$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145255.roa File: AS145255.roa (raw, json) Hash identifier: itdAjwnlApZqVbubgA4/9m0ufd7m6nPxdvtbQEI2w5o= Subject key identifier: 10:B6:FD:D0:E6:19:E3:23:C9:41:96:DB:16:C5:33:AF:A6:5C:1D:AC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2FAFD79D83103F021E80E7B08DCACD48ABCB0D02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145255.roa Signing time: Wed 04 Mar 2026 06:20:03 +0000 ROA not before: Wed 04 Mar 2026 06:15:03 +0000 ROA not after: Wed 03 Mar 2027 06:20:03 +0000 asID: 145255 IP address blocks: 240a:aa2d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:af:d7:9d:83:10:3f:02:1e:80:e7:b0:8d:ca:cd:48:ab:cb:0d:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:03 2026 GMT Not After : Mar 3 06:20:03 2027 GMT Subject: CN=10B6FDD0E619E323C94196DB16C533AFA65C1DAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:01:ac:ca:06:c6:3f:f5:cb:ca:75:1d:30:d4: 11:eb:ef:a6:7f:ac:3f:8e:1a:a5:15:26:c7:ca:e4: 30:11:b8:f9:29:e8:21:86:60:6c:e4:fc:3f:14:81: c2:86:4b:2d:9e:c6:5a:79:c9:6d:2b:1c:c2:31:b2: 7c:48:f6:ed:bc:c6:36:9e:cc:fa:c0:90:67:41:35: b8:0e:e1:24:7d:de:ac:ff:cb:18:b6:b3:5e:bf:cf: f5:88:5c:22:61:fe:b3:4e:0d:c6:a4:3c:52:2b:1c: 65:00:0a:7b:2e:61:72:f8:91:4b:66:86:58:46:8d: 5c:d6:fc:0f:38:8e:0a:6e:1b:15:34:d3:62:8c:59: b9:fd:5a:57:26:49:6f:68:15:59:b1:ea:66:a9:82: b5:51:8d:dd:ca:47:4e:2f:dd:ca:c7:bb:53:16:4d: 81:14:41:c3:18:4e:14:8e:6b:80:ca:14:4b:74:a9: 63:fe:39:1e:4f:e4:35:d0:9b:93:c3:28:35:d5:28: 3b:41:01:92:7c:9c:2e:0c:d1:bb:1e:0a:d8:42:54: de:7a:a4:18:25:82:c8:ad:b8:09:e3:55:6f:c2:97: ee:d6:22:f9:db:47:2c:e7:f6:79:35:68:fe:90:c1: 2a:60:59:76:4d:d1:87:4b:3b:48:50:b6:1e:e8:12: c7:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:B6:FD:D0:E6:19:E3:23:C9:41:96:DB:16:C5:33:AF:A6:5C:1D:AC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145255.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa2d::/32 Signature Algorithm: sha256WithRSAEncryption 2d:77:e8:4b:3b:ab:9e:82:e5:6b:d9:98:aa:72:31:23:c8:e5: 03:36:fd:63:44:dd:5a:64:f0:10:1e:04:b7:f1:fc:6e:8e:a5: 9e:63:8f:86:83:c7:1d:8f:80:df:23:9a:2a:97:08:6a:47:7c: bf:88:58:9b:55:9a:13:dd:d5:34:47:c9:e0:6a:88:55:55:b6: ad:03:86:6f:55:32:22:a1:2e:b4:27:83:74:89:4b:70:9b:1a: 7e:fb:99:95:c8:b5:79:41:f6:4c:76:79:1b:1d:99:91:06:13: c0:9c:94:10:12:58:eb:ac:12:19:fc:79:5f:f1:62:38:6e:e9: f5:bf:65:2b:ac:5f:df:91:2e:e6:f8:81:04:2b:1f:a6:81:3c: 3c:56:5f:2b:2a:f8:0f:d4:1d:2d:ad:28:4d:31:19:f7:8c:91: e7:98:b0:2c:a3:4c:99:06:38:2c:2b:f2:43:21:26:a0:15:24: 0b:62:cb:8c:14:74:ec:69:19:ad:52:61:88:17:0a:02:8e:a4: e9:9d:b9:ec:64:a9:64:97:73:5d:9d:7f:0e:13:d5:f4:c2:5c: dd:37:73:fd:cb:83:70:3a:f7:a4:7d:ea:20:e1:43:40:ee:1e: 62:74:39:45:03:8d:73:cd:e8:be:a8:de:af:f2:2a:3f:38:cb: e2:f7:6d:f4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL6/XnYMQPwIegOewjcrNSKvLDQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwM1oX DTI3MDMwMzA2MjAwM1owMzExMC8GA1UEAxMoMTBCNkZERDBFNjE5RTMyM0M5NDE5 NkRCMTZDNTMzQUZBNjVDMURBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYBrMoGxj/1y8p1HTDUEevvpn+sP44apRUmx8rkMBG4+SnoIYZgbOT8PxSB woZLLZ7GWnnJbSscwjGyfEj27bzGNp7M+sCQZ0E1uA7hJH3erP/LGLazXr/P9Yhc ImH+s04NxqQ8UiscZQAKey5hcviRS2aGWEaNXNb8DziOCm4bFTTTYoxZuf1aVyZJ b2gVWbHqZqmCtVGN3cpHTi/dyse7UxZNgRRBwxhOFI5rgMoUS3SpY/45Hk/kNdCb k8MoNdUoO0EBknycLgzRux4K2EJU3nqkGCWCyK24CeNVb8KX7tYi+dtHLOf2eTVo /pDBKmBZdk3Rh0s7SFC2HugSx08CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQQtv3Q 5hnjI8lBltsWxTOvplwdrDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qi0wDQYJKoZIhvcNAQELBQADggEBAC136Es7q56C5WvZmKpyMSPI5QM2/WNE3Vpk 8BAeBLfx/G6OpZ5jj4aDxx2PgN8jmiqXCGpHfL+IWJtVmhPd1TRHyeBqiFVVtq0D hm9VMiKhLrQng3SJS3CbGn77mZXItXlB9kx2eRsdmZEGE8CclBASWOusEhn8eV/x Yjhu6fW/ZSusX9+RLub4gQQrH6aBPDxWXysq+A/UHS2tKE0xGfeMkeeYsCyjTJkG OCwr8kMhJqAVJAtiy4wUdOxpGa1SYYgXCgKOpOmduexkqWSXc12dfw4T1fTCXN03 c/3Lg3A696R96iDhQ0DuHmJ0OUUDjXPN6L6o3q/yKj84y+L3bfQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:04 2026 by rpki-client