$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145247.roa File: AS145247.roa (raw, json) Hash identifier: lakoEaBwbMSNrJFKIvMTybKyd4m5N3kTzA+qlHPtBvg= Subject key identifier: 48:6D:10:1F:A2:41:56:8A:0B:1A:FC:00:50:70:F4:38:67:B9:FA:42 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 704AE69D3C726D25A6A1B475AA023F34E2CE1DAA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145247.roa Signing time: Wed 04 Mar 2026 06:20:52 +0000 ROA not before: Wed 04 Mar 2026 06:15:52 +0000 ROA not after: Wed 03 Mar 2027 06:20:52 +0000 asID: 145247 IP address blocks: 240a:aa25::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:4a:e6:9d:3c:72:6d:25:a6:a1:b4:75:aa:02:3f:34:e2:ce:1d:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:52 2026 GMT Not After : Mar 3 06:20:52 2027 GMT Subject: CN=486D101FA241568A0B1AFC005070F43867B9FA42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:b8:64:84:05:a6:9c:31:1b:60:9e:ba:d0:3c: aa:75:5f:cb:67:b8:eb:eb:53:41:16:0f:f3:94:8f: 9c:ca:70:86:76:fe:b8:9d:ad:3e:98:e1:8f:8d:10: 0f:87:6a:a9:6e:2b:82:f1:f6:1a:5f:25:87:de:a8: 44:a9:ea:a0:5d:84:da:b6:4e:e7:a7:de:12:32:51: bc:d7:6c:b0:bf:ae:d6:a7:a2:b1:d6:67:cb:c2:b8: d2:88:f4:9a:90:ee:7b:ef:ae:68:6f:05:e0:ce:f5: fa:69:f0:57:f2:db:85:de:f8:a6:8c:f7:de:12:c5: c4:16:6a:3a:a7:44:12:f2:da:cc:90:37:bc:65:05: 5d:09:73:d7:3d:0f:3d:80:ed:5c:b0:9f:95:f3:28: 23:3c:c7:f4:0d:96:88:db:31:fe:f8:b1:d9:92:73: fb:8e:d7:75:7f:b8:0a:e8:08:24:89:c9:2e:34:0d: f7:17:5c:4f:ba:3f:b9:0d:75:8a:c1:db:f6:0e:dc: 7d:f3:95:c5:65:4b:bd:f6:88:66:bd:48:f8:4c:0c: 7f:bc:f3:0c:c0:ba:ae:af:d8:c7:15:c0:8d:28:ce: 17:fc:01:f2:65:59:d7:af:b7:95:58:f1:81:3f:1b: 13:2f:eb:9a:27:71:fe:90:94:cc:d7:ec:dd:f8:64: 4b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:6D:10:1F:A2:41:56:8A:0B:1A:FC:00:50:70:F4:38:67:B9:FA:42 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145247.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa25::/32 Signature Algorithm: sha256WithRSAEncryption 43:10:6a:3d:69:ed:5f:80:29:c0:cf:62:f7:fa:d5:60:58:5f: 8f:df:8b:45:a5:1f:48:57:44:3b:d0:c2:ae:e3:48:f7:e2:eb: 23:72:4e:51:4a:25:63:f1:19:9f:f1:42:d4:e0:a8:b5:72:a7: 98:d6:82:c5:a1:5d:9c:d5:da:08:e3:8a:ac:b0:c5:8f:30:00: 07:a0:2b:fe:fa:c2:77:9d:61:87:b7:af:f7:4e:e1:79:52:d4: c0:e3:7b:82:9c:a4:50:9b:52:8e:50:84:06:15:14:28:de:2a: c8:f7:2b:09:02:51:2e:2f:37:4e:25:b6:f1:29:eb:03:4a:ef: e4:f0:51:78:dd:a3:dd:69:ed:0b:ba:cc:05:a5:12:16:37:0f: 42:b2:e3:87:0f:19:6d:6e:95:59:af:06:29:36:f5:dd:aa:34: 3a:f5:86:23:41:4a:cc:60:bc:ec:4c:5a:6f:9b:44:97:f2:a1: d3:73:32:33:19:29:e9:29:1c:a3:38:17:02:ed:36:51:2b:88: f7:36:5a:60:7f:dd:2e:e0:09:fb:c3:99:aa:f9:11:0d:b7:97: 88:40:ec:09:8a:91:21:d8:ca:22:e7:8b:b6:df:0e:90:32:57: 59:76:47:c0:14:e9:c9:07:89:74:0d:bf:73:b5:0b:ac:d7:9b: 39:ac:c3:ba -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcErmnTxybSWmobR1qgI/NOLOHaowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1MloX DTI3MDMwMzA2MjA1MlowMzExMC8GA1UEAxMoNDg2RDEwMUZBMjQxNTY4QTBCMUFG QzAwNTA3MEY0Mzg2N0I5RkE0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALa4ZIQFppwxG2CeutA8qnVfy2e46+tTQRYP85SPnMpwhnb+uJ2tPpjhj40Q D4dqqW4rgvH2Gl8lh96oRKnqoF2E2rZO56feEjJRvNdssL+u1qeisdZny8K40oj0 mpDue++uaG8F4M71+mnwV/Lbhd74poz33hLFxBZqOqdEEvLazJA3vGUFXQlz1z0P PYDtXLCflfMoIzzH9A2WiNsx/vix2ZJz+47XdX+4CugIJInJLjQN9xdcT7o/uQ11 isHb9g7cffOVxWVLvfaIZr1I+EwMf7zzDMC6rq/YxxXAjSjOF/wB8mVZ16+3lVjx gT8bEy/rmidx/pCUzNfs3fhkS6kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRIbRAf okFWigsa/ABQcPQ4Z7n6QjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qiUwDQYJKoZIhvcNAQELBQADggEBAEMQaj1p7V+AKcDPYvf61WBYX4/fi0WlH0hX RDvQwq7jSPfi6yNyTlFKJWPxGZ/xQtTgqLVyp5jWgsWhXZzV2gjjiqywxY8wAAeg K/76wnedYYe3r/dO4XlS1MDje4KcpFCbUo5QhAYVFCjeKsj3KwkCUS4vN04ltvEp 6wNK7+TwUXjdo91p7Qu6zAWlEhY3D0Ky44cPGW1ulVmvBik29d2qNDr1hiNBSsxg vOxMWm+bRJfyodNzMjMZKekpHKM4FwLtNlEriPc2WmB/3S7gCfvDmar5EQ23l4hA 7AmKkSHYyiLni7bfDpAyV1l2R8AU6ckHiXQNv3O1C6zXmzmsw7o= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:32 2026 by rpki-client