:58:c3:69:b6:9e:67:61:02:ac:94:74: a8:10:db:c2:4e:66:60:09:74:61:94:13:53:ab:dd:02:03:01: a4:91:06:20:df:b8:be:7c:e1:3e:3b:dd:3e:10:5a:79:eb:87: 4f:9e:86:f9:a4:8b:b8:30:a2:8d:14:9d:13:39:86:bb:86:84: ed:e5:5f:14 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJzxt+wvl/S4ThypNFdXZUYuHoUEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczNloX DTI3MDMwMzA2MjIzNlowMzExMC8GA1UEAxMoMjFGMjk0RUU5OTgzQjQ5N0VDNDI0 RTQ3ODFCNEM1QkIwQ0FDRTk3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJh/gZi9pIpJz7M+5cm1IEHznqc8zpAWNMx1H7A5Z5hB4L0qQgFcRGhWmuBh CLOZBlh4GelWIWsaXDxqMlo9LAO/OkW6+bV7kegp4iMVRd4r8i2YfZbzgwnICCQ6 108/H2OtnR5O1Qq+G/khT1X0ycGXBDOEEgoBcXQiMQhGa0Oh/AiFr8V82LuDt9vr KV8ujUe4v20+1LKSCO/+qLkd7YtHOYPiRiVazqMc8mvnzdjiG5mKMgSPSFQcM/j2 mUMgoxwwzHFkWpim72EiFRyp/mDLR23DpHYf4YHh2tfQ5oeIVcIvTB4UpLeX8ghg Bfg+3hqbAtdy9IGlHOq1q0zr7XkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQh8pTu mYO0l+xCTkeBtMW7DKzpfDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qYwwDQYJKoZIhvcNAQELBQADggEBAL95/6S5OaMkREcV+Dg3UFkf9CVNmpjxrK+q if7R2AuE1kVi42mFTpABQVcHKECdlWTGy2+PhFYRBkCvf8FhVjrKwZPcqAkqEKhW xdVQNDeZnTbVxATloQlKZc5Tn3qC2EmhZcR9/I24vZzk4AEdK96zEESSHapHtidu lHh5ddmzm1MtNttlk/CtqWoXjqb8J3SmItwPtxsoFl4PU9lS5HyVB7Lw4QG/ZzBq pMlEVJ/iZFQhIrK3pvicC0pYw2m2nmdhAqyUdKgQ28JOZmAJdGGUE1Or3QIDAaSR BiDfuL584T473T4QWnnrh0+ehvmki7gwoo0UnRM5hruGhO3lXxQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:13 2026 by rpki-client