$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145237.roa File: AS145237.roa (raw, json) Hash identifier: cC1Tiocd2jOse5FQa2Ar1O7UXdJZd3N82ZYytDFeTto= Subject key identifier: 41:1C:1B:75:7B:CB:41:39:06:CF:18:34:D3:C8:63:28:52:D6:DB:A2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7A5B7F9757CC2D4EC5B56C6FFC954639583984FB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145237.roa Signing time: Wed 04 Mar 2026 06:19:33 +0000 ROA not before: Wed 04 Mar 2026 06:14:33 +0000 ROA not after: Wed 03 Mar 2027 06:19:33 +0000 asID: 145237 IP address blocks: 240a:aa1b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:5b:7f:97:57:cc:2d:4e:c5:b5:6c:6f:fc:95:46:39:58:39:84:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:33 2026 GMT Not After : Mar 3 06:19:33 2027 GMT Subject: CN=411C1B757BCB413906CF1834D3C8632852D6DBA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e0:02:c8:b6:a8:53:78:8c:5b:71:10:17:7d: ac:05:db:12:c2:75:4e:3e:b6:d1:d8:80:4e:67:e4: f6:e9:1f:9f:36:43:2a:0c:45:9d:cd:48:73:b6:47: f7:34:da:94:cf:ed:81:ee:5b:c4:10:8a:55:74:6f: 92:1e:45:17:cc:82:bd:db:51:63:dd:67:4a:35:5d: 9f:0a:10:2b:a0:fc:e0:94:35:0e:c4:b5:f2:6e:66: 4d:9a:c7:bd:38:06:01:6f:58:83:99:93:1e:c2:ee: 12:48:8c:ce:ce:ac:c2:ec:62:f6:9c:d7:f5:40:48: 30:fc:c3:36:08:af:13:80:02:3c:09:c6:cc:39:e8: dd:d2:c4:66:81:e0:4c:0d:24:67:67:b0:54:69:2a: 02:19:d2:d7:dd:79:e5:b7:7a:f9:6a:3b:e9:5d:32: 98:60:c9:e9:9d:28:5a:59:87:37:8f:5b:46:4d:34: 93:e5:f5:5a:f2:cc:d8:c6:74:70:43:c1:21:0f:44: 6f:4f:61:ae:eb:e4:8c:76:fd:16:08:f5:4a:b5:f1: 85:f9:06:dd:f6:7c:5d:73:3b:1e:24:74:08:86:9a: 54:2b:ab:bc:bc:0e:04:c5:e3:a2:d3:b3:ed:40:6c: a7:30:5a:11:f0:6e:b1:df:7e:28:3c:02:af:94:31: ab:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:1C:1B:75:7B:CB:41:39:06:CF:18:34:D3:C8:63:28:52:D6:DB:A2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa1b::/32 Signature Algorithm: sha256WithRSAEncryption 0f:91:4d:85:d8:82:84:82:d2:fa:0d:ed:09:9d:01:22:69:89: ad:79:31:39:0c:90:75:2b:05:e6:b3:07:7f:0b:4b:09:01:c4: 86:95:bc:5e:c3:35:51:c6:68:37:88:12:c6:b5:79:b5:9c:2a: d9:79:95:9b:7b:9e:7b:a6:e1:43:41:3f:8f:be:05:d3:fa:b0: b7:1b:69:13:cf:71:0d:a8:56:36:19:0c:66:2e:80:87:e6:d6: d2:bc:2d:55:70:be:ad:5e:96:42:b5:cd:48:67:a2:91:c6:67: 8c:ca:99:00:dc:19:0d:4c:8e:ae:bd:0f:03:64:21:17:9a:aa: 17:07:21:d5:dc:f5:d8:3f:9e:5d:03:d0:66:66:39:3f:9e:60: 73:a2:08:0e:5c:73:19:ca:b5:65:7d:e0:67:88:25:bf:65:0b: 27:53:2a:36:f7:0b:ca:f0:5a:ae:e2:15:c4:7d:c6:17:6a:65: 90:3f:6a:5a:63:f0:91:48:ef:52:43:18:36:af:0d:49:29:99: 5f:92:1f:73:59:48:85:d2:db:d6:19:27:f2:9c:01:6c:a4:2d: 5c:fa:78:03:68:7b:82:3e:dc:1d:04:ec:0d:56:33:d3:b5:19: 2b:2a:97:b6:85:83:96:83:2e:b0:f6:25:e0:ac:aa:6c:c5:17: 43:77:91:47 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUelt/l1fMLU7FtWxv/JVGOVg5hPswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzM1oX DTI3MDMwMzA2MTkzM1owMzExMC8GA1UEAxMoNDExQzFCNzU3QkNCNDEzOTA2Q0Yx ODM0RDNDODYzMjg1MkQ2REJBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMbgAsi2qFN4jFtxEBd9rAXbEsJ1Tj620diATmfk9ukfnzZDKgxFnc1Ic7ZH 9zTalM/tge5bxBCKVXRvkh5FF8yCvdtRY91nSjVdnwoQK6D84JQ1DsS18m5mTZrH vTgGAW9Yg5mTHsLuEkiMzs6swuxi9pzX9UBIMPzDNgivE4ACPAnGzDno3dLEZoHg TA0kZ2ewVGkqAhnS19155bd6+Wo76V0ymGDJ6Z0oWlmHN49bRk00k+X1WvLM2MZ0 cEPBIQ9Eb09hruvkjHb9Fgj1SrXxhfkG3fZ8XXM7HiR0CIaaVCurvLwOBMXjotOz 7UBspzBaEfBusd9+KDwCr5Qxq2sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRBHBt1 e8tBOQbPGDTTyGMoUtbbojAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qhswDQYJKoZIhvcNAQELBQADggEBAA+RTYXYgoSC0voN7QmdASJpia15MTkMkHUr BeazB38LSwkBxIaVvF7DNVHGaDeIEsa1ebWcKtl5lZt7nnum4UNBP4++BdP6sLcb aRPPcQ2oVjYZDGYugIfm1tK8LVVwvq1elkK1zUhnopHGZ4zKmQDcGQ1Mjq69DwNk IReaqhcHIdXc9dg/nl0D0GZmOT+eYHOiCA5ccxnKtWV94GeIJb9lCydTKjb3C8rw Wq7iFcR9xhdqZZA/alpj8JFI71JDGDavDUkpmV+SH3NZSIXS29YZJ/KcAWykLVz6 eANoe4I+3B0E7A1WM9O1GSsql7aFg5aDLrD2JeCsqmzFF0N3kUc= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:42 2026 by rpki-client