$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145270.roa File: AS145270.roa (raw, json) Hash identifier: DXYh5Ep1ghAU9Qj8h4mGoHVSqQdD6BTextxHcf3q5lc= Subject key identifier: 01:1F:72:5A:84:CE:3A:20:ED:55:0C:FC:5F:05:AC:2C:15:F0:00:36 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1A0566B8581762ED6CD4B1C351601B552898106E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145270.roa Signing time: Wed 04 Mar 2026 06:19:51 +0000 ROA not before: Wed 04 Mar 2026 06:14:51 +0000 ROA not after: Wed 03 Mar 2027 06:19:51 +0000 asID: 145270 IP address blocks: 240a:aa3c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:05:66:b8:58:17:62:ed:6c:d4:b1:c3:51:60:1b:55:28:98:10:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:51 2026 GMT Not After : Mar 3 06:19:51 2027 GMT Subject: CN=011F725A84CE3A20ED550CFC5F05AC2C15F00036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:90:3c:dc:7a:61:a6:ec:4f:48:4f:bd:a5:11: 7c:a6:57:54:ae:e2:15:1e:f1:d5:c2:78:be:c4:b8: 98:91:b6:24:4e:a8:6a:d5:6d:10:c0:31:c1:bc:40: ed:01:3e:f8:13:64:98:bf:ce:88:e9:c4:4c:23:32: 69:5e:a3:d0:ab:04:3c:50:c8:ed:45:8a:60:bb:d4: ba:68:95:a5:98:81:9e:11:5c:02:98:1f:77:ba:23: 74:3e:69:33:de:0d:c8:0a:9e:34:94:d1:6e:85:01: ee:42:a9:1b:27:a0:0b:7b:24:7e:f6:7b:b2:e2:23: 1a:10:0f:da:f0:28:45:2c:8d:7e:65:2e:cc:c6:88: d6:1f:df:23:22:00:43:49:cc:15:1b:92:b7:9b:2c: 00:36:c8:57:5f:6d:cf:54:38:a5:c7:1b:0b:74:5b: e4:ca:4a:01:b3:77:1b:53:96:9f:a7:89:e6:db:38: cc:58:42:5e:ca:de:53:86:3e:18:af:2c:9f:31:87: 33:b9:14:0c:ee:15:bf:13:00:5c:ae:03:2e:f3:36: db:40:35:ae:6f:03:29:67:b7:d1:b1:60:e4:e8:7b: 84:68:2a:4f:1a:6d:85:62:46:77:5b:f5:77:16:fa: a8:0e:68:b6:6d:5c:08:ad:65:c7:15:a2:b4:8f:06: b1:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:1F:72:5A:84:CE:3A:20:ED:55:0C:FC:5F:05:AC:2C:15:F0:00:36 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145270.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa3c::/32 Signature Algorithm: sha256WithRSAEncryption 98:84:0b:68:0d:52:61:8e:f9:e8:e0:9a:34:4e:a5:6f:4f:48: 64:69:14:9c:3a:21:0d:b5:a0:1a:c2:df:a4:08:92:f6:2c:cf: 1e:13:3d:cb:fc:61:b7:ce:13:b2:b1:15:36:6c:6b:67:94:64: 19:1b:a0:f5:0d:3e:d7:62:58:bc:6b:2a:b3:18:6a:99:41:d7: c1:25:09:21:65:bf:74:87:2b:b1:2d:5f:1a:35:cf:ef:75:05: a2:8f:5b:a1:76:b8:a5:c2:25:f3:c2:5a:ca:07:77:2e:c4:02: f2:02:b6:93:a8:48:d9:2e:c5:78:77:10:c7:be:7c:c2:11:47: 49:79:8e:93:0e:46:35:87:ac:09:48:0a:11:07:0d:d5:4a:aa: 26:c2:ce:8a:17:75:56:de:a5:35:a2:38:2b:18:0f:53:43:fd: 46:d7:cc:da:55:09:e9:f6:ff:3c:df:ae:9f:99:cd:7b:94:95: 63:30:4c:bf:58:ea:96:49:88:40:1c:29:b5:9d:2f:f3:3f:c5: 0a:70:d7:22:be:7a:19:7c:6e:2d:c5:cc:79:5e:50:97:ad:66: 72:f3:d6:ef:a5:66:88:b2:10:87:a5:6d:b8:68:7e:24:cc:b8: cd:89:60:43:d4:11:bf:6a:77:01:9f:7c:3f:ae:2a:f8:68:c5: 38:fd:ba:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGgVmuFgXYu1s1LHDUWAbVSiYEG4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1MVoX DTI3MDMwMzA2MTk1MVowMzExMC8GA1UEAxMoMDExRjcyNUE4NENFM0EyMEVENTUw Q0ZDNUYwNUFDMkMxNUYwMDAzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANOQPNx6YabsT0hPvaURfKZXVK7iFR7x1cJ4vsS4mJG2JE6oatVtEMAxwbxA 7QE++BNkmL/OiOnETCMyaV6j0KsEPFDI7UWKYLvUumiVpZiBnhFcApgfd7ojdD5p M94NyAqeNJTRboUB7kKpGyegC3skfvZ7suIjGhAP2vAoRSyNfmUuzMaI1h/fIyIA Q0nMFRuSt5ssADbIV19tz1Q4pccbC3Rb5MpKAbN3G1OWn6eJ5ts4zFhCXsreU4Y+ GK8snzGHM7kUDO4VvxMAXK4DLvM220A1rm8DKWe30bFg5Oh7hGgqTxpthWJGd1v1 dxb6qA5otm1cCK1lxxWitI8GsRsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQBH3Ja hM46IO1VDPxfBawsFfAANjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qjwwDQYJKoZIhvcNAQELBQADggEBAJiEC2gNUmGO+ejgmjROpW9PSGRpFJw6IQ21 oBrC36QIkvYszx4TPcv8YbfOE7KxFTZsa2eUZBkboPUNPtdiWLxrKrMYaplB18El CSFlv3SHK7EtXxo1z+91BaKPW6F2uKXCJfPCWsoHdy7EAvICtpOoSNkuxXh3EMe+ fMIRR0l5jpMORjWHrAlIChEHDdVKqibCzooXdVbepTWiOCsYD1ND/UbXzNpVCen2 /zzfrp+ZzXuUlWMwTL9Y6pZJiEAcKbWdL/M/xQpw1yK+ehl8bi3FzHleUJetZnLz 1u+lZoiyEIelbbhofiTMuM2JYEPUEb9qdwGffD+uKvhoxTj9ugg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:49 2026 by rpki-client