$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145118.roa File: AS145118.roa (raw, json) Hash identifier: 5r6ewr0XHU7rWfcGHhwQqf6gDL2RCKtck1Z8nwjttVc= Subject key identifier: 65:4E:58:EA:45:73:6D:95:D9:3A:AC:65:DE:06:10:43:78:45:39:B7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 12EEBCE7B5E74E9435DC191C4C356DFECFC5ECC4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145118.roa Signing time: Wed 04 Mar 2026 06:20:27 +0000 ROA not before: Wed 04 Mar 2026 06:15:27 +0000 ROA not after: Wed 03 Mar 2027 06:20:27 +0000 asID: 145118 IP address blocks: 240a:a9a4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:ee:bc:e7:b5:e7:4e:94:35:dc:19:1c:4c:35:6d:fe:cf:c5:ec:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:27 2026 GMT Not After : Mar 3 06:20:27 2027 GMT Subject: CN=654E58EA45736D95D93AAC65DE061043784539B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:3c:3b:87:41:6d:0d:e5:eb:46:f3:ad:91:9b: f3:40:31:88:68:c5:a1:23:ed:b2:04:03:96:3a:ff: 87:3b:11:08:5e:8b:ea:c8:71:8e:ac:17:a3:13:6d: 57:57:c1:4b:e7:ad:cd:a1:b3:7f:2a:1a:58:95:45: 74:f1:79:fd:26:a6:b0:c7:0b:fe:5c:30:f7:cd:80: 13:a8:0d:54:2d:11:13:5a:ea:81:cc:a4:da:9c:a3: b3:0c:c2:04:96:05:5a:9b:72:45:3e:41:29:de:af: df:45:f8:47:f6:a2:56:6e:0e:34:7e:9f:88:d2:60: f5:1e:dd:98:2e:5e:5a:62:d8:4e:99:35:a8:23:1f: 27:e9:e6:19:74:22:85:fc:4c:b1:fb:43:b5:91:f4: 79:91:8f:f9:05:6e:3e:bd:62:d6:74:44:43:c9:b6: 76:2b:51:d1:2f:90:80:f4:bd:5d:6e:5a:91:fe:18: 65:92:0d:85:70:c0:72:5d:dc:7a:7a:55:9f:10:c2: a8:1a:48:a3:d6:ee:63:86:b2:71:0b:67:f6:56:35: cc:37:7a:1d:ea:19:6d:fa:18:34:67:09:bc:7c:a3: 43:b5:25:6f:57:78:8f:be:11:46:1a:0e:fc:74:b6: be:66:73:04:02:60:59:8f:ad:97:6f:a4:f7:eb:34: 23:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:4E:58:EA:45:73:6D:95:D9:3A:AC:65:DE:06:10:43:78:45:39:B7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145118.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9a4::/32 Signature Algorithm: sha256WithRSAEncryption 4f:07:3d:49:c8:5c:cb:31:e7:4b:f4:9b:71:d4:ee:99:45:c6: ab:21:d8:31:b5:ae:06:59:c9:1f:13:c6:af:90:a7:a0:0f:f0: 5e:7b:fb:da:b8:0c:57:88:20:bd:e1:bc:3d:91:19:54:05:8b: b8:77:d5:a9:53:4a:7d:92:8a:a2:df:45:6f:26:be:77:ee:50: 88:22:22:43:67:50:42:bf:5d:77:85:1c:e4:7a:34:a2:14:5b: 95:6d:f5:a0:82:17:31:6c:6f:43:ce:95:7e:29:07:af:ad:1c: 84:f6:63:55:bd:97:a7:fd:a6:8c:3e:9a:64:22:ec:10:43:40: 86:39:cd:f0:95:d7:45:eb:2c:98:ac:49:eb:89:f0:a8:04:ef: 47:05:04:bf:92:b4:b5:4f:09:1c:df:88:ce:7a:6a:13:56:76: 6b:e7:fb:8a:e9:35:97:b3:5f:a9:fb:b9:bc:33:a1:b2:f1:fe: 9c:05:2a:3d:38:26:93:ab:ed:6e:4c:f3:3a:c2:30:af:84:3f: c8:8f:7e:9c:91:28:62:f0:ef:c9:52:22:4c:bd:8d:8d:29:c3: d3:15:dd:56:ec:70:a9:82:a0:b3:82:c7:9d:7e:2c:6e:a3:fa: a6:86:1b:e8:d9:bf:95:de:6b:bc:f5:8d:8f:21:b0:76:71:7b: 2c:2f:e1:b7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEu6857XnTpQ13BkcTDVt/s/F7MQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyN1oX DTI3MDMwMzA2MjAyN1owMzExMC8GA1UEAxMoNjU0RTU4RUE0NTczNkQ5NUQ5M0FB QzY1REUwNjEwNDM3ODQ1MzlCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJY8O4dBbQ3l60bzrZGb80AxiGjFoSPtsgQDljr/hzsRCF6L6shxjqwXoxNt V1fBS+etzaGzfyoaWJVFdPF5/SamsMcL/lww982AE6gNVC0RE1rqgcyk2pyjswzC BJYFWptyRT5BKd6v30X4R/aiVm4ONH6fiNJg9R7dmC5eWmLYTpk1qCMfJ+nmGXQi hfxMsftDtZH0eZGP+QVuPr1i1nREQ8m2ditR0S+QgPS9XW5akf4YZZINhXDAcl3c enpVnxDCqBpIo9buY4aycQtn9lY1zDd6HeoZbfoYNGcJvHyjQ7Ulb1d4j74RRhoO /HS2vmZzBAJgWY+tl2+k9+s0I5kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRlTljq RXNtldk6rGXeBhBDeEU5tzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTExOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qaQwDQYJKoZIhvcNAQELBQADggEBAE8HPUnIXMsx50v0m3HU7plFxqsh2DG1rgZZ yR8Txq+Qp6AP8F57+9q4DFeIIL3hvD2RGVQFi7h31alTSn2SiqLfRW8mvnfuUIgi IkNnUEK/XXeFHOR6NKIUW5Vt9aCCFzFsb0POlX4pB6+tHIT2Y1W9l6f9pow+mmQi 7BBDQIY5zfCV10XrLJisSeuJ8KgE70cFBL+StLVPCRzfiM56ahNWdmvn+4rpNZez X6n7ubwzobLx/pwFKj04JpOr7W5M8zrCMK+EP8iPfpyRKGLw78lSIky9jY0pw9MV 3VbscKmCoLOCx51+LG6j+qaGG+jZv5Xea7z1jY8hsHZxeywv4bc= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:38 2026 by rpki-client