$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145215.roa File: AS145215.roa (raw, json) Hash identifier: XyAI0tmy9r1HQQ6iu0YVLNm+I6NlpctdgbMSnOyLJvk= Subject key identifier: A3:90:7A:EA:22:BA:F8:9A:FD:20:86:9E:F6:76:4A:F8:C3:60:B2:9A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 29FF152D9AF09B41946A761F149C637AE398B8B3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145215.roa Signing time: Wed 04 Mar 2026 06:20:20 +0000 ROA not before: Wed 04 Mar 2026 06:15:20 +0000 ROA not after: Wed 03 Mar 2027 06:20:20 +0000 asID: 145215 IP address blocks: 240a:aa05::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:ff:15:2d:9a:f0:9b:41:94:6a:76:1f:14:9c:63:7a:e3:98:b8:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:20 2026 GMT Not After : Mar 3 06:20:20 2027 GMT Subject: CN=A3907AEA22BAF89AFD20869EF6764AF8C360B29A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:02:e1:e8:ba:e3:c1:59:4e:c7:66:85:d9:6a: 98:29:4f:4c:df:3b:30:5b:c5:54:df:ac:39:e9:30: 4c:59:ec:31:22:a9:a3:54:96:99:83:d8:59:1f:a4: ab:3d:17:44:32:73:19:81:53:00:b6:18:d1:74:7a: 49:6f:32:aa:3b:a3:b8:0f:eb:b9:eb:cf:f8:ee:58: 42:e0:ec:14:8a:99:cc:76:a5:36:76:0c:1e:a5:73: 0b:c2:c9:48:14:3e:20:10:13:c0:a7:02:8b:bb:71: 02:f8:db:59:1b:a4:f8:e2:19:87:fe:4f:a3:e2:ab: 5e:97:fc:32:56:db:17:ed:66:a1:19:5d:b4:a0:8e: ed:e4:01:d0:0d:22:90:47:58:99:ca:f6:ba:26:6f: 8c:3c:7c:ad:8d:63:9d:e3:60:1c:42:78:de:e8:f0: ed:e9:f0:57:e0:f7:d5:58:86:8b:ef:bb:d5:bc:94: fe:de:c3:36:23:ff:54:c1:7e:99:2c:e2:8d:27:c4: c4:3a:8c:07:98:67:de:8d:09:7f:13:ed:f1:e3:76: 55:f5:d6:62:2f:a0:5a:c5:1f:6c:87:ab:64:c2:89: f2:94:1b:29:84:f2:f7:f9:f4:cd:86:33:10:bb:dd: 1f:4e:13:f8:83:b2:25:64:00:15:86:17:0d:65:9e: 4a:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:90:7A:EA:22:BA:F8:9A:FD:20:86:9E:F6:76:4A:F8:C3:60:B2:9A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145215.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa05::/32 Signature Algorithm: sha256WithRSAEncryption a0:dd:ef:f9:2f:cf:75:f9:f9:8a:1c:84:c5:6e:59:a9:73:59: 4e:38:7e:6c:36:ce:90:34:49:3d:7a:37:c2:64:d2:fa:f3:94: f4:84:26:5b:62:fb:6e:3c:4a:3c:36:3b:10:e9:5a:93:4b:fd: 5d:a5:be:4e:f9:25:38:ea:4c:d9:cb:1a:c5:65:b1:31:c2:ef: f2:0e:37:97:9f:e2:59:b4:72:00:04:ad:ed:2c:f1:0a:69:2e: 2e:7b:cc:f8:b1:27:f4:91:aa:15:d5:74:f0:ba:f9:93:2a:ff: 0d:ca:36:52:32:50:13:95:6c:67:8a:3d:30:6e:92:09:0f:0c: 40:11:1b:58:66:a3:5c:01:cd:b5:bd:e1:46:f1:e0:66:cb:72: e6:be:d0:16:52:1d:f4:fb:6f:48:11:70:5a:07:41:6e:32:c2: 1c:40:b4:bb:92:0e:27:73:4d:90:af:71:3a:6e:b4:8e:9a:6c: cb:6b:76:ab:0f:8d:68:12:30:c0:58:b7:ec:66:85:b5:01:09: 69:82:d2:2c:3a:36:85:d2:b5:0e:e8:b4:d2:ac:78:9f:95:b3: d9:e0:3a:4b:44:6c:e2:b6:88:e1:f2:5a:7d:72:0a:19:f4:66: 44:74:ac:67:2c:3c:ea:9d:a6:8c:61:25:ca:d3:3d:44:76:da: fe:40:61:3b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKf8VLZrwm0GUanYfFJxjeuOYuLMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyMFoX DTI3MDMwMzA2MjAyMFowMzExMC8GA1UEAxMoQTM5MDdBRUEyMkJBRjg5QUZEMjA4 NjlFRjY3NjRBRjhDMzYwQjI5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIwC4ei648FZTsdmhdlqmClPTN87MFvFVN+sOekwTFnsMSKpo1SWmYPYWR+k qz0XRDJzGYFTALYY0XR6SW8yqjujuA/ruevP+O5YQuDsFIqZzHalNnYMHqVzC8LJ SBQ+IBATwKcCi7txAvjbWRuk+OIZh/5Po+KrXpf8MlbbF+1moRldtKCO7eQB0A0i kEdYmcr2uiZvjDx8rY1jneNgHEJ43ujw7enwV+D31ViGi++71byU/t7DNiP/VMF+ mSzijSfExDqMB5hn3o0JfxPt8eN2VfXWYi+gWsUfbIerZMKJ8pQbKYTy9/n0zYYz ELvdH04T+IOyJWQAFYYXDWWeSgUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSjkHrq Irr4mv0ghp72dkr4w2CymjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIxNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qgUwDQYJKoZIhvcNAQELBQADggEBAKDd7/kvz3X5+YochMVuWalzWU44fmw2zpA0 ST16N8Jk0vrzlPSEJlti+248Sjw2OxDpWpNL/V2lvk75JTjqTNnLGsVlsTHC7/IO N5ef4lm0cgAEre0s8QppLi57zPixJ/SRqhXVdPC6+ZMq/w3KNlIyUBOVbGeKPTBu kgkPDEARG1hmo1wBzbW94Ubx4GbLcua+0BZSHfT7b0gRcFoHQW4ywhxAtLuSDidz TZCvcTputI6abMtrdqsPjWgSMMBYt+xmhbUBCWmC0iw6NoXStQ7otNKseJ+Vs9ng OktEbOK2iOHyWn1yChn0ZkR0rGcsPOqdpoxhJcrTPUR22v5AYTs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:50 2026 by rpki-client