$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145138.roa File: AS145138.roa (raw, json) Hash identifier: kqLVAH89jdFGPSLS6Frdx3kS/luHV1w1kI5M8qUZT64= Subject key identifier: 64:3A:EF:1A:53:CF:8F:79:ED:07:7A:6A:A6:D2:96:A4:76:1E:E1:E0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A9BE420C52D300A1679F2A7B27E915A10897FB5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145138.roa Signing time: Wed 04 Mar 2026 06:19:54 +0000 ROA not before: Wed 04 Mar 2026 06:14:54 +0000 ROA not after: Wed 03 Mar 2027 06:19:54 +0000 asID: 145138 IP address blocks: 240a:a9b8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:9b:e4:20:c5:2d:30:0a:16:79:f2:a7:b2:7e:91:5a:10:89:7f:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:54 2026 GMT Not After : Mar 3 06:19:54 2027 GMT Subject: CN=643AEF1A53CF8F79ED077A6AA6D296A4761EE1E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b8:3f:51:ce:f3:d8:1c:90:74:a1:1b:9a:ec: 48:46:7e:de:08:78:c2:db:10:3c:f2:01:87:e8:5f: 9c:8a:25:b8:97:a7:05:f5:5e:81:48:a5:e5:65:81: 2a:1f:b1:ae:a4:64:81:ef:78:03:9c:90:36:e0:97: 01:8c:e7:31:76:cf:b8:7a:86:dc:8d:37:30:bf:5c: 71:88:83:8d:d2:4b:19:df:e0:a4:9f:41:33:85:74: 9c:61:37:c3:51:d8:15:32:b5:b1:d0:13:09:44:ae: 0c:19:3e:ad:d0:22:e9:9e:a2:90:6e:f5:6b:57:f9: 3d:8f:49:ba:f6:04:5c:f7:15:c2:94:92:f4:07:25: c0:ef:b0:17:d9:b9:30:ee:43:97:c3:30:52:65:b8: 31:9f:94:5f:b4:fd:3c:9c:4f:4b:1d:2b:61:4d:cc: a3:d9:7c:fc:fe:cd:10:82:ed:86:aa:96:5b:be:e2: 14:49:34:79:ca:4d:f4:1a:1f:d8:83:6b:c1:64:d6: 33:c6:a5:53:9b:4d:4a:18:42:90:42:2e:2a:f2:42: 39:bb:08:34:71:69:85:1c:cf:23:43:47:0d:3b:c2: 37:54:62:4f:09:ee:eb:64:b3:14:b8:e2:5b:fb:d4: fa:34:83:54:fc:e2:97:a3:8b:26:7a:f6:39:8b:27: 18:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:3A:EF:1A:53:CF:8F:79:ED:07:7A:6A:A6:D2:96:A4:76:1E:E1:E0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9b8::/32 Signature Algorithm: sha256WithRSAEncryption 86:c7:3a:84:f9:c6:c1:a3:4d:ed:59:7e:73:6d:41:31:48:e6: 26:78:0d:7d:cb:b6:29:00:79:96:78:af:f8:5e:e3:94:8a:99: 6f:56:08:a9:66:1e:12:7d:dd:70:71:19:06:78:65:96:2d:c1: f2:4a:c1:42:9e:b7:4d:ab:e7:d8:d8:a3:53:4f:95:83:81:79: 68:31:4b:1a:f0:31:cf:2e:7a:ed:10:39:d5:f1:e3:48:af:86: 07:3d:0c:d5:9b:11:47:ac:2c:26:14:b9:5d:d4:17:12:68:3b: 9d:3e:30:f4:2d:2c:74:44:c4:f8:01:08:fb:8b:ac:6a:59:59: 68:31:2d:a6:a7:d2:cb:ba:e2:5b:ef:29:da:f0:49:1d:13:1f: e8:43:cd:55:5b:9c:cf:8d:1f:f2:d7:52:bc:4f:93:dd:45:68: c0:ab:54:4c:42:e5:a3:31:a5:39:78:9b:28:ad:91:26:db:65: 70:53:26:3c:33:fc:b1:ce:dd:ce:29:93:ea:76:bf:d8:96:c3: 04:44:c2:f7:ae:89:88:5a:50:4a:cb:90:93:03:80:c5:df:e5: 63:91:c7:c9:1e:21:82:f0:77:05:13:d4:e6:95:5c:4b:c4:95: 82:6a:18:6a:12:9a:5f:7c:d9:f1:ce:c2:c5:fa:be:67:41:6d: 7c:db:26:b5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKpvkIMUtMAoWefKnsn6RWhCJf7UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1NFoX DTI3MDMwMzA2MTk1NFowMzExMC8GA1UEAxMoNjQzQUVGMUE1M0NGOEY3OUVEMDc3 QTZBQTZEMjk2QTQ3NjFFRTFFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMm4P1HO89gckHShG5rsSEZ+3gh4wtsQPPIBh+hfnIoluJenBfVegUil5WWB Kh+xrqRkge94A5yQNuCXAYznMXbPuHqG3I03ML9ccYiDjdJLGd/gpJ9BM4V0nGE3 w1HYFTK1sdATCUSuDBk+rdAi6Z6ikG71a1f5PY9JuvYEXPcVwpSS9AclwO+wF9m5 MO5Dl8MwUmW4MZ+UX7T9PJxPSx0rYU3Mo9l8/P7NEILthqqWW77iFEk0ecpN9Bof 2INrwWTWM8alU5tNShhCkEIuKvJCObsINHFphRzPI0NHDTvCN1RiTwnu62SzFLji W/vU+jSDVPzil6OLJnr2OYsnGBsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRkOu8a U8+Pee0Hemqm0pakdh7h4DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qbgwDQYJKoZIhvcNAQELBQADggEBAIbHOoT5xsGjTe1ZfnNtQTFI5iZ4DX3LtikA eZZ4r/he45SKmW9WCKlmHhJ93XBxGQZ4ZZYtwfJKwUKet02r59jYo1NPlYOBeWgx SxrwMc8ueu0QOdXx40ivhgc9DNWbEUesLCYUuV3UFxJoO50+MPQtLHRExPgBCPuL rGpZWWgxLaan0su64lvvKdrwSR0TH+hDzVVbnM+NH/LXUrxPk91FaMCrVExC5aMx pTl4myitkSbbZXBTJjwz/LHO3c4pk+p2v9iWwwREwveuiYhaUErLkJMDgMXf5WOR x8keIYLwdwUT1OaVXEvElYJqGGoSml982fHOwsX6vmdBbXzbJrU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:15 2026 by rpki-client