$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145126.roa File: AS145126.roa (raw, json) Hash identifier: 8OOtFenE4nD+SZ3XRaEqt2RVwsEV46R5vd6y0f0qgvw= Subject key identifier: 03:7B:43:53:AD:BB:4E:D2:92:27:92:D2:2D:53:79:C7:B9:AD:1C:2F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2FEEA5EBF1B78D0A3FEE058078A09C4EDAFD6E43 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145126.roa Signing time: Wed 04 Mar 2026 06:21:14 +0000 ROA not before: Wed 04 Mar 2026 06:16:14 +0000 ROA not after: Wed 03 Mar 2027 06:21:14 +0000 asID: 145126 IP address blocks: 240a:a9ac::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:ee:a5:eb:f1:b7:8d:0a:3f:ee:05:80:78:a0:9c:4e:da:fd:6e:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:14 2026 GMT Not After : Mar 3 06:21:14 2027 GMT Subject: CN=037B4353ADBB4ED2922792D22D5379C7B9AD1C2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:93:70:57:26:16:d8:d9:60:52:ac:82:db:b1: 77:a6:f7:1a:ee:9a:30:b3:6e:07:91:3d:9f:2c:93: b2:73:c7:d7:be:21:47:50:8f:ce:7e:41:49:c7:df: 22:8b:5b:b7:af:22:b5:58:3f:81:9f:aa:e8:af:f1: af:df:b0:57:66:4a:4a:5b:7f:2b:ca:e4:11:70:96: 65:c5:24:12:60:55:fa:1a:e4:b7:e5:9c:c4:70:f0: 8b:65:08:4b:d9:73:98:e0:ad:5f:15:ac:a2:03:8d: 98:8f:e0:1b:af:58:9b:cc:c5:b5:3e:e0:76:dc:de: ba:54:31:b1:59:68:84:48:f7:4c:e5:20:eb:d5:3d: a1:98:5d:fa:f2:b3:f5:d0:a9:08:18:6d:6c:b4:36: f9:02:e8:0a:95:b7:19:30:6b:22:ef:bf:ef:12:c9: b7:33:61:6b:08:d7:c0:a8:d8:99:23:4b:85:bb:ae: ea:30:54:30:bb:57:41:09:88:8c:9f:d8:cd:ab:e0: 5a:69:9d:0e:58:50:8d:26:68:b7:17:97:2d:6d:72: 79:1d:32:42:97:0e:9e:18:b7:9e:4a:77:0f:55:86: 79:cb:e7:0e:53:ab:c5:cb:6c:1d:1e:78:6b:1e:65: 78:45:bd:cf:94:a5:49:de:2e:a5:c0:d6:e1:68:26: 0d:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:7B:43:53:AD:BB:4E:D2:92:27:92:D2:2D:53:79:C7:B9:AD:1C:2F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145126.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9ac::/32 Signature Algorithm: sha256WithRSAEncryption 47:de:29:07:c0:16:64:b6:61:eb:27:22:ce:77:e9:46:ab:5b: 7f:8b:7d:d0:36:65:9c:9a:79:b3:71:c9:73:8b:08:66:21:eb: d8:17:fa:db:59:48:ac:0d:e1:09:63:25:f9:54:af:e5:cb:09: 0c:56:ec:4a:4e:12:27:17:aa:56:c2:a7:d4:ef:02:ef:6c:8d: 66:94:13:33:6d:dd:79:0f:f3:98:4f:4c:21:72:4c:9c:41:58: 5a:72:e6:63:a6:ef:18:95:84:6b:cf:c9:ff:95:ae:95:6f:8b: 57:3c:a4:da:c1:09:2d:b7:57:e1:6d:56:75:e8:a0:b6:fc:aa: 75:0f:40:01:10:95:46:83:c2:c2:1e:db:21:2c:a7:99:92:e6: 08:a3:d9:bc:38:ee:52:0f:87:b2:89:3d:b4:01:62:a0:ff:e1: cd:de:0c:43:08:58:d8:43:ee:94:de:50:85:51:a3:55:d2:31: 9d:92:f2:a8:14:18:96:12:2f:64:e3:33:65:1f:c1:ea:ad:97: a8:68:0f:90:01:4c:5f:96:5d:3f:9c:a9:eb:bc:b3:21:3e:a3: 32:73:05:8f:1f:16:cd:2d:40:d2:8b:0e:90:8d:b8:5c:ef:ca: f4:28:59:72:61:15:95:17:62:07:f1:b1:70:3e:d2:85:14:4e: 21:84:c8:8a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL+6l6/G3jQo/7gWAeKCcTtr9bkMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxNFoX DTI3MDMwMzA2MjExNFowMzExMC8GA1UEAxMoMDM3QjQzNTNBREJCNEVEMjkyMjc5 MkQyMkQ1Mzc5QzdCOUFEMUMyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaTcFcmFtjZYFKsgtuxd6b3Gu6aMLNuB5E9nyyTsnPH174hR1CPzn5BScff Iotbt68itVg/gZ+q6K/xr9+wV2ZKSlt/K8rkEXCWZcUkEmBV+hrkt+WcxHDwi2UI S9lzmOCtXxWsogONmI/gG69Ym8zFtT7gdtzeulQxsVlohEj3TOUg69U9oZhd+vKz 9dCpCBhtbLQ2+QLoCpW3GTBrIu+/7xLJtzNhawjXwKjYmSNLhbuu6jBUMLtXQQmI jJ/YzavgWmmdDlhQjSZotxeXLW1yeR0yQpcOnhi3nkp3D1WGecvnDlOrxctsHR54 ax5leEW9z5SlSd4upcDW4WgmDZ8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQDe0NT rbtO0pInktItU3nHua0cLzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEyNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qawwDQYJKoZIhvcNAQELBQADggEBAEfeKQfAFmS2YesnIs536UarW3+LfdA2ZZya ebNxyXOLCGYh69gX+ttZSKwN4QljJflUr+XLCQxW7EpOEicXqlbCp9TvAu9sjWaU EzNt3XkP85hPTCFyTJxBWFpy5mOm7xiVhGvPyf+VrpVvi1c8pNrBCS23V+FtVnXo oLb8qnUPQAEQlUaDwsIe2yEsp5mS5gij2bw47lIPh7KJPbQBYqD/4c3eDEMIWNhD 7pTeUIVRo1XSMZ2S8qgUGJYSL2TjM2Ufweqtl6hoD5ABTF+WXT+cqeu8syE+ozJz BY8fFs0tQNKLDpCNuFzvyvQoWXJhFZUXYgfxsXA+0oUUTiGEyIo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:44 2026 by rpki-client