$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145252.roa File: AS145252.roa (raw, json) Hash identifier: op7O2brXUupAWG/E0XziNyLVGjO87k65OKgPlvmgM44= Subject key identifier: 89:2D:C4:61:8D:BA:91:62:CC:55:6C:3C:24:78:76:18:3C:E9:AC:65 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4135885DFC1223360C520A22DE2CB7D96F0514F0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145252.roa Signing time: Wed 04 Mar 2026 06:19:53 +0000 ROA not before: Wed 04 Mar 2026 06:14:53 +0000 ROA not after: Wed 03 Mar 2027 06:19:53 +0000 asID: 145252 IP address blocks: 240a:aa2a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:35:88:5d:fc:12:23:36:0c:52:0a:22:de:2c:b7:d9:6f:05:14:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:53 2026 GMT Not After : Mar 3 06:19:53 2027 GMT Subject: CN=892DC4618DBA9162CC556C3C247876183CE9AC65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:09:58:52:6b:f6:f3:32:9a:cb:be:ab:e2:76: 05:d0:4a:0b:e0:2a:64:80:dc:72:48:74:e2:73:38: 43:c0:29:f5:4c:bc:f3:0a:bb:3b:46:87:28:da:d0: d7:ba:ca:7f:e7:d5:37:70:67:17:3b:fb:01:1b:46: d6:e4:a5:2c:28:9f:81:5c:9d:5d:75:82:c9:06:15: 1e:ea:7c:29:d3:8c:ba:b7:1f:c6:72:1a:d5:0a:16: ea:45:71:e9:71:62:e9:df:5e:c5:b1:26:4b:13:79: 46:e8:6c:22:58:51:04:d3:4d:c8:4d:59:19:a8:e6: 24:f9:0d:59:50:d4:dd:2c:1e:e0:ab:38:59:29:6d: 36:bb:30:0d:fa:79:00:3d:7a:e0:d6:55:ae:8c:2e: 75:21:c5:eb:de:cd:d2:f8:68:76:c7:5b:2d:79:32: 70:0e:fb:dc:a8:8e:97:5d:b3:9a:b3:36:0e:32:cb: 89:ee:75:a7:5c:48:c5:fc:0f:8c:8f:5e:71:49:62: 8d:b5:91:3f:73:43:9d:06:d9:14:8e:9c:1e:54:be: e2:ee:74:87:30:58:4f:c6:85:ab:f7:44:75:e3:b9: 07:66:94:70:c2:a0:1f:62:fe:e4:c3:b1:1d:2d:83: d3:d0:3e:42:fe:f0:39:4c:1f:d3:c3:92:1b:e5:dd: a6:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:2D:C4:61:8D:BA:91:62:CC:55:6C:3C:24:78:76:18:3C:E9:AC:65 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145252.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa2a::/32 Signature Algorithm: sha256WithRSAEncryption a2:c0:f3:9a:9e:0c:18:8b:6e:8c:84:b9:e0:64:7a:f7:82:2f: 7f:21:17:78:7b:be:f8:7a:c9:78:60:0c:20:ae:b7:78:52:3a: d2:e7:1e:50:89:a3:a8:54:2e:46:1f:50:c4:d9:bd:eb:62:0b: c9:4c:27:23:e4:0d:d9:dd:a3:b9:09:27:a2:29:46:af:a7:53: 22:3a:5e:d4:6f:5e:ce:37:ae:56:33:50:dc:5f:3e:dd:9d:3a: b5:70:1e:df:da:17:36:cf:5d:b9:38:b1:84:d9:6e:58:7e:73: ca:27:84:99:26:cd:0d:48:94:e5:14:35:93:c1:b5:fe:58:30: dc:88:4a:67:a8:d8:3c:5b:8b:c2:2a:d5:fd:05:bd:38:2a:4a: 4d:f8:69:fe:91:35:b1:24:06:d7:1a:2f:37:0f:be:08:29:d0: 1b:5b:1c:c4:93:98:ab:49:b6:04:bf:03:16:32:35:3b:d6:5b: b0:f2:83:a7:32:27:29:ec:2b:6d:84:07:9b:0e:99:7d:73:1e: b2:18:73:e4:ac:49:20:6e:12:36:69:7c:d6:d3:b9:c2:ae:13: 68:0a:e0:60:e4:6d:6a:28:92:03:f0:6f:92:f6:8e:cd:53:ec: aa:f0:90:7a:0f:c9:a4:b9:8b:e1:74:25:b9:3d:5e:85:f7:48: a1:1e:52:f8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQTWIXfwSIzYMUgoi3iy32W8FFPAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1M1oX DTI3MDMwMzA2MTk1M1owMzExMC8GA1UEAxMoODkyREM0NjE4REJBOTE2MkNDNTU2 QzNDMjQ3ODc2MTgzQ0U5QUM2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALkJWFJr9vMymsu+q+J2BdBKC+AqZIDcckh04nM4Q8Ap9Uy88wq7O0aHKNrQ 17rKf+fVN3BnFzv7ARtG1uSlLCifgVydXXWCyQYVHup8KdOMurcfxnIa1QoW6kVx 6XFi6d9exbEmSxN5RuhsIlhRBNNNyE1ZGajmJPkNWVDU3Swe4Ks4WSltNrswDfp5 AD164NZVrowudSHF697N0vhodsdbLXkycA773KiOl12zmrM2DjLLie51p1xIxfwP jI9ecUlijbWRP3NDnQbZFI6cHlS+4u50hzBYT8aFq/dEdeO5B2aUcMKgH2L+5MOx HS2D09A+Qv7wOUwf08OSG+XdplECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSJLcRh jbqRYsxVbDwkeHYYPOmsZTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qiowDQYJKoZIhvcNAQELBQADggEBAKLA85qeDBiLboyEueBkeveCL38hF3h7vvh6 yXhgDCCut3hSOtLnHlCJo6hULkYfUMTZvetiC8lMJyPkDdndo7kJJ6IpRq+nUyI6 XtRvXs43rlYzUNxfPt2dOrVwHt/aFzbPXbk4sYTZblh+c8onhJkmzQ1IlOUUNZPB tf5YMNyISmeo2Dxbi8Iq1f0FvTgqSk34af6RNbEkBtcaLzcPvggp0BtbHMSTmKtJ tgS/AxYyNTvWW7Dyg6cyJynsK22EB5sOmX1zHrIYc+SsSSBuEjZpfNbTucKuE2gK 4GDkbWookgPwb5L2js1T7KrwkHoPyaS5i+F0Jbk9XoX3SKEeUvg= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:33 2026 by rpki-client