$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145220.roa File: AS145220.roa (raw, json) Hash identifier: OLAnKRo9MVB4QeP8b21Ex46jARkM9hs6G11Ofdqo4Ic= Subject key identifier: C7:32:37:D1:E1:20:ED:59:AC:B4:54:DE:D6:21:4E:F1:28:11:88:11 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 40DA1A46DDD9E81E7F218958AE668424FD085ACA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145220.roa Signing time: Wed 04 Mar 2026 06:22:17 +0000 ROA not before: Wed 04 Mar 2026 06:17:17 +0000 ROA not after: Wed 03 Mar 2027 06:22:17 +0000 asID: 145220 IP address blocks: 240a:aa0a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:da:1a:46:dd:d9:e8:1e:7f:21:89:58:ae:66:84:24:fd:08:5a:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:17 2026 GMT Not After : Mar 3 06:22:17 2027 GMT Subject: CN=C73237D1E120ED59ACB454DED6214EF128118811 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d4:83:75:22:af:f3:9d:52:b6:81:6d:ee:75: 59:86:56:81:74:7e:37:47:02:f9:4d:e8:90:49:b6: 78:53:0f:82:f6:6e:1a:ea:f0:1c:27:13:04:4a:8b: 87:bf:f3:30:9d:ec:d4:c6:76:f4:a1:ff:24:6f:36: c6:22:c4:88:af:41:bc:93:67:10:53:18:21:28:a2: 4a:04:7d:f5:2f:27:e9:c7:bd:c2:d5:ff:12:0c:af: be:69:99:7f:71:a6:5c:14:0a:ec:0b:95:97:d1:82: 58:c9:3e:e7:1c:30:d9:4b:2a:8d:74:f1:0d:c5:0a: 98:c1:09:70:40:f7:79:7d:10:c1:58:54:74:0b:68: b4:4c:0f:ea:da:dd:b0:1e:fa:55:7f:94:6b:a4:bb: 7f:f1:81:ab:de:e6:3c:a9:33:1e:44:f9:21:f7:b1: 02:d5:e0:f7:e6:51:76:59:c8:2b:64:7b:82:c5:df: e8:35:17:6c:13:2c:00:2f:7d:45:80:fe:b6:f4:ae: 25:50:b8:90:ee:52:19:43:3d:a6:f9:cc:d0:70:24: 10:66:26:61:e4:31:ff:cf:bd:43:a1:a3:16:b9:b5: b1:33:21:73:e8:d4:f7:6f:c2:d4:42:a3:b8:ce:69: d3:ff:0e:bf:47:e6:d0:e3:80:e6:d0:44:0b:fc:d2: e6:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:32:37:D1:E1:20:ED:59:AC:B4:54:DE:D6:21:4E:F1:28:11:88:11 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145220.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa0a::/32 Signature Algorithm: sha256WithRSAEncryption 87:a3:79:cc:32:ab:cd:25:0e:5c:1c:c6:c7:9e:ef:38:5c:34: 1e:7e:1b:5e:c6:e5:e9:79:bf:e2:67:0d:3d:99:6d:63:f8:ed: 27:df:63:ca:61:dd:11:17:e6:14:e8:1b:d4:f1:51:99:c7:7b: 87:42:ee:ba:df:42:8c:54:5f:bd:de:d4:a5:c0:82:b5:1b:6a: a8:e9:5d:11:c7:b3:42:1e:22:53:1b:f6:6f:99:ef:3e:2f:3c: 91:dd:be:d9:fc:78:0a:10:d7:64:9e:3f:a5:27:d4:ef:4d:42: 67:c6:23:74:4d:2c:4f:cc:ba:7d:e8:0a:67:19:cf:51:28:18: 41:74:a0:4e:8e:d0:82:24:a6:93:85:fd:e8:86:21:ca:6d:b3: 31:47:26:9a:b0:97:b4:eb:ff:a0:a3:4b:79:20:30:bf:ef:b5: 2a:f3:1c:3a:5a:5a:be:a4:77:56:54:36:16:21:7a:ba:8d:ee: 28:45:c7:2b:2d:24:b6:30:f5:c9:c7:35:e8:52:60:40:33:b3: ad:cb:fe:c0:dc:1e:73:da:17:f1:3f:0b:78:47:0a:b9:5f:d1: 29:81:18:52:7e:fa:5d:9f:2d:9e:6b:e6:f3:58:1f:70:07:bb: 89:49:fe:f9:4f:18:83:dd:12:26:e2:8f:cc:b3:fb:5d:a2:d8: fc:f7:35:1d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQNoaRt3Z6B5/IYlYrmaEJP0IWsowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxN1oX DTI3MDMwMzA2MjIxN1owMzExMC8GA1UEAxMoQzczMjM3RDFFMTIwRUQ1OUFDQjQ1 NERFRDYyMTRFRjEyODExODgxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnUg3Uir/OdUraBbe51WYZWgXR+N0cC+U3okEm2eFMPgvZuGurwHCcTBEqL h7/zMJ3s1MZ29KH/JG82xiLEiK9BvJNnEFMYISiiSgR99S8n6ce9wtX/EgyvvmmZ f3GmXBQK7AuVl9GCWMk+5xww2UsqjXTxDcUKmMEJcED3eX0QwVhUdAtotEwP6trd sB76VX+Ua6S7f/GBq97mPKkzHkT5IfexAtXg9+ZRdlnIK2R7gsXf6DUXbBMsAC99 RYD+tvSuJVC4kO5SGUM9pvnM0HAkEGYmYeQx/8+9Q6GjFrm1sTMhc+jU92/C1EKj uM5p0/8Ov0fm0OOA5tBEC/zS5tMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHMjfR 4SDtWay0VN7WIU7xKBGIETAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qgowDQYJKoZIhvcNAQELBQADggEBAIejecwyq80lDlwcxsee7zhcNB5+G17G5el5 v+JnDT2ZbWP47SffY8ph3REX5hToG9TxUZnHe4dC7rrfQoxUX73e1KXAgrUbaqjp XRHHs0IeIlMb9m+Z7z4vPJHdvtn8eAoQ12SeP6Un1O9NQmfGI3RNLE/Mun3oCmcZ z1EoGEF0oE6O0IIkppOF/eiGIcptszFHJpqwl7Tr/6CjS3kgML/vtSrzHDpaWr6k d1ZUNhYherqN7ihFxystJLYw9cnHNehSYEAzs63L/sDcHnPaF/E/C3hHCrlf0SmB GFJ++l2fLZ5r5vNYH3AHu4lJ/vlPGIPdEibij8yz+12i2Pz3NR0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:44 2026 by rpki-client