$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145285.roa File: AS145285.roa (raw, json) Hash identifier: ju0H2W+oNGAMwJAiCzIsR6S7z8sKNxBvndNoQSPs5Ws= Subject key identifier: DE:CB:77:3F:2E:FB:3B:48:71:35:E4:A5:69:AA:06:83:34:21:9B:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0BD495AEA8E2DFE63377F10F94A4A28330AE8012 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145285.roa Signing time: Wed 04 Mar 2026 06:21:39 +0000 ROA not before: Wed 04 Mar 2026 06:16:39 +0000 ROA not after: Wed 03 Mar 2027 06:21:39 +0000 asID: 145285 IP address blocks: 240a:aa4b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:d4:95:ae:a8:e2:df:e6:33:77:f1:0f:94:a4:a2:83:30:ae:80:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:39 2026 GMT Not After : Mar 3 06:21:39 2027 GMT Subject: CN=DECB773F2EFB3B487135E4A569AA068334219B97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ac:62:53:a2:d1:f9:7c:8d:ab:17:f1:48:76: 7f:37:99:3c:6e:f2:53:bd:c7:9c:e6:09:ea:37:36: ce:83:b7:f2:2c:30:94:33:6d:82:51:59:f0:d8:ec: a3:0c:19:93:97:e6:17:26:28:fe:ef:b2:3e:14:66: bd:a2:ae:97:7a:34:1f:09:59:7a:78:aa:8d:ea:a8: 0e:7d:09:78:8f:29:32:d9:4f:a0:a5:42:34:25:c6: 13:fa:b7:8e:42:43:16:9f:45:ed:01:78:92:de:c3: 67:3e:f7:a5:8a:fb:54:d5:27:1d:25:b2:4f:16:d2: 36:2c:75:81:7d:0d:98:d6:9b:a8:2b:88:89:22:ba: 6c:97:8a:82:51:d0:ca:5c:3c:de:b4:3b:2c:e5:c8: a1:fc:78:6f:e6:33:1e:f8:ca:cd:6d:17:1c:e9:14: 28:24:80:d5:9f:b7:ed:20:12:2b:6f:8f:83:f0:5e: a6:64:5c:7b:6d:c0:66:ef:63:30:7b:55:a4:02:3d: a6:e3:65:cb:e8:be:3b:40:51:25:63:af:31:a8:c1: bd:cc:68:c8:88:76:2b:08:93:f5:fa:ba:39:e0:4a: 25:a1:fd:a2:5a:4d:e5:77:f5:28:21:31:7f:42:d8: e0:03:75:43:59:08:d9:6d:e6:97:e1:40:4c:05:5b: ea:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:CB:77:3F:2E:FB:3B:48:71:35:E4:A5:69:AA:06:83:34:21:9B:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145285.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa4b::/32 Signature Algorithm: sha256WithRSAEncryption 0b:56:0e:36:17:96:22:2c:67:a5:84:72:6d:c1:33:98:df:01: 49:e2:d2:d7:eb:37:b9:6a:af:ac:21:b1:89:e7:e3:4c:06:05: 99:ed:36:2c:22:1f:93:fd:70:33:9b:fa:20:2e:3a:80:73:9e: c5:4b:1c:2c:2b:b5:84:a5:2d:1f:9f:13:49:fc:25:fd:c7:c3: a5:24:ab:97:6f:59:39:cb:6c:b2:d4:15:b3:76:2f:3d:ec:88: 69:d4:d7:5c:e9:19:76:58:a3:88:d9:63:42:c0:15:54:a5:bb: 0a:58:2c:85:4f:fb:2b:de:6a:55:50:c1:d1:ad:a0:a1:7b:d3: fd:61:92:ee:df:37:2b:55:9e:c9:09:fb:3d:2c:c9:93:4c:95: 2e:45:df:3f:08:02:8b:17:28:92:0f:c6:8c:66:1a:26:39:32: 65:82:02:e1:e6:69:e9:94:1d:fc:89:f8:00:0a:b7:f6:86:a8: 81:6a:33:42:8a:af:fc:d1:63:a1:1d:5f:e8:3e:5e:a4:a6:24: 95:86:2b:b8:25:0f:d3:09:f4:80:4c:d7:97:0d:55:09:dc:c1: d9:f8:81:3d:23:fd:01:e7:39:22:f6:e9:3b:e0:42:53:4f:0b: c2:1f:f6:62:8e:fd:a1:a7:e4:4d:a7:f3:73:c1:83:e3:15:5b: 7d:f1:af:a4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUC9SVrqji3+Yzd/EPlKSigzCugBIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYzOVoX DTI3MDMwMzA2MjEzOVowMzExMC8GA1UEAxMoREVDQjc3M0YyRUZCM0I0ODcxMzVF NEE1NjlBQTA2ODMzNDIxOUI5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ+sYlOi0fl8jasX8Uh2fzeZPG7yU73HnOYJ6jc2zoO38iwwlDNtglFZ8Njs owwZk5fmFyYo/u+yPhRmvaKul3o0HwlZeniqjeqoDn0JeI8pMtlPoKVCNCXGE/q3 jkJDFp9F7QF4kt7DZz73pYr7VNUnHSWyTxbSNix1gX0NmNabqCuIiSK6bJeKglHQ ylw83rQ7LOXIofx4b+YzHvjKzW0XHOkUKCSA1Z+37SASK2+Pg/BepmRce23AZu9j MHtVpAI9puNly+i+O0BRJWOvMajBvcxoyIh2KwiT9fq6OeBKJaH9olpN5Xf1KCEx f0LY4AN1Q1kI2W3ml+FATAVb6mcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTey3c/ Lvs7SHE15KVpqgaDNCGblzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qkswDQYJKoZIhvcNAQELBQADggEBAAtWDjYXliIsZ6WEcm3BM5jfAUni0tfrN7lq r6whsYnn40wGBZntNiwiH5P9cDOb+iAuOoBznsVLHCwrtYSlLR+fE0n8Jf3Hw6Uk q5dvWTnLbLLUFbN2Lz3siGnU11zpGXZYo4jZY0LAFVSluwpYLIVP+yvealVQwdGt oKF70/1hku7fNytVnskJ+z0syZNMlS5F3z8IAosXKJIPxoxmGiY5MmWCAuHmaemU HfyJ+AAKt/aGqIFqM0KKr/zRY6EdX+g+XqSmJJWGK7glD9MJ9IBM15cNVQncwdn4 gT0j/QHnOSL26TvgQlNPC8If9mKO/aGn5E2n83PBg+MVW33xr6Q= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:14 2026 by rpki-client