$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145253.roa File: AS145253.roa (raw, json) Hash identifier: MRsUz00nGhBymYT2IDiyg2J9qgV+q8sCuJBIfECk2Qg= Subject key identifier: 28:01:DC:94:9F:23:D3:F1:8D:AB:A5:3D:B6:32:86:C8:29:1D:F2:AA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 68978DBF57F102D8DA837FA8499D278E19A61021 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145253.roa Signing time: Wed 04 Mar 2026 06:20:37 +0000 ROA not before: Wed 04 Mar 2026 06:15:37 +0000 ROA not after: Wed 03 Mar 2027 06:20:37 +0000 asID: 145253 IP address blocks: 240a:aa2b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:97:8d:bf:57:f1:02:d8:da:83:7f:a8:49:9d:27:8e:19:a6:10:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:37 2026 GMT Not After : Mar 3 06:20:37 2027 GMT Subject: CN=2801DC949F23D3F18DABA53DB63286C8291DF2AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:80:32:e8:77:58:20:0f:fd:02:ad:41:f0:c1: cc:c6:4e:9a:32:60:bf:8d:e6:e5:3f:12:e0:bf:df: 17:57:f0:a1:96:8c:78:2b:99:b5:3a:b6:66:51:29: d8:0a:2b:f9:84:bb:79:26:2c:db:ed:f3:a1:c4:6f: 95:70:b2:43:c1:89:7b:f1:22:08:0c:b5:8a:90:6a: 0b:24:f1:9a:fa:61:e0:e8:a4:cc:90:44:c7:c8:9b: 37:17:2c:25:ac:79:85:d1:e5:df:77:76:55:57:4e: 40:00:b7:b9:e9:89:27:4f:47:a3:d8:d3:50:1c:a2: de:b3:f0:fc:fc:57:d5:0c:6a:fb:61:5c:84:c8:17: a1:a3:ed:fd:23:de:2c:0a:54:c5:58:fa:39:42:99: 53:9a:1a:9d:7a:f1:3b:53:f4:28:30:d6:d5:8f:4b: 4c:61:2c:f3:21:33:af:12:48:e7:d8:43:2c:27:5e: af:63:53:58:27:f3:ab:c7:fe:ab:e3:cd:42:2b:9d: bd:3a:a1:c4:27:46:5f:8a:e4:62:60:f6:15:1f:9a: bc:ce:41:d9:4d:08:20:8a:77:51:f6:7f:7a:b9:3f: 48:9b:75:d3:5f:76:07:e9:50:ea:fd:08:2d:7c:5d: 66:94:2c:a6:0d:1d:9f:95:07:87:4d:07:2e:56:4d: 8f:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:01:DC:94:9F:23:D3:F1:8D:AB:A5:3D:B6:32:86:C8:29:1D:F2:AA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145253.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa2b::/32 Signature Algorithm: sha256WithRSAEncryption 0c:67:e0:79:cc:38:9e:c1:c5:ac:90:b3:24:d0:a8:65:45:b3: d4:94:2f:98:ac:05:b5:29:b4:f4:77:38:16:47:6d:64:ab:a4: c7:1a:ca:15:87:6d:06:88:20:20:5c:95:94:37:d2:f0:c3:04: b8:ec:75:c1:e6:7f:85:05:9d:5f:41:ef:3e:ae:ea:96:f1:3e: ea:56:99:89:14:3f:c9:e2:d5:76:fc:9c:c3:b0:b1:01:a6:30: d7:6c:f8:28:34:8f:19:aa:89:85:e6:d9:52:d8:24:b5:cc:62: 64:cc:32:0e:29:c9:94:09:ee:48:22:2e:aa:8e:45:90:b3:a6: 12:22:4a:c0:93:26:1e:e6:3a:0b:90:88:8c:9a:80:40:c8:34: ef:2b:6d:55:5d:51:c0:90:da:98:cd:1f:d5:27:ed:c4:59:81: f4:2c:5b:4b:3a:9b:b9:01:fd:c5:1a:26:53:36:4e:02:88:52: 7c:f0:54:a1:c2:01:c2:cb:f9:f3:86:ea:46:8c:98:9d:28:81: ac:88:f6:f7:af:62:2a:11:59:5e:7e:86:6d:b3:2d:02:36:65: a6:cd:0b:2f:05:26:fa:85:4c:b0:43:34:5f:8b:4d:3a:45:d0: 62:8e:3d:b2:61:d9:d9:27:a7:d0:88:ab:1e:dd:49:57:2f:6d: 87:05:c9:56 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaJeNv1fxAtjag3+oSZ0njhmmECEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzN1oX DTI3MDMwMzA2MjAzN1owMzExMC8GA1UEAxMoMjgwMURDOTQ5RjIzRDNGMThEQUJB NTNEQjYzMjg2QzgyOTFERjJBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANuAMuh3WCAP/QKtQfDBzMZOmjJgv43m5T8S4L/fF1fwoZaMeCuZtTq2ZlEp 2Aor+YS7eSYs2+3zocRvlXCyQ8GJe/EiCAy1ipBqCyTxmvph4OikzJBEx8ibNxcs Jax5hdHl33d2VVdOQAC3uemJJ09Ho9jTUByi3rPw/PxX1Qxq+2FchMgXoaPt/SPe LApUxVj6OUKZU5oanXrxO1P0KDDW1Y9LTGEs8yEzrxJI59hDLCder2NTWCfzq8f+ q+PNQiudvTqhxCdGX4rkYmD2FR+avM5B2U0IIIp3UfZ/erk/SJt10192B+lQ6v0I LXxdZpQspg0dn5UHh00HLlZNj9MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQoAdyU nyPT8Y2rpT22MobIKR3yqjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qiswDQYJKoZIhvcNAQELBQADggEBAAxn4HnMOJ7BxayQsyTQqGVFs9SUL5isBbUp tPR3OBZHbWSrpMcayhWHbQaIICBclZQ30vDDBLjsdcHmf4UFnV9B7z6u6pbxPupW mYkUP8ni1Xb8nMOwsQGmMNds+Cg0jxmqiYXm2VLYJLXMYmTMMg4pyZQJ7kgiLqqO RZCzphIiSsCTJh7mOguQiIyagEDINO8rbVVdUcCQ2pjNH9Un7cRZgfQsW0s6m7kB /cUaJlM2TgKIUnzwVKHCAcLL+fOG6kaMmJ0ogayI9vevYioRWV5+hm2zLQI2ZabN Cy8FJvqFTLBDNF+LTTpF0GKOPbJh2dknp9CIqx7dSVcvbYcFyVY= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:25 2026 by rpki-client