$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145271.roa File: AS145271.roa (raw, json) Hash identifier: TGvDz3J5t7w3zdr4RMxtIWFdOq41IEdOMDv6TScRD6k= Subject key identifier: CD:01:EA:AC:DD:71:B4:97:79:76:88:44:64:55:36:A4:F8:FC:97:8F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 066733E22B8E18ED62CE8DCECEDC39A37140C611 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145271.roa Signing time: Wed 04 Mar 2026 06:20:00 +0000 ROA not before: Wed 04 Mar 2026 06:15:00 +0000 ROA not after: Wed 03 Mar 2027 06:20:00 +0000 asID: 145271 IP address blocks: 240a:aa3d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:67:33:e2:2b:8e:18:ed:62:ce:8d:ce:ce:dc:39:a3:71:40:c6:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:00 2026 GMT Not After : Mar 3 06:20:00 2027 GMT Subject: CN=CD01EAACDD71B49779768844645536A4F8FC978F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:30:fd:10:8f:97:9d:a4:fa:2e:b0:7f:cd:47: 98:f4:ca:63:ce:c7:5b:db:e8:74:54:c7:4c:57:47: 74:5a:86:f6:3c:cb:c9:a1:3e:06:dd:f7:1b:41:d1: 62:c0:c9:bb:1c:3f:ce:0a:94:8f:a4:64:bb:bd:0e: 15:a1:41:ca:e9:ed:83:7e:bf:a1:18:d3:29:1e:fc: 77:b1:b9:9a:58:56:51:db:84:57:8b:fb:2f:71:0d: ca:89:0f:e5:ba:07:7a:2d:d0:0e:26:99:c4:a2:df: 9d:93:af:ef:83:3a:ed:8e:19:a8:6f:e9:06:3d:55: e8:a0:30:4f:36:82:0a:c2:52:46:94:45:de:40:a1: 25:6a:65:80:9a:57:af:1e:48:a5:bf:aa:42:cf:cf: ba:ea:be:7a:e1:6a:76:69:d3:e0:b8:d5:5c:6d:42: b7:e6:19:fb:16:d7:d5:4f:6c:9e:55:78:d7:62:33: 42:45:c5:c1:3b:72:f0:6b:48:96:1d:da:55:9e:b9: 6a:e6:f9:ba:5d:40:c7:b2:5f:a8:a3:db:f7:9d:9b: 45:33:31:08:fb:7e:8e:d3:6f:16:88:62:60:05:17: 1f:fb:97:75:a6:2b:1a:8c:4e:f9:ee:97:e3:9b:b5: 87:59:9d:a4:12:82:09:51:40:8e:5b:e7:86:84:b0: d7:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:01:EA:AC:DD:71:B4:97:79:76:88:44:64:55:36:A4:F8:FC:97:8F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145271.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa3d::/32 Signature Algorithm: sha256WithRSAEncryption 41:b2:1a:90:f5:fc:2a:cb:0e:a2:f4:61:cb:a3:cb:57:5d:f4: 23:6c:f4:7b:17:45:25:19:23:66:bc:54:ea:43:84:71:63:60: b9:e2:ab:d1:27:9a:ea:47:5f:b3:af:50:a9:07:8f:71:bb:7f: 4d:26:88:ee:af:c0:24:3b:32:18:d5:c5:0d:dd:79:cd:e3:0d: 42:69:98:52:85:12:60:04:27:26:94:1b:b3:45:92:54:ea:b5: b8:c7:cd:1e:fa:14:3e:63:63:f4:1b:7e:7a:22:f7:39:58:9c: cf:3b:90:13:58:5e:c8:4a:d4:ea:5e:e1:fd:37:a5:dd:68:8d: e1:e5:ff:88:3e:02:dc:f3:43:44:bd:e7:66:c6:d5:86:47:03: 0e:ee:e2:ec:d4:de:c9:ee:cc:aa:a2:8c:cf:e5:f6:b0:e2:c4: f6:cc:fe:c8:59:ba:6a:fb:aa:6e:67:e2:4f:e8:a7:d1:80:76: 6f:90:3f:07:84:08:91:54:2e:b6:44:5f:f3:c9:01:14:69:58: 26:52:94:ca:da:c2:8c:12:e8:e8:b2:59:df:c4:a2:63:69:7d: 76:3a:13:a9:77:2d:42:b3:82:0b:99:7a:69:5a:99:9c:d3:35: 2a:8b:ff:b1:b9:dd:16:45:00:36:4e:db:1e:0a:30:79:b4:63: 0b:34:59:86 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBmcz4iuOGO1izo3Oztw5o3FAxhEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwMFoX DTI3MDMwMzA2MjAwMFowMzExMC8GA1UEAxMoQ0QwMUVBQUNERDcxQjQ5Nzc5NzY4 ODQ0NjQ1NTM2QTRGOEZDOTc4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANgw/RCPl52k+i6wf81HmPTKY87HW9vodFTHTFdHdFqG9jzLyaE+Bt33G0HR YsDJuxw/zgqUj6Rku70OFaFByuntg36/oRjTKR78d7G5mlhWUduEV4v7L3ENyokP 5boHei3QDiaZxKLfnZOv74M67Y4ZqG/pBj1V6KAwTzaCCsJSRpRF3kChJWplgJpX rx5Ipb+qQs/Puuq+euFqdmnT4LjVXG1Ct+YZ+xbX1U9snlV412IzQkXFwTty8GtI lh3aVZ65aub5ul1Ax7JfqKPb952bRTMxCPt+jtNvFohiYAUXH/uXdaYrGoxO+e6X 45u1h1mdpBKCCVFAjlvnhoSw18ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNAeqs 3XG0l3l2iERkVTak+PyXjzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qj0wDQYJKoZIhvcNAQELBQADggEBAEGyGpD1/CrLDqL0Ycujy1dd9CNs9HsXRSUZ I2a8VOpDhHFjYLniq9EnmupHX7OvUKkHj3G7f00miO6vwCQ7MhjVxQ3dec3jDUJp mFKFEmAEJyaUG7NFklTqtbjHzR76FD5jY/Qbfnoi9zlYnM87kBNYXshK1Ope4f03 pd1ojeHl/4g+AtzzQ0S952bG1YZHAw7u4uzU3snuzKqijM/l9rDixPbM/shZumr7 qm5n4k/op9GAdm+QPweECJFULrZEX/PJARRpWCZSlMrawowS6OiyWd/EomNpfXY6 E6l3LUKzgguZemlamZzTNSqL/7G53RZFADZO2x4KMHm0Yws0WYY= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:35 2026 by rpki-client