$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145117.roa File: AS145117.roa (raw, json) Hash identifier: tnnSqkjMYzJ0SifNTCp5Es9R17/2kcwhZgCORMzvGCI= Subject key identifier: 1B:08:5E:43:8C:59:0B:70:27:7D:1E:28:5D:0E:2B:35:07:E8:DA:E8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 635AACC24AF59004ACA4FB7BB059A453A6AEC887 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145117.roa Signing time: Wed 04 Mar 2026 06:21:59 +0000 ROA not before: Wed 04 Mar 2026 06:16:59 +0000 ROA not after: Wed 03 Mar 2027 06:21:59 +0000 asID: 145117 IP address blocks: 240a:a9a3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:5a:ac:c2:4a:f5:90:04:ac:a4:fb:7b:b0:59:a4:53:a6:ae:c8:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:59 2026 GMT Not After : Mar 3 06:21:59 2027 GMT Subject: CN=1B085E438C590B70277D1E285D0E2B3507E8DAE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9e:f8:f4:30:e7:39:50:43:a4:45:0a:58:46: dc:1c:a8:2b:c1:34:38:65:b4:22:d9:bb:e3:9c:81: b4:50:17:66:3b:c1:4f:81:8b:97:99:e5:04:d0:ec: 04:a7:8c:12:d4:71:82:0f:d6:e6:07:8d:b1:c9:54: e2:6f:8f:e6:4b:20:64:8f:83:3d:42:d6:4c:1a:7b: 6c:fb:1c:60:20:d7:61:23:8e:ee:37:0e:d2:bb:88: ff:c7:d8:d9:3c:45:79:02:8c:ce:9d:46:8e:44:35: f5:f0:ae:ea:9d:a9:ef:09:a8:68:d1:28:2d:b6:1e: b9:40:34:88:ac:b7:05:54:c7:a7:f8:c2:00:e0:88: a6:76:b6:e5:ef:7c:ce:a0:9b:ee:76:a3:30:35:a3: 7d:64:14:e1:3e:c3:21:e4:28:43:3d:14:67:c3:cb: 77:cb:8c:57:4d:a3:47:c9:fa:92:e8:90:bf:68:e8: ac:77:b5:cc:5b:05:98:d0:95:ba:0e:08:86:57:83: 68:37:64:ad:88:5f:f3:da:53:7e:93:8e:6a:fb:ba: 78:99:45:af:4a:37:14:bf:12:5a:26:9b:5d:b7:69: 11:41:f4:56:e5:ad:db:75:a0:d2:42:07:3c:d0:6c: c1:33:97:a0:14:39:11:39:ae:a9:65:5d:78:3c:c0: b9:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:08:5E:43:8C:59:0B:70:27:7D:1E:28:5D:0E:2B:35:07:E8:DA:E8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145117.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9a3::/32 Signature Algorithm: sha256WithRSAEncryption c9:48:02:70:e7:ad:08:07:11:08:49:e8:b4:94:c8:27:72:b1: 90:9c:ad:aa:3d:aa:54:74:a7:54:75:a8:d6:4d:c1:ac:53:46: 7f:06:a1:6e:7f:3d:eb:ec:05:3a:67:6d:53:a0:eb:5e:6c:6c: a3:9a:7e:44:de:2a:d6:38:c9:67:b8:39:48:56:06:e7:28:96: c4:fa:48:ee:38:96:28:5a:94:ed:66:ee:f6:9e:e1:0d:43:54: b4:28:70:27:23:53:3e:39:3c:39:2d:4b:ce:f3:a2:32:93:a4: 2c:5b:6a:76:62:20:b7:bc:ff:07:92:0c:4f:8b:4c:99:f0:f9: 6b:df:69:77:d1:ca:de:d4:26:36:7e:be:85:ef:0b:d6:a3:ad: c5:f4:0f:bf:20:6f:29:94:d7:92:12:e6:44:dc:5c:5e:d3:56: 90:1d:6a:97:b9:21:70:e1:c9:96:9f:f4:f2:ba:f2:14:79:69: a2:42:e9:16:5d:83:82:eb:06:70:86:3a:ab:50:93:c5:41:e1: 6d:52:d0:8f:29:e6:3a:a0:93:35:6d:6d:9c:e3:b0:08:7a:3f: 95:3d:bf:dd:95:5f:ab:3d:5a:d6:77:9a:66:57:19:82:ce:07: 22:76:68:eb:7d:a4:2a:6f:9b:70:9b:ff:45:4a:ac:5e:19:1b: f9:02:be:95 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUY1qswkr1kASspPt7sFmkU6auyIcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1OVoX DTI3MDMwMzA2MjE1OVowMzExMC8GA1UEAxMoMUIwODVFNDM4QzU5MEI3MDI3N0Qx RTI4NUQwRTJCMzUwN0U4REFFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGe+PQw5zlQQ6RFClhG3ByoK8E0OGW0Itm745yBtFAXZjvBT4GLl5nlBNDs BKeMEtRxgg/W5geNsclU4m+P5ksgZI+DPULWTBp7bPscYCDXYSOO7jcO0ruI/8fY 2TxFeQKMzp1GjkQ19fCu6p2p7wmoaNEoLbYeuUA0iKy3BVTHp/jCAOCIpna25e98 zqCb7najMDWjfWQU4T7DIeQoQz0UZ8PLd8uMV02jR8n6kuiQv2jorHe1zFsFmNCV ug4IhleDaDdkrYhf89pTfpOOavu6eJlFr0o3FL8SWiabXbdpEUH0VuWt23Wg0kIH PNBswTOXoBQ5ETmuqWVdeDzAuZ8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQbCF5D jFkLcCd9HihdDis1B+ja6DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTExNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qaMwDQYJKoZIhvcNAQELBQADggEBAMlIAnDnrQgHEQhJ6LSUyCdysZCcrao9qlR0 p1R1qNZNwaxTRn8GoW5/PevsBTpnbVOg615sbKOafkTeKtY4yWe4OUhWBucolsT6 SO44lihalO1m7vae4Q1DVLQocCcjUz45PDktS87zojKTpCxbanZiILe8/weSDE+L TJnw+WvfaXfRyt7UJjZ+voXvC9ajrcX0D78gbymU15IS5kTcXF7TVpAdape5IXDh yZaf9PK68hR5aaJC6RZdg4LrBnCGOqtQk8VB4W1S0I8p5jqgkzVtbZzjsAh6P5U9 v92VX6s9WtZ3mmZXGYLOByJ2aOt9pCpvm3Cb/0VKrF4ZG/kCvpU= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:40 2026 by rpki-client