$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145286.roa File: AS145286.roa (raw, json) Hash identifier: Rz/qUWpWg72Ic25So8xRpue1Lg4Q8/n5zfm7kR4+AOA= Subject key identifier: 52:D1:08:B7:D2:85:94:EA:1F:7A:90:B3:B8:51:7D:F4:DD:A8:3E:1A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 54DC841AAC8D9DD8EFE36F2B1E633EA06D2FFD71 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145286.roa Signing time: Wed 04 Mar 2026 06:22:07 +0000 ROA not before: Wed 04 Mar 2026 06:17:07 +0000 ROA not after: Wed 03 Mar 2027 06:22:07 +0000 asID: 145286 IP address blocks: 240a:aa4c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:dc:84:1a:ac:8d:9d:d8:ef:e3:6f:2b:1e:63:3e:a0:6d:2f:fd:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:07 2026 GMT Not After : Mar 3 06:22:07 2027 GMT Subject: CN=52D108B7D28594EA1F7A90B3B8517DF4DDA83E1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8d:66:8a:ce:25:68:de:b0:a0:a4:9e:8f:9c: 2d:29:75:ee:a2:02:24:cb:7e:3e:91:6f:30:de:af: 4b:c5:5c:ee:4e:4e:32:e4:d0:4e:6f:9d:ae:91:03: 72:b6:88:54:eb:1d:07:aa:31:51:47:72:5c:2f:dc: 1c:6b:da:23:2c:8e:41:c6:27:4d:3a:bd:ec:d2:e6: 5f:99:79:db:13:37:c4:1c:d8:a3:61:42:58:fa:92: 4a:9c:b3:99:db:13:88:1c:0e:2c:0f:4e:18:c1:07: 40:f5:7e:9a:45:f2:91:6b:2c:8c:ef:3c:d2:18:18: 49:67:40:95:0e:3f:52:38:98:21:a8:8f:93:2b:9f: 58:98:cc:84:b3:54:0d:5f:ec:86:ee:43:4d:da:59: c4:c0:0c:35:dc:cd:9a:1e:10:77:79:50:ad:c7:9c: 71:da:1a:f4:a4:e5:c8:f6:17:c0:46:8a:d3:33:b0: bf:89:f2:5b:82:9a:42:b8:5f:62:ec:06:5b:0f:5d: 12:87:b7:4c:2a:c4:17:49:0d:ce:43:2b:68:04:54: f3:58:e5:ee:96:62:09:1b:aa:10:45:a2:03:26:00: 8d:03:0e:8e:b9:14:77:76:38:bd:a8:76:b5:6e:0e: e2:c7:7e:71:1e:c3:99:81:27:aa:15:ea:18:e1:22: 07:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:D1:08:B7:D2:85:94:EA:1F:7A:90:B3:B8:51:7D:F4:DD:A8:3E:1A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145286.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa4c::/32 Signature Algorithm: sha256WithRSAEncryption b6:ae:34:c3:01:b9:9d:7c:1e:af:c7:90:9a:ac:4f:84:83:b1: f8:39:70:61:01:b1:e6:29:ef:ab:70:b5:61:02:39:ec:ec:bd: 14:d4:02:ea:4d:f1:73:62:55:44:50:23:fc:e7:82:26:46:4c: 64:d6:24:be:95:4f:62:00:75:0c:e8:bc:ed:ed:d5:ad:71:6d: 19:46:ec:f5:2f:c2:c7:b5:1a:f2:2b:11:1f:0b:e0:25:f6:af: cf:e5:d4:e4:5f:3e:03:6c:5d:08:88:ff:ae:15:dd:d5:45:22: 28:e4:87:2d:9f:74:06:c8:28:76:e4:46:80:02:fe:a2:54:79: e0:e6:2c:53:66:90:e3:4f:79:f8:41:0b:a8:77:68:d2:bb:36: 69:07:57:c5:3f:1c:dd:19:c1:10:44:69:d2:98:bc:88:87:03: bf:49:87:cc:79:77:42:0e:fe:c8:b1:bd:86:e5:a2:d6:11:69: 2f:d7:d9:e4:87:78:26:de:7f:9c:40:f5:dd:af:ee:51:81:d6: 21:d7:1d:4e:21:9b:d2:05:09:8e:03:ed:a3:4e:0f:2f:52:ca: ce:65:70:35:a5:4f:00:11:cb:48:6e:cf:78:c2:ef:d9:33:28: fd:48:ed:f1:35:c7:03:b5:24:46:ad:a1:ca:11:87:96:3a:13: d3:1a:c5:b4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVNyEGqyNndjv428rHmM+oG0v/XEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwN1oX DTI3MDMwMzA2MjIwN1owMzExMC8GA1UEAxMoNTJEMTA4QjdEMjg1OTRFQTFGN0E5 MEIzQjg1MTdERjREREE4M0UxQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCNZorOJWjesKCkno+cLSl17qICJMt+PpFvMN6vS8Vc7k5OMuTQTm+drpED craIVOsdB6oxUUdyXC/cHGvaIyyOQcYnTTq97NLmX5l52xM3xBzYo2FCWPqSSpyz mdsTiBwOLA9OGMEHQPV+mkXykWssjO880hgYSWdAlQ4/UjiYIaiPkyufWJjMhLNU DV/shu5DTdpZxMAMNdzNmh4Qd3lQrceccdoa9KTlyPYXwEaK0zOwv4nyW4KaQrhf YuwGWw9dEoe3TCrEF0kNzkMraARU81jl7pZiCRuqEEWiAyYAjQMOjrkUd3Y4vah2 tW4O4sd+cR7DmYEnqhXqGOEiB9sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRS0Qi3 0oWU6h96kLO4UX303ag+GjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qkwwDQYJKoZIhvcNAQELBQADggEBALauNMMBuZ18Hq/HkJqsT4SDsfg5cGEBseYp 76twtWECOezsvRTUAupN8XNiVURQI/zngiZGTGTWJL6VT2IAdQzovO3t1a1xbRlG 7PUvwse1GvIrER8L4CX2r8/l1ORfPgNsXQiI/64V3dVFIijkhy2fdAbIKHbkRoAC /qJUeeDmLFNmkONPefhBC6h3aNK7NmkHV8U/HN0ZwRBEadKYvIiHA79Jh8x5d0IO /sixvYblotYRaS/X2eSHeCbef5xA9d2v7lGB1iHXHU4hm9IFCY4D7aNODy9Sys5l cDWlTwARy0huz3jC79kzKP1I7fE1xwO1JEatocoRh5Y6E9MaxbQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:40 2026 by rpki-client