$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145278.roa File: AS145278.roa (raw, json) Hash identifier: Tk+ZjdpZh0TlqyOKkXwMiSl/HCUJgDvNC5n8414+c/M= Subject key identifier: 0C:D2:A5:51:2C:29:A6:9A:02:4D:7A:9D:DF:40:F5:8B:C0:BA:57:FA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7BF85A0C3ECEC2D41E99DD234FC8575AEA5EFA11 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145278.roa Signing time: Wed 04 Mar 2026 06:21:48 +0000 ROA not before: Wed 04 Mar 2026 06:16:48 +0000 ROA not after: Wed 03 Mar 2027 06:21:48 +0000 asID: 145278 IP address blocks: 240a:aa44::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:f8:5a:0c:3e:ce:c2:d4:1e:99:dd:23:4f:c8:57:5a:ea:5e:fa:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:48 2026 GMT Not After : Mar 3 06:21:48 2027 GMT Subject: CN=0CD2A5512C29A69A024D7A9DDF40F58BC0BA57FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:55:d5:70:7e:dc:c9:68:77:a3:20:88:e1:4c: 70:22:77:ad:f0:7d:ea:2f:8e:37:c6:bc:5d:67:e3: 0f:c4:f6:8b:bc:dd:b2:eb:3b:8d:02:f8:ed:ac:8f: e9:3f:b7:c0:f3:5e:68:c4:0f:73:5f:46:97:84:e2: 00:ae:50:94:f1:06:c0:c2:0b:77:45:52:15:f8:e8: 3a:8d:be:42:b1:9c:76:fb:2b:83:5b:a8:c8:66:5a: e4:1d:09:37:62:ac:95:66:b6:2c:50:bf:a5:ec:88: a8:8c:b3:e2:39:bd:01:c6:0c:a1:a8:21:44:60:2b: 54:bd:a6:fe:81:88:41:e1:a3:76:c2:6d:60:26:b7: 14:52:ec:e5:fb:91:cb:0a:c0:71:01:8e:6c:8e:16: 82:2d:f1:0e:59:c1:fb:43:f9:f0:33:c1:63:fd:a0: 8f:12:02:12:9a:4a:c2:1b:a1:95:3f:20:8f:d6:69: 0e:ce:66:ce:e7:92:b5:fb:d8:5d:10:15:27:33:9f: 19:7e:ab:94:b3:dc:de:17:2f:f8:1b:66:ce:36:9f: a0:07:06:e5:79:a5:e1:aa:eb:76:d9:b8:60:83:5f: 53:14:91:30:9e:40:e6:0b:d2:e3:48:13:b7:72:b5: bc:c4:43:b3:8b:20:29:91:ef:7b:f4:3b:64:09:09: 01:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:D2:A5:51:2C:29:A6:9A:02:4D:7A:9D:DF:40:F5:8B:C0:BA:57:FA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145278.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa44::/32 Signature Algorithm: sha256WithRSAEncryption 6e:38:ef:05:b9:d2:53:0e:4d:fb:54:a8:65:50:95:27:e8:b7: 9f:70:ca:60:49:d9:a2:3d:dd:e5:8f:84:2f:fc:aa:fa:91:14: 0f:b1:32:8d:c7:bb:cd:37:57:93:e9:ba:b0:95:73:6b:e0:a2: 98:27:12:06:44:43:73:ca:c3:cf:1d:61:f5:ca:23:3c:76:7b: 66:4b:de:06:34:12:dd:2a:aa:c0:b4:9d:9d:f9:fc:be:14:48: bc:37:4c:ee:6e:af:5a:24:0a:49:9f:ba:f1:f8:28:94:7e:8e: f2:9c:f3:eb:88:2a:dc:59:48:04:42:a7:67:6c:96:70:2b:e9: d5:bb:7e:50:80:b6:5d:68:de:a1:2c:7c:7a:2f:3b:c0:d9:34: f1:68:16:14:21:d4:46:6b:2c:63:3b:06:85:3d:67:e9:32:24: a3:db:93:1e:28:d5:fc:c5:e3:41:0a:7b:c7:c4:71:cf:a5:20: f4:d8:43:bd:72:ca:a5:2c:6c:35:31:41:86:3e:12:79:c7:6f: e1:db:4e:ad:6a:33:09:52:19:41:88:30:1e:72:25:8f:c5:0b: 9a:c1:17:46:d3:01:2b:0c:fc:d6:94:b5:f0:a9:96:d2:d3:98: e4:a8:10:55:06:f6:74:c8:6d:59:dc:e2:ab:6b:b9:d6:50:ae: a5:37:52:0b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUe/haDD7OwtQemd0jT8hXWupe+hEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0OFoX DTI3MDMwMzA2MjE0OFowMzExMC8GA1UEAxMoMENEMkE1NTEyQzI5QTY5QTAyNEQ3 QTlEREY0MEY1OEJDMEJBNTdGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9V1XB+3Mlod6MgiOFMcCJ3rfB96i+ON8a8XWfjD8T2i7zdsus7jQL47ayP 6T+3wPNeaMQPc19Gl4TiAK5QlPEGwMILd0VSFfjoOo2+QrGcdvsrg1uoyGZa5B0J N2KslWa2LFC/peyIqIyz4jm9AcYMoaghRGArVL2m/oGIQeGjdsJtYCa3FFLs5fuR ywrAcQGObI4Wgi3xDlnB+0P58DPBY/2gjxICEppKwhuhlT8gj9ZpDs5mzueStfvY XRAVJzOfGX6rlLPc3hcv+BtmzjafoAcG5Xml4arrdtm4YINfUxSRMJ5A5gvS40gT t3K1vMRDs4sgKZHve/Q7ZAkJAU0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQM0qVR LCmmmgJNep3fQPWLwLpX+jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qkQwDQYJKoZIhvcNAQELBQADggEBAG447wW50lMOTftUqGVQlSfot59wymBJ2aI9 3eWPhC/8qvqRFA+xMo3Hu803V5PpurCVc2vgopgnEgZEQ3PKw88dYfXKIzx2e2ZL 3gY0Et0qqsC0nZ35/L4USLw3TO5ur1okCkmfuvH4KJR+jvKc8+uIKtxZSARCp2ds lnAr6dW7flCAtl1o3qEsfHovO8DZNPFoFhQh1EZrLGM7BoU9Z+kyJKPbkx4o1fzF 40EKe8fEcc+lIPTYQ71yyqUsbDUxQYY+EnnHb+HbTq1qMwlSGUGIMB5yJY/FC5rB F0bTASsM/NaUtfCpltLTmOSoEFUG9nTIbVnc4qtrudZQrqU3Ugs= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:41 2026 by rpki-client