$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145225.roa File: AS145225.roa (raw, json) Hash identifier: 6Ss3W5gXy6W+f5ie0KS0dA9Y1H5zNSWHrz5Ey6Rad6k= Subject key identifier: 67:20:0C:7D:A2:08:1B:A7:72:B8:B3:31:20:7B:D6:02:47:84:74:D3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1DD9E5E8CCB6CA87C1218D18EFD10371EB2CA1A0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145225.roa Signing time: Wed 04 Mar 2026 06:22:12 +0000 ROA not before: Wed 04 Mar 2026 06:17:12 +0000 ROA not after: Wed 03 Mar 2027 06:22:12 +0000 asID: 145225 IP address blocks: 240a:aa0f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d9:e5:e8:cc:b6:ca:87:c1:21:8d:18:ef:d1:03:71:eb:2c:a1:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:12 2026 GMT Not After : Mar 3 06:22:12 2027 GMT Subject: CN=67200C7DA2081BA772B8B331207BD602478474D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fa:be:1f:12:5d:ad:81:6d:d8:c1:84:f1:d3: a8:7a:ef:2e:1e:c2:71:9a:43:e9:b1:8f:a9:36:e6: be:61:d8:47:91:7b:46:a4:5b:af:44:a5:27:e1:9f: 77:a2:fc:36:d5:53:cf:39:89:2f:1b:6a:c8:35:f1: 4f:82:63:bd:82:6b:fa:f7:96:33:33:ef:d2:d2:a0: af:51:d0:5f:b1:ae:6d:12:46:70:64:f4:94:a1:ee: 88:9a:95:07:dd:24:b0:62:5d:7c:a6:f0:49:b3:f0: f7:d8:4d:77:3a:b0:56:b3:eb:80:0d:bd:fc:c4:7a: 54:14:3d:73:ce:e8:34:9b:43:9e:b7:0d:28:57:09: d5:90:34:b6:86:02:b5:50:06:2c:48:e2:36:8e:0c: 0b:41:a9:3f:3d:67:eb:d4:0f:e0:36:7f:f8:a6:58: 0a:23:12:78:33:65:b6:3f:49:be:29:02:49:4a:b1: 7a:58:75:b5:8d:0f:51:7a:ca:37:aa:53:c4:59:56: 6c:0b:3a:1b:26:1a:03:09:63:08:82:a8:8e:07:2f: 01:d4:0a:05:6c:50:e2:ef:cb:1b:15:a1:4c:c9:26: 1e:f3:cb:81:3f:e3:51:05:27:b3:f2:a4:da:2e:5c: 2b:86:59:c5:a5:9d:ea:c9:9e:8e:07:f4:d4:fb:34: 8e:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:20:0C:7D:A2:08:1B:A7:72:B8:B3:31:20:7B:D6:02:47:84:74:D3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145225.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa0f::/32 Signature Algorithm: sha256WithRSAEncryption dc:61:2c:df:5e:46:99:e8:b4:bf:7d:be:e8:ba:52:e0:e2:9a: a4:a7:69:19:60:f9:b9:32:d7:d6:d2:b3:59:eb:21:3c:70:4f: bc:78:96:81:a1:b5:dd:d6:db:0f:5f:50:93:d0:ba:27:36:b1: 90:0b:e6:8d:db:7d:89:5e:e4:64:5f:99:bf:c0:3d:f5:5e:89: 76:39:9b:7c:80:01:fb:bd:29:f7:5b:ef:08:7e:ac:dd:57:5a: 4d:8d:bc:b5:02:a2:75:71:9c:06:59:43:1b:ac:d9:50:d7:41: 01:79:b7:6c:28:c6:d9:f9:10:73:01:a9:13:d2:10:28:f0:97: fe:53:ef:45:1a:16:fb:ee:09:04:a2:5b:61:ef:4a:ff:fe:bf: 25:8c:03:f4:56:38:9a:96:fb:c9:5e:6e:a4:4d:aa:88:c8:8e: f6:e6:0f:e0:c5:e1:b9:71:2b:b1:75:b7:26:e0:1a:cf:97:1d: ef:35:02:8f:48:03:a3:58:a8:77:a7:65:52:6d:f1:68:a7:8b: e5:26:07:56:cd:75:4b:ce:2f:fe:84:6e:23:ec:30:cb:de:59: dd:34:df:f5:d0:55:e6:38:39:2b:40:5b:96:1b:6c:6e:1b:b9: ce:d6:cb:af:97:39:57:8e:bf:9f:48:12:6f:86:eb:66:67:b2: 72:b3:7e:23 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHdnl6My2yofBIY0Y79EDcessoaAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxMloX DTI3MDMwMzA2MjIxMlowMzExMC8GA1UEAxMoNjcyMDBDN0RBMjA4MUJBNzcyQjhC MzMxMjA3QkQ2MDI0Nzg0NzREMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALz6vh8SXa2BbdjBhPHTqHrvLh7CcZpD6bGPqTbmvmHYR5F7RqRbr0SlJ+Gf d6L8NtVTzzmJLxtqyDXxT4JjvYJr+veWMzPv0tKgr1HQX7GubRJGcGT0lKHuiJqV B90ksGJdfKbwSbPw99hNdzqwVrPrgA29/MR6VBQ9c87oNJtDnrcNKFcJ1ZA0toYC tVAGLEjiNo4MC0GpPz1n69QP4DZ/+KZYCiMSeDNltj9JvikCSUqxelh1tY0PUXrK N6pTxFlWbAs6GyYaAwljCIKojgcvAdQKBWxQ4u/LGxWhTMkmHvPLgT/jUQUns/Kk 2i5cK4ZZxaWd6smejgf01Ps0jgkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRnIAx9 oggbp3K4szEge9YCR4R00zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qg8wDQYJKoZIhvcNAQELBQADggEBANxhLN9eRpnotL99vui6UuDimqSnaRlg+bky 19bSs1nrITxwT7x4loGhtd3W2w9fUJPQuic2sZAL5o3bfYle5GRfmb/APfVeiXY5 m3yAAfu9Kfdb7wh+rN1XWk2NvLUConVxnAZZQxus2VDXQQF5t2woxtn5EHMBqRPS ECjwl/5T70UaFvvuCQSiW2HvSv/+vyWMA/RWOJqW+8lebqRNqojIjvbmD+DF4blx K7F1tybgGs+XHe81Ao9IA6NYqHenZVJt8Wini+UmB1bNdUvOL/6EbiPsMMveWd00 3/XQVeY4OStAW5YbbG4buc7Wy6+XOVeOv59IEm+G62ZnsnKzfiM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:07 2026 by rpki-client