$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145111.roa File: AS145111.roa (raw, json) Hash identifier: XqcgkGdqVQHH6Gk5jNrytl2cfUVSL2fAONLUO+u9Fho= Subject key identifier: 87:FA:6D:29:E9:60:5B:7F:25:8A:B5:2A:F5:4F:EE:9D:57:2E:F7:DF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 52A8B560DE61ECB40AD548718FE6A0AB234A209A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145111.roa Signing time: Wed 04 Mar 2026 06:22:20 +0000 ROA not before: Wed 04 Mar 2026 06:17:20 +0000 ROA not after: Wed 03 Mar 2027 06:22:20 +0000 asID: 145111 IP address blocks: 240a:a99d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:a8:b5:60:de:61:ec:b4:0a:d5:48:71:8f:e6:a0:ab:23:4a:20:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:20 2026 GMT Not After : Mar 3 06:22:20 2027 GMT Subject: CN=87FA6D29E9605B7F258AB52AF54FEE9D572EF7DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5b:3f:d5:3d:74:f2:45:09:7e:ab:ae:6f:d3: 13:0d:4d:b8:47:a2:fe:7f:7a:4f:a5:d2:83:8e:da: f6:88:3d:55:d6:c0:24:99:53:b4:0a:6b:31:07:c9: 9c:cf:12:15:8a:86:72:00:c6:33:7e:99:13:c6:9d: c3:5a:b1:36:7d:d8:54:48:72:d1:05:90:ce:78:c0: da:d4:df:b1:4e:84:ef:a1:92:cb:75:08:17:6c:87: be:de:ed:21:24:4a:ee:ae:78:7e:64:0d:5a:e5:2c: f3:d9:bd:2c:7f:7b:0e:ac:70:2a:04:b6:ff:56:58: ed:68:d6:6f:02:48:e4:44:e2:31:81:7d:49:29:ff: 3b:ca:f2:54:ce:25:6a:c6:b8:c4:14:fc:07:71:6b: 7a:f7:a6:2a:8d:a8:fb:45:ee:32:fd:98:cb:d2:95: c7:e1:39:38:b6:b5:71:f0:5c:ca:b1:1f:fb:27:1a: bd:a5:2e:4a:ad:33:19:b8:7f:95:14:ab:ac:23:4d: 23:b3:9a:05:1b:d2:52:6c:77:84:85:a0:ac:96:a0: 03:49:b6:be:0c:97:e7:3a:06:4b:50:62:de:8c:5e: 44:85:db:4a:ea:25:73:a2:fb:34:d8:0d:df:c4:4a: a5:2e:71:23:d0:cb:0f:27:87:cc:d3:2e:a7:d0:dd: 38:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:FA:6D:29:E9:60:5B:7F:25:8A:B5:2A:F5:4F:EE:9D:57:2E:F7:DF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145111.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a99d::/32 Signature Algorithm: sha256WithRSAEncryption 3e:6d:85:5e:40:d5:7a:d2:e0:13:44:29:2a:ae:d8:18:e9:2d: 48:9e:5e:f8:6c:97:2f:37:91:e5:9f:b6:09:89:1a:fb:ab:df: 42:cf:92:75:7a:d5:17:46:55:22:56:14:b0:21:75:60:ce:fa: 55:df:a0:41:a2:ba:d8:a0:01:b1:04:96:e8:1f:74:26:c3:80: 92:1b:d2:cb:7c:4a:a4:38:2e:3a:28:bf:e5:23:ca:e5:fd:ad: ac:66:0e:47:a5:c1:dc:4c:95:f2:74:bb:03:87:a3:1e:bd:2b: 3e:99:93:ba:15:31:a1:22:cb:6d:8a:fd:9f:a4:15:ba:42:f9: 11:ba:c0:8f:f8:05:fc:60:69:f2:62:ca:6a:66:ef:1f:ad:88: db:b8:95:2c:3e:b6:45:25:16:58:7d:68:b4:3e:68:00:b0:25: a4:be:6b:dc:3a:87:4b:f3:9c:b5:ff:9a:cc:c9:6c:36:97:e4: 51:94:98:90:09:1d:53:ff:89:5a:c5:8e:91:dc:54:38:44:e1: 54:b1:b4:6d:95:12:70:5d:10:00:f3:c7:6e:b8:9d:35:7e:eb: b8:d7:4d:49:46:a5:9e:c6:70:46:b5:33:e0:ef:50:52:bb:95: 9d:65:0a:6d:b8:b2:52:04:67:33:79:05:10:82:a7:50:3c:ed: e7:e6:c4:8c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUqi1YN5h7LQK1Uhxj+agqyNKIJowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyMFoX DTI3MDMwMzA2MjIyMFowMzExMC8GA1UEAxMoODdGQTZEMjlFOTYwNUI3RjI1OEFC NTJBRjU0RkVFOUQ1NzJFRjdERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBbP9U9dPJFCX6rrm/TEw1NuEei/n96T6XSg47a9og9VdbAJJlTtAprMQfJ nM8SFYqGcgDGM36ZE8adw1qxNn3YVEhy0QWQznjA2tTfsU6E76GSy3UIF2yHvt7t ISRK7q54fmQNWuUs89m9LH97DqxwKgS2/1ZY7WjWbwJI5ETiMYF9SSn/O8ryVM4l asa4xBT8B3FrevemKo2o+0XuMv2Yy9KVx+E5OLa1cfBcyrEf+ycavaUuSq0zGbh/ lRSrrCNNI7OaBRvSUmx3hIWgrJagA0m2vgyX5zoGS1Bi3oxeRIXbSuolc6L7NNgN 38RKpS5xI9DLDyeHzNMup9DdOE8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSH+m0p 6WBbfyWKtSr1T+6dVy733zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTExMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qZ0wDQYJKoZIhvcNAQELBQADggEBAD5thV5A1XrS4BNEKSqu2BjpLUieXvhsly83 keWftgmJGvur30LPknV61RdGVSJWFLAhdWDO+lXfoEGiutigAbEElugfdCbDgJIb 0st8SqQ4Ljoov+UjyuX9raxmDkelwdxMlfJ0uwOHox69Kz6Zk7oVMaEiy22K/Z+k FbpC+RG6wI/4BfxgafJiympm7x+tiNu4lSw+tkUlFlh9aLQ+aACwJaS+a9w6h0vz nLX/mszJbDaX5FGUmJAJHVP/iVrFjpHcVDhE4VSxtG2VEnBdEADzx264nTV+67jX TUlGpZ7GcEa1M+DvUFK7lZ1lCm24slIEZzN5BRCCp1A87efmxIw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:16 2026 by rpki-client