$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145151.roa File: AS145151.roa (raw, json) Hash identifier: QGbNeThVDHYOn05GW7MLEVOd+LGaTn2aE40PcubyVL0= Subject key identifier: A8:2F:57:F2:17:1F:CD:15:D2:AD:2F:6A:AF:A5:F6:15:2D:5F:61:FD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15D6532A5D0680AD18E6663413EA94C80FF9AD18 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145151.roa Signing time: Wed 04 Mar 2026 06:19:23 +0000 ROA not before: Wed 04 Mar 2026 06:14:23 +0000 ROA not after: Wed 03 Mar 2027 06:19:23 +0000 asID: 145151 IP address blocks: 240a:a9c5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:d6:53:2a:5d:06:80:ad:18:e6:66:34:13:ea:94:c8:0f:f9:ad:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:23 2026 GMT Not After : Mar 3 06:19:23 2027 GMT Subject: CN=A82F57F2171FCD15D2AD2F6AAFA5F6152D5F61FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:1c:08:7c:54:18:1e:28:73:58:30:3a:01:a2: 6d:73:5e:f0:4a:76:90:f5:55:2e:84:8d:a5:f1:ca: 05:30:33:c6:6b:5d:bb:ad:2e:b5:2a:a4:2f:35:f0: 20:68:84:02:80:0b:bb:e2:ea:05:2f:40:e2:a6:27: 5e:77:17:92:67:06:cd:f5:68:40:3e:3a:32:e4:aa: 15:38:3d:e6:fe:66:4c:3c:dd:bc:37:4b:51:10:db: 92:f8:fe:f3:3e:32:9f:1e:a6:6d:29:19:00:27:03: d0:77:30:10:6b:2c:2a:f7:48:9a:40:ba:bf:d2:e3: 26:a2:3e:bb:21:07:be:38:73:9c:7f:25:3d:b9:bf: 61:a2:5c:4b:cc:1c:91:c7:c9:ff:c1:63:2a:6c:78: 75:77:b9:94:51:05:1d:c8:86:2c:94:48:6e:e1:16: b6:16:52:d1:0a:86:70:78:60:b2:22:86:81:ef:72: 91:a2:0e:43:46:04:4b:39:99:bd:77:cd:5f:a3:e2: 45:50:50:ff:26:92:0a:06:e2:2a:f3:f4:ad:e0:30: 37:26:83:26:6f:dc:b2:6a:44:a2:bf:0c:6c:73:bd: 2d:43:67:88:48:39:00:6a:42:46:44:01:8e:8c:b0: fa:11:59:59:42:3f:56:a0:cb:5d:82:92:f0:23:af: 17:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:2F:57:F2:17:1F:CD:15:D2:AD:2F:6A:AF:A5:F6:15:2D:5F:61:FD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145151.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9c5::/32 Signature Algorithm: sha256WithRSAEncryption 74:57:0c:22:53:0a:90:25:cd:39:79:f8:95:26:fc:79:06:20: 6c:d4:07:a1:8b:ac:de:fe:51:6d:df:fb:c9:6d:ad:ae:0b:0b: f1:55:5f:36:31:fe:6e:23:d3:f0:eb:e1:5b:77:e9:3f:16:10: 04:30:5c:2b:81:fd:ad:46:5b:6a:12:b1:f6:fa:1c:fc:6c:9f: 7c:8b:c3:c7:4c:5c:c3:2d:a9:05:7f:9d:7a:72:c7:56:f2:11: 9e:2f:e2:48:03:32:a7:6c:a2:73:21:fb:e6:bc:3b:ca:19:1c: 3f:2f:21:ee:79:54:c0:f7:4c:d5:10:36:3e:2e:1a:50:23:97: 07:ef:50:a8:59:a7:7d:b0:e1:e9:39:91:39:f1:c1:37:a4:57: 2c:16:45:c4:6d:01:e7:b8:d4:93:4d:fa:5b:50:e3:42:10:01: 7c:c6:60:65:c4:e6:5f:31:72:46:fc:08:d4:a5:20:f6:6d:76: f3:51:9c:fb:47:b3:56:eb:45:a7:05:b4:3c:13:bd:72:37:9a: 81:76:a9:22:09:c6:d9:57:41:63:2e:22:39:65:9d:a8:94:9e: 15:4c:67:a4:15:f8:5f:b9:c5:9e:2e:9b:3e:90:08:be:12:7f: 02:b9:ec:15:58:54:c3:2d:a2:36:61:70:9b:bb:f6:3a:80:83: e6:8e:77:d7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFdZTKl0GgK0Y5mY0E+qUyA/5rRgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyM1oX DTI3MDMwMzA2MTkyM1owMzExMC8GA1UEAxMoQTgyRjU3RjIxNzFGQ0QxNUQyQUQy RjZBQUZBNUY2MTUyRDVGNjFGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKMcCHxUGB4oc1gwOgGibXNe8Ep2kPVVLoSNpfHKBTAzxmtdu60utSqkLzXw IGiEAoALu+LqBS9A4qYnXncXkmcGzfVoQD46MuSqFTg95v5mTDzdvDdLURDbkvj+ 8z4ynx6mbSkZACcD0HcwEGssKvdImkC6v9LjJqI+uyEHvjhznH8lPbm/YaJcS8wc kcfJ/8FjKmx4dXe5lFEFHciGLJRIbuEWthZS0QqGcHhgsiKGge9ykaIOQ0YESzmZ vXfNX6PiRVBQ/yaSCgbiKvP0reAwNyaDJm/csmpEor8MbHO9LUNniEg5AGpCRkQB joyw+hFZWUI/VqDLXYKS8COvFzECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSoL1fy Fx/NFdKtL2qvpfYVLV9h/TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTE1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qcUwDQYJKoZIhvcNAQELBQADggEBAHRXDCJTCpAlzTl5+JUm/HkGIGzUB6GLrN7+ UW3f+8ltra4LC/FVXzYx/m4j0/Dr4Vt36T8WEAQwXCuB/a1GW2oSsfb6HPxsn3yL w8dMXMMtqQV/nXpyx1byEZ4v4kgDMqdsonMh++a8O8oZHD8vIe55VMD3TNUQNj4u GlAjlwfvUKhZp32w4ek5kTnxwTekVywWRcRtAee41JNN+ltQ40IQAXzGYGXE5l8x ckb8CNSlIPZtdvNRnPtHs1brRacFtDwTvXI3moF2qSIJxtlXQWMuIjllnaiUnhVM Z6QV+F+5xZ4umz6QCL4SfwK57BVYVMMtojZhcJu79jqAg+aOd9c= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:41 2026 by rpki-client