$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145243.roa File: AS145243.roa (raw, json) Hash identifier: PjnbqICF2/kj7x2MuMp3wegHIJTuKbICMuJWys1dibw= Subject key identifier: EB:6D:DD:DF:B8:FA:46:69:54:AA:75:16:EB:A2:6B:ED:15:7A:6B:C8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2E3C8F5FF863AC60810BB9CDDBA2D22935E968D9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145243.roa Signing time: Wed 04 Mar 2026 06:19:50 +0000 ROA not before: Wed 04 Mar 2026 06:14:50 +0000 ROA not after: Wed 03 Mar 2027 06:19:50 +0000 asID: 145243 IP address blocks: 240a:aa21::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:3c:8f:5f:f8:63:ac:60:81:0b:b9:cd:db:a2:d2:29:35:e9:68:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:50 2026 GMT Not After : Mar 3 06:19:50 2027 GMT Subject: CN=EB6DDDDFB8FA466954AA7516EBA26BED157A6BC8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:63:ab:0b:3a:e7:c6:08:a1:1f:ef:dd:9d:53: ed:7a:97:35:bb:97:09:73:df:40:90:c8:8f:5a:cf: 66:bb:bd:4d:55:7e:90:ee:25:73:e7:15:94:d3:55: bc:3d:80:51:0c:79:b4:55:bb:9b:f5:7f:7f:96:ce: 13:0a:3f:07:00:2c:78:bf:20:13:52:28:04:0a:76: 59:30:01:5c:f9:4b:32:ca:5f:2b:e3:a2:91:08:d5: 4a:8f:fc:bd:19:d6:d7:95:ff:1c:35:ab:e3:7a:ab: 92:09:db:aa:7f:2f:37:91:7a:40:f4:d0:04:48:c5: 5f:7d:f4:16:ed:71:b0:94:12:06:fd:fb:0e:f2:3c: 75:be:68:89:5c:d0:52:1d:db:f8:73:9a:c5:b8:38: 8a:a4:ff:cd:b2:d4:ba:18:57:fd:36:83:89:b4:50: a9:1b:9a:f4:19:88:5f:2a:79:8c:94:14:24:ff:9c: 83:a3:76:f4:90:c6:10:02:d1:4c:bd:1f:a9:a3:c1: 00:ea:c9:2a:38:cb:e3:bb:6f:b2:e3:64:c8:0f:6a: e4:3c:33:d4:8e:80:84:65:59:35:cf:62:86:85:c7: 01:68:72:1f:a4:6a:4a:4d:eb:63:8d:64:fb:68:11: b9:2b:55:5b:ad:6d:be:a8:e8:77:35:09:91:19:63: b1:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:6D:DD:DF:B8:FA:46:69:54:AA:75:16:EB:A2:6B:ED:15:7A:6B:C8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145243.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa21::/32 Signature Algorithm: sha256WithRSAEncryption c1:11:50:2a:14:7c:21:72:c0:5d:50:ac:f8:db:8c:ed:22:74: 19:51:67:32:93:c8:87:81:eb:16:e4:be:a0:61:99:ec:4e:56: ea:19:6f:86:c1:f2:55:d2:af:bf:6d:5b:9f:5d:7d:4a:47:01: d0:44:60:2f:fc:fd:fe:a3:98:16:aa:14:94:eb:d3:d4:30:e1: 04:af:96:18:fb:98:a6:6c:89:80:27:d7:2d:73:56:d4:0f:1b: 46:55:bd:5f:41:c0:2b:13:9c:5e:66:01:5d:fd:61:6f:a7:af: bd:9b:08:df:3d:e2:85:69:c8:2b:fd:62:79:9b:63:31:cb:ee: b4:87:3c:e8:38:bb:74:a3:34:5e:7e:71:a5:32:46:ca:30:0e: 19:df:63:70:8e:64:6f:13:8f:d7:40:61:00:1b:73:ec:52:fd: 35:c1:ea:7f:e7:38:2a:27:f8:ce:5e:96:72:a3:b7:65:aa:3b: 20:60:82:b2:2f:43:13:e9:72:d3:96:75:37:1f:e6:69:00:b1: 07:0a:5a:71:f5:d5:25:8a:bb:86:ea:98:0c:64:a7:08:26:7c: 91:48:0b:12:37:8e:5f:03:31:5a:1f:db:23:53:7a:25:98:67: cf:c4:dd:84:6b:c2:7b:8e:73:3c:5b:21:66:8e:e4:b5:a7:6e: 35:42:6a:59 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULjyPX/hjrGCBC7nN26LSKTXpaNkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1MFoX DTI3MDMwMzA2MTk1MFowMzExMC8GA1UEAxMoRUI2REREREZCOEZBNDY2OTU0QUE3 NTE2RUJBMjZCRUQxNTdBNkJDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5jqws658YIoR/v3Z1T7XqXNbuXCXPfQJDIj1rPZru9TVV+kO4lc+cVlNNV vD2AUQx5tFW7m/V/f5bOEwo/BwAseL8gE1IoBAp2WTABXPlLMspfK+OikQjVSo/8 vRnW15X/HDWr43qrkgnbqn8vN5F6QPTQBEjFX330Fu1xsJQSBv37DvI8db5oiVzQ Uh3b+HOaxbg4iqT/zbLUuhhX/TaDibRQqRua9BmIXyp5jJQUJP+cg6N29JDGEALR TL0fqaPBAOrJKjjL47tvsuNkyA9q5Dwz1I6AhGVZNc9ihoXHAWhyH6RqSk3rY41k +2gRuStVW61tvqjodzUJkRljsdcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTrbd3f uPpGaVSqdRbromvtFXpryDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qiEwDQYJKoZIhvcNAQELBQADggEBAMERUCoUfCFywF1QrPjbjO0idBlRZzKTyIeB 6xbkvqBhmexOVuoZb4bB8lXSr79tW59dfUpHAdBEYC/8/f6jmBaqFJTr09Qw4QSv lhj7mKZsiYAn1y1zVtQPG0ZVvV9BwCsTnF5mAV39YW+nr72bCN894oVpyCv9Ynmb YzHL7rSHPOg4u3SjNF5+caUyRsowDhnfY3COZG8Tj9dAYQAbc+xS/TXB6n/nOCon +M5elnKjt2WqOyBggrIvQxPpctOWdTcf5mkAsQcKWnH11SWKu4bqmAxkpwgmfJFI CxI3jl8DMVof2yNTeiWYZ8/E3YRrwnuOczxbIWaO5LWnbjVCalk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:41 2026 by rpki-client