$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145214.roa File: AS145214.roa (raw, json) Hash identifier: ZxmKue/JMbOMx1rizXCACc5pSReay++TvqC1ukKRvjg= Subject key identifier: 86:03:CB:55:9A:3A:D5:15:A7:B1:56:A2:48:DF:39:AC:22:88:8C:2A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 02536F7F456B2694D348E41EDFB8C3C2A196650E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145214.roa Signing time: Wed 04 Mar 2026 06:20:55 +0000 ROA not before: Wed 04 Mar 2026 06:15:55 +0000 ROA not after: Wed 03 Mar 2027 06:20:55 +0000 asID: 145214 IP address blocks: 240a:aa04::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:53:6f:7f:45:6b:26:94:d3:48:e4:1e:df:b8:c3:c2:a1:96:65:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:55 2026 GMT Not After : Mar 3 06:20:55 2027 GMT Subject: CN=8603CB559A3AD515A7B156A248DF39AC22888C2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bb:3e:09:ca:0d:6a:14:7c:82:ef:47:e8:47: 73:9a:3b:58:e1:7b:e3:bd:50:56:c5:8c:86:52:48: e3:90:ef:2e:2f:a2:4c:18:4d:5d:6a:e6:79:09:18: d2:74:de:4b:af:c1:83:2d:b4:7c:2d:a0:18:55:a6: 9c:c5:46:39:de:f6:c1:ab:87:b4:bc:5d:64:32:1e: 4f:00:ad:45:28:8b:1e:60:d8:a9:13:84:d6:c7:a9: 6b:a5:cf:79:cb:bb:a5:81:91:3f:5f:cb:f3:7c:74: a1:97:ae:2b:4e:1b:13:4a:3e:1e:b9:7e:d1:24:18: 94:e1:e6:d0:9a:3f:0f:f8:4f:59:17:e1:e4:ba:08: 58:10:5f:b8:87:b7:d9:b0:79:d0:72:96:79:cc:55: 56:e4:4c:4a:06:5b:9d:52:57:65:c4:3b:c9:30:47: cd:4b:e2:bb:05:1c:be:b0:b4:a1:98:2e:ed:c8:d2: 0a:94:10:b2:29:a1:9b:15:4b:11:55:31:d6:cf:af: b7:e9:05:28:9b:f9:45:13:45:2f:ff:9f:75:9a:bb: d5:c8:86:92:69:da:39:e5:df:71:9a:ff:79:96:1e: fe:43:41:c1:37:06:b7:30:c1:29:60:bb:dd:82:35: fa:a7:e4:60:0d:b6:74:a7:05:df:0e:32:ec:05:d7: 5d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:03:CB:55:9A:3A:D5:15:A7:B1:56:A2:48:DF:39:AC:22:88:8C:2A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145214.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa04::/32 Signature Algorithm: sha256WithRSAEncryption 02:5d:22:4a:b5:5e:af:1a:05:62:4e:40:4a:c5:13:35:a0:df: 89:2b:8a:3d:1f:21:39:9e:4f:d9:2d:9d:bb:37:38:eb:d7:06: c3:26:c6:54:81:45:76:c1:84:14:c5:cd:3a:fe:a2:c2:eb:ec: f3:fe:53:71:b7:49:b2:0d:b4:82:cd:95:27:2e:8a:da:c9:01: 6e:64:56:e9:b5:27:b9:27:f5:54:1f:32:96:06:62:86:80:98: 7a:bc:81:4e:57:d4:b4:32:0d:89:8b:53:a7:1d:c2:16:90:cf: a3:80:0a:af:b8:08:d5:40:b1:fb:02:f8:68:ba:23:05:66:15: cb:ed:54:2d:7d:eb:af:38:e1:63:fb:5d:5d:31:3a:c2:cb:f5: e8:23:36:b1:5a:ec:ba:6c:1d:ed:b0:ae:06:14:c4:e2:fc:9c: 8a:e5:06:98:2d:77:f8:e2:bb:07:c9:21:d6:65:01:ba:8a:db: 05:dc:3d:f8:c8:92:42:d6:c5:c8:71:d6:6e:12:04:04:12:61: 1a:8e:c9:f4:94:06:14:75:5c:0e:c6:eb:ad:bb:9a:e4:04:75: 0d:93:7f:3e:21:4b:b3:4c:81:bd:d7:e0:8c:82:06:f2:3b:e0: b2:31:c3:bb:eb:3f:31:8d:93:46:76:8d:d5:81:59:47:dd:9e: dc:fd:da:59 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAlNvf0VrJpTTSOQe37jDwqGWZQ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1NVoX DTI3MDMwMzA2MjA1NVowMzExMC8GA1UEAxMoODYwM0NCNTU5QTNBRDUxNUE3QjE1 NkEyNDhERjM5QUMyMjg4OEMyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMe7PgnKDWoUfILvR+hHc5o7WOF7471QVsWMhlJI45DvLi+iTBhNXWrmeQkY 0nTeS6/Bgy20fC2gGFWmnMVGOd72wauHtLxdZDIeTwCtRSiLHmDYqROE1sepa6XP ecu7pYGRP1/L83x0oZeuK04bE0o+Hrl+0SQYlOHm0Jo/D/hPWRfh5LoIWBBfuIe3 2bB50HKWecxVVuRMSgZbnVJXZcQ7yTBHzUviuwUcvrC0oZgu7cjSCpQQsimhmxVL EVUx1s+vt+kFKJv5RRNFL/+fdZq71ciGkmnaOeXfcZr/eZYe/kNBwTcGtzDBKWC7 3YI1+qfkYA22dKcF3w4y7AXXXWECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSGA8tV mjrVFaexVqJI3zmsIoiMKjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qgQwDQYJKoZIhvcNAQELBQADggEBAAJdIkq1Xq8aBWJOQErFEzWg34krij0fITme T9ktnbs3OOvXBsMmxlSBRXbBhBTFzTr+osLr7PP+U3G3SbINtILNlScuitrJAW5k Vum1J7kn9VQfMpYGYoaAmHq8gU5X1LQyDYmLU6cdwhaQz6OACq+4CNVAsfsC+Gi6 IwVmFcvtVC1966844WP7XV0xOsLL9egjNrFa7LpsHe2wrgYUxOL8nIrlBpgtd/ji uwfJIdZlAbqK2wXcPfjIkkLWxchx1m4SBAQSYRqOyfSUBhR1XA7G6627muQEdQ2T fz4hS7NMgb3X4IyCBvI74LIxw7vrPzGNk0Z2jdWBWUfdntz92lk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:09 2026 by rpki-client