$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145279.roa File: AS145279.roa (raw, json) Hash identifier: nzwobCkVPziESGTf3afJXdFFO/QXTG5P47HE510d9ks= Subject key identifier: 1C:B8:F2:00:A0:ED:C7:AD:1B:A3:62:C8:E9:6D:AE:4E:25:04:13:26 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6C23941FC28AFA339027454668F8A4E49804D224 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145279.roa Signing time: Wed 04 Mar 2026 06:22:28 +0000 ROA not before: Wed 04 Mar 2026 06:17:28 +0000 ROA not after: Wed 03 Mar 2027 06:22:28 +0000 asID: 145279 IP address blocks: 240a:aa45::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:23:94:1f:c2:8a:fa:33:90:27:45:46:68:f8:a4:e4:98:04:d2:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:28 2026 GMT Not After : Mar 3 06:22:28 2027 GMT Subject: CN=1CB8F200A0EDC7AD1BA362C8E96DAE4E25041326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b2:10:a8:ce:ad:b9:31:16:a3:d4:7c:3a:99: aa:ff:53:a7:69:41:12:56:32:3b:7f:7b:2d:3f:09: ce:a4:8d:30:2d:8f:67:20:62:2c:87:30:4c:f7:67: 61:03:cd:ae:88:b6:86:e5:fb:80:7c:00:61:fe:06: 62:56:77:d3:e1:fa:de:f9:7d:f2:6e:f1:61:be:be: d2:3b:04:03:88:b7:54:11:66:32:b1:cc:a8:34:b4: 27:d2:2a:8f:6a:3c:1e:a4:5e:73:00:5e:af:e4:95: f6:44:c0:16:23:6b:c2:b1:8c:1c:89:33:cf:40:7f: 0f:4c:be:d7:24:d9:45:28:d3:26:15:2a:df:b9:a3: c0:1a:ae:3f:3a:18:5d:39:93:d6:78:94:d9:6b:1c: eb:d5:3e:47:c5:1a:ad:98:bd:b8:93:40:9a:f1:52: 4f:13:2d:fa:e1:94:61:eb:a0:44:b6:59:c5:ed:53: 98:fb:85:3e:31:ae:35:55:25:84:52:18:9b:73:52: 24:83:a0:42:e6:fb:91:32:d1:39:a7:87:13:0b:5d: 51:17:79:6d:90:69:96:cd:79:e1:22:9f:a3:62:1e: 80:76:cb:5e:26:c1:bb:be:1d:f5:f7:bd:ab:fb:71: ce:f4:df:09:8b:15:4e:cd:18:56:d4:77:b8:1b:10: cc:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:B8:F2:00:A0:ED:C7:AD:1B:A3:62:C8:E9:6D:AE:4E:25:04:13:26 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145279.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa45::/32 Signature Algorithm: sha256WithRSAEncryption 46:72:06:12:25:0a:3d:49:ba:f6:b3:fb:a9:5d:7b:b5:cf:c5: bb:9d:f4:b3:51:bc:be:a2:3d:ae:45:0b:a8:6f:49:e6:15:95: 2d:d2:90:41:c9:9e:4d:0b:d2:93:49:3f:86:86:52:f9:bb:c5: 37:f4:92:2e:53:07:d0:9e:d8:ac:a3:fb:6b:4e:e8:c4:0e:4c: b6:33:55:8a:09:20:98:ac:b8:e3:c2:33:7d:fd:c0:d0:cd:87: 87:40:f0:08:82:cd:e2:76:a8:c5:9e:60:f1:46:11:15:d1:f9: 1e:05:37:5c:56:c4:5c:0b:03:a2:5b:9d:0f:4b:40:59:2e:85: bc:c6:f2:d2:f0:00:7c:fa:df:5d:fe:0d:7e:66:42:c4:7b:ac: 3a:8c:94:6c:75:3b:af:5c:cf:d9:0b:99:fd:53:fc:fc:bc:09: 90:e8:a7:47:79:9c:33:61:f9:42:73:64:02:43:c8:ae:c7:ab: 42:fb:f2:40:52:1d:4b:db:cf:47:af:9b:bd:c2:f4:ec:90:6d: 1f:f9:96:55:4a:ff:cd:a2:12:c2:1b:b0:77:cf:68:a3:78:2d: 8c:70:d9:75:70:90:de:11:e3:0d:65:26:98:85:3e:23:fe:fa: ac:3d:12:2f:c0:2c:ca:92:78:28:e6:dd:4a:46:2c:1e:de:0f: e2:9b:35:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbCOUH8KK+jOQJ0VGaPik5JgE0iQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyOFoX DTI3MDMwMzA2MjIyOFowMzExMC8GA1UEAxMoMUNCOEYyMDBBMEVEQzdBRDFCQTM2 MkM4RTk2REFFNEUyNTA0MTMyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOWyEKjOrbkxFqPUfDqZqv9Tp2lBElYyO397LT8JzqSNMC2PZyBiLIcwTPdn YQPNroi2huX7gHwAYf4GYlZ30+H63vl98m7xYb6+0jsEA4i3VBFmMrHMqDS0J9Iq j2o8HqRecwBer+SV9kTAFiNrwrGMHIkzz0B/D0y+1yTZRSjTJhUq37mjwBquPzoY XTmT1niU2Wsc69U+R8UarZi9uJNAmvFSTxMt+uGUYeugRLZZxe1TmPuFPjGuNVUl hFIYm3NSJIOgQub7kTLROaeHEwtdURd5bZBpls154SKfo2IegHbLXibBu74d9fe9 q/txzvTfCYsVTs0YVtR3uBsQzHcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQcuPIA oO3HrRujYsjpba5OJQQTJjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI3OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qkUwDQYJKoZIhvcNAQELBQADggEBAEZyBhIlCj1Juvaz+6lde7XPxbud9LNRvL6i Pa5FC6hvSeYVlS3SkEHJnk0L0pNJP4aGUvm7xTf0ki5TB9Ce2Kyj+2tO6MQOTLYz VYoJIJisuOPCM339wNDNh4dA8AiCzeJ2qMWeYPFGERXR+R4FN1xWxFwLA6JbnQ9L QFkuhbzG8tLwAHz6313+DX5mQsR7rDqMlGx1O69cz9kLmf1T/Py8CZDop0d5nDNh +UJzZAJDyK7Hq0L78kBSHUvbz0evm73C9OyQbR/5llVK/82iEsIbsHfPaKN4LYxw 2XVwkN4R4w1lJpiFPiP++qw9Ei/ALMqSeCjm3UpGLB7eD+KbNSQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:32 2026 by rpki-client