$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145223.roa File: AS145223.roa (raw, json) Hash identifier: Z4I86k4h0IHeWmKWkb2XBNeiLE6lzUWIpvoy0ZJVYLE= Subject key identifier: F5:AB:6D:76:85:C5:3F:02:6B:3E:C7:70:53:3B:B0:D2:56:F2:CF:C7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 391BCCF3A89829910C227AE105595A7D0E055240 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145223.roa Signing time: Wed 04 Mar 2026 06:21:03 +0000 ROA not before: Wed 04 Mar 2026 06:16:03 +0000 ROA not after: Wed 03 Mar 2027 06:21:03 +0000 asID: 145223 IP address blocks: 240a:aa0d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:1b:cc:f3:a8:98:29:91:0c:22:7a:e1:05:59:5a:7d:0e:05:52:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:03 2026 GMT Not After : Mar 3 06:21:03 2027 GMT Subject: CN=F5AB6D7685C53F026B3EC770533BB0D256F2CFC7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f9:5e:f2:0d:d1:fa:5d:1d:8d:25:31:d3:e5: ca:7c:07:7b:b0:fd:9e:c4:70:70:aa:53:59:56:62: 2a:61:1d:e2:28:8b:83:1f:b1:37:c4:0a:ac:fc:e5: 30:80:e8:b7:e8:1f:a9:ad:95:7e:6e:74:b8:01:9e: 16:0b:09:5e:76:d2:28:71:3d:c9:1d:76:9d:7c:84: e4:9d:46:9e:8b:a8:b2:52:a5:ea:56:6f:1c:51:b4: 17:b3:6e:b7:7f:ad:b6:52:8b:42:09:00:ed:09:c2: 41:f3:65:17:03:77:a4:f3:38:43:5d:f2:1f:ea:03: 64:2f:65:16:0e:8b:f8:71:de:d6:a6:62:2f:91:45: 8a:15:3c:f3:2d:f4:12:17:b5:3e:7c:14:ab:c6:f4: da:e0:ae:27:45:eb:31:b7:da:87:8a:0e:ab:dc:b1: 2f:9f:db:14:44:6c:37:4d:f0:e6:a0:1c:10:ba:44: 11:54:da:c0:a0:2c:ad:43:35:19:18:24:39:39:39: 93:24:ff:c0:3d:a9:1c:8e:42:30:08:f5:5c:3f:4b: 85:37:36:41:dd:cf:fe:01:c5:72:75:7d:ea:54:a9: cd:02:39:2d:55:e1:05:7b:66:21:74:b7:bf:81:7a: b1:dc:31:c6:10:1c:d0:51:b9:73:3a:e0:cd:93:04: a8:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:AB:6D:76:85:C5:3F:02:6B:3E:C7:70:53:3B:B0:D2:56:F2:CF:C7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145223.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa0d::/32 Signature Algorithm: sha256WithRSAEncryption d3:f9:79:41:db:20:47:f2:0f:b1:f4:97:1e:90:05:c2:0c:63: bb:bc:4c:7a:f2:f0:4c:66:f4:1f:f9:54:0b:17:e2:76:6c:23: 99:85:59:cc:52:8b:27:6d:75:e7:ee:d4:c7:48:4a:cd:b7:01: a4:5c:42:a1:d3:21:97:fb:ab:b9:5a:fb:b8:2b:e8:fe:32:50: ef:46:87:6a:a2:4b:28:20:27:cd:ba:a0:04:72:e1:25:e7:37: 32:b1:0a:27:de:a6:cb:77:15:3e:4b:d3:c3:32:98:a7:db:87: 20:49:9f:87:8e:96:08:6d:24:74:9c:bd:77:d8:22:30:b5:36: 5f:8a:7c:e4:18:82:a0:f9:e7:92:5d:fb:28:cd:07:13:42:c0: cf:5c:47:1c:f6:7f:e3:8b:08:b1:5a:fd:58:98:5a:e2:12:4b: 75:f0:ae:d4:fd:b1:55:5b:83:53:80:11:55:4f:be:37:81:ef: fb:2a:82:36:d7:48:6c:b5:8d:0d:ef:0a:2f:6c:59:60:8d:b4: 51:45:6e:98:2e:7e:55:e9:12:11:88:ca:50:3e:49:ba:ae:e0: b1:b3:8d:e2:77:b2:db:53:9f:db:29:95:59:2f:1d:41:15:8b: f5:b2:8d:ae:3e:9b:bc:aa:6d:60:47:09:2b:02:27:b1:96:ff: 5f:47:81:42 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUORvM86iYKZEMInrhBVlafQ4FUkAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYwM1oX DTI3MDMwMzA2MjEwM1owMzExMC8GA1UEAxMoRjVBQjZENzY4NUM1M0YwMjZCM0VD NzcwNTMzQkIwRDI1NkYyQ0ZDNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALv5XvIN0fpdHY0lMdPlynwHe7D9nsRwcKpTWVZiKmEd4iiLgx+xN8QKrPzl MIDot+gfqa2Vfm50uAGeFgsJXnbSKHE9yR12nXyE5J1GnouoslKl6lZvHFG0F7Nu t3+ttlKLQgkA7QnCQfNlFwN3pPM4Q13yH+oDZC9lFg6L+HHe1qZiL5FFihU88y30 Ehe1PnwUq8b02uCuJ0XrMbfah4oOq9yxL5/bFERsN03w5qAcELpEEVTawKAsrUM1 GRgkOTk5kyT/wD2pHI5CMAj1XD9LhTc2Qd3P/gHFcnV96lSpzQI5LVXhBXtmIXS3 v4F6sdwxxhAc0FG5czrgzZMEqC0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT1q212 hcU/Ams+x3BTO7DSVvLPxzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qg0wDQYJKoZIhvcNAQELBQADggEBANP5eUHbIEfyD7H0lx6QBcIMY7u8THry8Exm 9B/5VAsX4nZsI5mFWcxSiydtdefu1MdISs23AaRcQqHTIZf7q7la+7gr6P4yUO9G h2qiSyggJ826oARy4SXnNzKxCifepst3FT5L08MymKfbhyBJn4eOlghtJHScvXfY IjC1Nl+KfOQYgqD555Jd+yjNBxNCwM9cRxz2f+OLCLFa/ViYWuISS3XwrtT9sVVb g1OAEVVPvjeB7/sqgjbXSGy1jQ3vCi9sWWCNtFFFbpguflXpEhGIylA+Sbqu4LGz jeJ3sttTn9splVkvHUEVi/Wyja4+m7yqbWBHCSsCJ7GW/19HgUI= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:24 2026 by rpki-client