$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145202.roa File: AS145202.roa (raw, json) Hash identifier: Ye48zGAtQs5sIVDRcVeoJbee2ayMfGKIUXTiiYw3kIo= Subject key identifier: E1:D1:F6:41:49:6E:E7:8C:C9:3B:2D:9C:6F:E9:81:F8:DE:7A:F0:3D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 709C0F1CB672BA5BFA5CDE3D88F2CB7D3C99083A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145202.roa Signing time: Wed 04 Mar 2026 06:20:32 +0000 ROA not before: Wed 04 Mar 2026 06:15:32 +0000 ROA not after: Wed 03 Mar 2027 06:20:32 +0000 asID: 145202 IP address blocks: 240a:a9f8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:9c:0f:1c:b6:72:ba:5b:fa:5c:de:3d:88:f2:cb:7d:3c:99:08:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:32 2026 GMT Not After : Mar 3 06:20:32 2027 GMT Subject: CN=E1D1F641496EE78CC93B2D9C6FE981F8DE7AF03D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:cd:56:7e:40:6e:7a:19:92:89:fd:bf:26:15: d6:64:e0:2e:0c:01:5b:eb:ca:2a:a6:5c:4c:b5:ad: 78:e4:00:1a:c8:35:c5:29:f5:dd:01:26:31:40:a2: e4:0a:e1:ec:f2:5b:35:0b:13:8e:97:51:67:42:75: 72:4c:46:cb:c0:e3:b2:2a:0a:20:a3:6c:ba:7b:70: 92:50:09:3c:a7:e3:6c:d0:4a:45:cb:46:9b:a5:7f: 36:f2:e1:6d:37:5e:c5:ce:55:5a:7a:4e:82:08:33: bc:f1:4a:0a:25:80:43:df:2a:24:65:47:2d:c3:bd: e5:12:96:53:a9:74:fa:df:86:51:89:2b:18:f6:3c: 07:ff:3f:84:4a:8c:11:a2:59:fa:63:b9:18:85:50: bb:33:9b:66:0c:94:82:8a:0f:67:dd:fc:a5:a3:12: eb:b0:a3:19:68:bd:74:20:50:81:07:e2:7c:66:4c: 85:ac:ea:81:08:02:d9:70:f7:39:f4:5b:9e:ae:aa: 8a:4b:59:83:b8:cb:7e:43:06:40:fe:d2:82:c6:29: 37:71:a5:28:d2:7b:66:0c:d2:27:05:a1:52:f4:95: 1e:6c:90:af:3b:9d:06:f0:72:ac:2b:29:fc:56:0f: 76:35:58:4a:26:7a:32:d0:33:e7:8d:68:56:83:ab: e3:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D1:F6:41:49:6E:E7:8C:C9:3B:2D:9C:6F:E9:81:F8:DE:7A:F0:3D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145202.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9f8::/32 Signature Algorithm: sha256WithRSAEncryption b5:60:cb:04:14:25:f9:54:43:18:0b:ab:c4:f7:f4:c6:dd:9d: 83:17:3c:5f:db:c9:60:aa:e6:d9:91:c8:8d:60:e5:0a:f6:fe: 33:49:7b:6d:6a:6c:87:c1:0f:e3:69:1a:2a:a7:c9:87:0b:85: 6a:92:6e:8a:13:de:6c:fb:ad:c7:d5:94:76:ef:9d:39:ab:7a: d5:01:39:cf:79:82:12:9b:ca:29:8a:6a:8f:c6:d9:3a:8f:ad: 65:04:b4:f0:5b:9d:c7:7b:7c:83:ae:43:e3:27:fb:6a:f2:6c: 8c:73:de:a8:d9:ba:29:a4:3c:7f:c8:ab:9c:e7:c3:2a:05:d1: 67:e9:35:ca:87:05:b5:04:47:a7:55:6d:58:9f:79:06:50:e7: 06:13:0d:27:7c:c5:c1:2f:ab:88:ef:91:fe:9b:02:21:93:51: 54:7e:e3:8c:cd:ab:14:1b:5f:dd:cb:09:08:1d:af:d3:ed:46: 12:bd:4a:6e:67:80:d1:30:ad:70:2d:f0:a5:66:b8:4a:f2:dd: be:a9:f3:91:61:d7:7e:7f:3a:13:b9:05:b7:4e:d1:43:b7:eb: 12:c1:af:13:d7:b8:e0:72:4f:7e:12:14:8d:df:1f:17:36:04: 76:a1:22:ce:84:e8:14:1b:2b:49:c8:fe:10:33:8c:60:d3:89: 03:26:12:5c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcJwPHLZyulv6XN49iPLLfTyZCDowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzMloX DTI3MDMwMzA2MjAzMlowMzExMC8GA1UEAxMoRTFEMUY2NDE0OTZFRTc4Q0M5M0Iy RDlDNkZFOTgxRjhERTdBRjAzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTNVn5AbnoZkon9vyYV1mTgLgwBW+vKKqZcTLWteOQAGsg1xSn13QEmMUCi 5Arh7PJbNQsTjpdRZ0J1ckxGy8DjsioKIKNsuntwklAJPKfjbNBKRctGm6V/NvLh bTdexc5VWnpOgggzvPFKCiWAQ98qJGVHLcO95RKWU6l0+t+GUYkrGPY8B/8/hEqM EaJZ+mO5GIVQuzObZgyUgooPZ938paMS67CjGWi9dCBQgQfifGZMhazqgQgC2XD3 OfRbnq6qiktZg7jLfkMGQP7SgsYpN3GlKNJ7ZgzSJwWhUvSVHmyQrzudBvByrCsp /FYPdjVYSiZ6MtAz541oVoOr44MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTh0fZB SW7njMk7LZxv6YH43nrwPTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qfgwDQYJKoZIhvcNAQELBQADggEBALVgywQUJflUQxgLq8T39MbdnYMXPF/byWCq 5tmRyI1g5Qr2/jNJe21qbIfBD+NpGiqnyYcLhWqSbooT3mz7rcfVlHbvnTmretUB Oc95ghKbyimKao/G2TqPrWUEtPBbncd7fIOuQ+Mn+2rybIxz3qjZuimkPH/Iq5zn wyoF0WfpNcqHBbUER6dVbVifeQZQ5wYTDSd8xcEvq4jvkf6bAiGTUVR+44zNqxQb X93LCQgdr9PtRhK9Sm5ngNEwrXAt8KVmuEry3b6p85Fh135/OhO5BbdO0UO36xLB rxPXuOByT34SFI3fHxc2BHahIs6E6BQbK0nI/hAzjGDTiQMmElw= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:29 2026 by rpki-client