$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145291.roa File: AS145291.roa (raw, json) Hash identifier: GO30u15EU/8yI9x48USO8yTZ54mSX2vm3ydjDSppklY= Subject key identifier: EC:02:55:7B:13:B2:DF:A3:67:0E:B9:17:F2:21:8C:D3:92:46:C3:CB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 22F5AC83838D3331749AB06CABA36A0808E7B5C5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145291.roa Signing time: Wed 04 Mar 2026 06:20:36 +0000 ROA not before: Wed 04 Mar 2026 06:15:36 +0000 ROA not after: Wed 03 Mar 2027 06:20:36 +0000 asID: 145291 IP address blocks: 240a:aa51::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:f5:ac:83:83:8d:33:31:74:9a:b0:6c:ab:a3:6a:08:08:e7:b5:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:36 2026 GMT Not After : Mar 3 06:20:36 2027 GMT Subject: CN=EC02557B13B2DFA3670EB917F2218CD39246C3CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:84:98:49:e6:38:f9:e9:29:13:e2:56:b1:ed: 78:4b:b6:74:b4:6d:99:c4:1f:69:a1:36:30:0b:6d: a2:3b:5d:33:f3:23:40:6e:0f:a8:52:60:69:83:99: 3d:84:5c:d3:9a:da:2b:98:2a:d5:cb:17:cf:0d:86: 63:75:6f:ec:95:b0:54:7d:c7:cf:87:f9:23:4d:a2: ad:94:f5:e0:0b:4b:8c:64:d8:aa:a1:8e:7c:c9:4c: 5d:b0:11:47:25:28:bf:7c:46:ab:fa:63:7c:87:a4: c5:73:f2:d9:35:4a:60:cf:04:78:15:cd:76:b4:65: ac:e0:4c:2c:c1:c7:fb:2f:7b:ab:41:5c:9e:3f:72: f9:f9:12:ad:d1:4b:b7:cc:15:6b:c5:c8:ab:2e:72: be:f3:aa:4c:ee:e4:39:c5:43:b5:eb:08:ea:60:11: a0:97:08:4e:fa:49:9a:85:43:70:2c:a0:a8:b0:21: fc:5e:9e:bb:c2:21:dd:bd:9d:9b:14:3d:11:d2:db: ec:fb:41:e1:3c:9a:b4:82:df:fa:b2:27:9a:db:00: 13:df:5c:0e:3a:95:a3:35:7a:36:1a:02:97:49:83: 25:4e:95:e6:6d:e3:57:3a:f6:e2:15:64:b4:06:55: e1:9c:1c:a4:35:c5:75:70:23:ab:71:fe:c1:9e:6b: e9:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:02:55:7B:13:B2:DF:A3:67:0E:B9:17:F2:21:8C:D3:92:46:C3:CB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145291.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa51::/32 Signature Algorithm: sha256WithRSAEncryption 68:87:a1:d7:f9:7a:19:78:12:bd:85:ba:4d:5b:da:e6:5c:f1: a9:82:a2:9d:e7:74:2b:96:14:45:c3:16:23:2d:fa:fe:ef:bd: a4:f8:f4:1e:6e:9c:5f:12:34:36:02:a1:73:37:1b:5b:05:87: fb:4b:3c:4f:63:b4:8e:a9:41:34:2a:dc:fd:fb:e2:bd:15:bc: 10:e9:09:e7:4c:86:b2:2d:1f:4d:d9:9d:75:c6:e3:6f:44:14: ae:bd:c8:8e:e9:c6:59:2a:16:da:f5:37:4b:db:69:50:44:ae: c6:5d:19:e3:61:3e:b0:7f:ee:50:ac:a2:53:d6:88:cd:ec:dc: 47:8d:fb:9c:66:6b:6d:74:d7:a2:9a:95:2c:a8:00:ca:8d:99: f6:cf:19:50:c7:8b:78:fa:3e:f1:6b:5e:e5:fd:45:ec:bb:15: 24:0b:4b:66:d5:30:46:c2:9b:c8:51:14:31:34:c7:dc:2c:e5: 02:ae:d5:56:f0:f2:30:8e:d7:de:69:1a:e1:b7:2c:ad:be:e5: 65:09:44:4e:72:84:af:23:f3:a7:67:10:ef:fa:02:d9:75:3a: a3:56:58:73:cd:4b:bd:4a:1d:23:23:e1:7c:e2:ea:6f:cc:72: bf:b6:45:c0:07:11:c0:57:7a:59:86:a4:de:97:48:d3:06:d9: 1e:c6:4e:63 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIvWsg4ONMzF0mrBsq6NqCAjntcUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzNloX DTI3MDMwMzA2MjAzNlowMzExMC8GA1UEAxMoRUMwMjU1N0IxM0IyREZBMzY3MEVC OTE3RjIyMThDRDM5MjQ2QzNDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6EmEnmOPnpKRPiVrHteEu2dLRtmcQfaaE2MAttojtdM/MjQG4PqFJgaYOZ PYRc05raK5gq1csXzw2GY3Vv7JWwVH3Hz4f5I02irZT14AtLjGTYqqGOfMlMXbAR RyUov3xGq/pjfIekxXPy2TVKYM8EeBXNdrRlrOBMLMHH+y97q0Fcnj9y+fkSrdFL t8wVa8XIqy5yvvOqTO7kOcVDtesI6mARoJcITvpJmoVDcCygqLAh/F6eu8Ih3b2d mxQ9EdLb7PtB4TyatILf+rInmtsAE99cDjqVozV6NhoCl0mDJU6V5m3jVzr24hVk tAZV4ZwcpDXFdXAjq3H+wZ5r6WsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTsAlV7 E7Lfo2cOuRfyIYzTkkbDyzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qlEwDQYJKoZIhvcNAQELBQADggEBAGiHodf5ehl4Er2Fuk1b2uZc8amCop3ndCuW FEXDFiMt+v7vvaT49B5unF8SNDYCoXM3G1sFh/tLPE9jtI6pQTQq3P374r0VvBDp CedMhrItH03ZnXXG429EFK69yI7pxlkqFtr1N0vbaVBErsZdGeNhPrB/7lCsolPW iM3s3EeN+5xma21016KalSyoAMqNmfbPGVDHi3j6PvFrXuX9Rey7FSQLS2bVMEbC m8hRFDE0x9ws5QKu1Vbw8jCO195pGuG3LK2+5WUJRE5yhK8j86dnEO/6Atl1OqNW WHPNS71KHSMj4Xzi6m/Mcr+2RcAHEcBXelmGpN6XSNMG2R7GTmM= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:27 2026 by rpki-client