$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145293.roa File: AS145293.roa (raw, json) Hash identifier: hmq3wwjNum4rH8CA79RPbSL2yNeNtrk13+TXFbOzqCQ= Subject key identifier: 5A:E6:F3:25:AF:99:26:34:09:02:D7:63:5C:E8:62:89:3C:85:E8:A0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 63FA5EF90566BFCF3D06E7247EFE65344B1E5874 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145293.roa Signing time: Wed 04 Mar 2026 06:22:17 +0000 ROA not before: Wed 04 Mar 2026 06:17:17 +0000 ROA not after: Wed 03 Mar 2027 06:22:17 +0000 asID: 145293 IP address blocks: 240a:aa53::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:fa:5e:f9:05:66:bf:cf:3d:06:e7:24:7e:fe:65:34:4b:1e:58:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:17 2026 GMT Not After : Mar 3 06:22:17 2027 GMT Subject: CN=5AE6F325AF9926340902D7635CE862893C85E8A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:52:70:6d:61:26:22:4b:c5:33:44:e1:d0:8d: 65:2f:2a:e0:e2:58:38:d7:c5:da:69:cd:b3:16:40: 31:4c:85:1a:f6:b6:76:84:f2:0f:30:42:33:fd:b4: ef:20:fe:63:8b:27:52:36:f8:03:3f:56:ad:22:ac: c2:e9:60:dc:6e:6d:0a:35:87:1a:6d:a4:cf:5b:0a: 57:c9:02:26:be:a0:9d:39:96:c6:50:2c:61:80:c2: 2c:6d:6a:95:d0:54:cd:6a:b2:2f:3e:1d:db:1b:64: 4f:5a:eb:61:54:53:f6:48:4c:79:ee:eb:83:87:d8: 36:cb:cb:d5:73:bd:86:59:c4:8b:c1:59:19:d0:d9: 15:2d:ec:3d:4c:0d:62:51:4e:19:b1:4c:d7:fd:98: eb:bf:0b:3f:56:9b:33:68:42:e4:1f:bc:90:e5:49: 90:28:02:44:26:c3:8e:eb:b9:08:e1:74:dd:61:28: c2:2e:ef:62:09:07:d2:6b:43:24:08:42:aa:d8:5e: eb:eb:99:f4:6b:3d:1a:7d:b5:5c:02:53:a9:32:5e: 13:d9:bb:b0:59:b1:ae:ab:18:62:f6:a6:62:9b:80: bb:1a:58:11:a6:79:e8:76:1f:c0:6d:75:f4:72:31: cf:1d:75:62:95:76:e7:c7:c7:a0:5b:3e:9a:62:86: b2:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:E6:F3:25:AF:99:26:34:09:02:D7:63:5C:E8:62:89:3C:85:E8:A0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145293.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa53::/32 Signature Algorithm: sha256WithRSAEncryption d6:b5:62:f4:1a:e8:98:e9:0f:22:91:6d:6f:50:20:f1:28:7d: 5a:8e:d9:c0:07:31:bd:03:3e:d1:e6:1e:70:77:89:07:42:2e: 02:a3:d3:1a:5b:5b:e7:ff:1d:84:77:e0:09:85:06:24:39:49: fd:b5:a0:28:9e:22:da:81:d8:33:e2:8b:2c:a1:9a:a3:b8:40: 5f:60:62:73:06:02:51:14:4a:b6:6b:04:b7:44:9d:d4:90:91: 6b:ca:fa:6f:40:5a:fe:28:d8:45:35:38:1c:e8:21:50:0a:fd: 42:f5:c6:33:d6:d7:53:73:1a:dc:d5:13:13:e0:8f:87:ab:c9: 18:18:07:7f:4d:ac:40:bf:cf:56:d7:dd:b4:0a:5a:aa:71:3a: 73:22:97:bb:c0:b7:ed:e8:e6:42:f7:83:c4:b3:98:6f:4e:5c: cf:7c:70:bd:ee:b3:ea:19:d2:63:7d:93:37:ed:a6:52:3c:a4: ba:a2:4a:a7:7a:c1:e1:e6:1c:06:58:c0:30:23:56:5c:58:60: 44:fa:e5:94:ca:6d:5a:d3:06:c5:c8:6c:7f:8a:73:60:c3:98: 8f:04:a7:f0:77:e8:f3:3c:83:58:33:7b:1b:14:4a:a3:e9:cb: 6a:b8:0f:cf:af:fe:10:e1:2a:00:41:ba:73:f8:59:01:49:e7: ec:3d:0a:71 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUY/pe+QVmv889Buckfv5lNEseWHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcxN1oX DTI3MDMwMzA2MjIxN1owMzExMC8GA1UEAxMoNUFFNkYzMjVBRjk5MjYzNDA5MDJE NzYzNUNFODYyODkzQzg1RThBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALRScG1hJiJLxTNE4dCNZS8q4OJYONfF2mnNsxZAMUyFGva2doTyDzBCM/20 7yD+Y4snUjb4Az9WrSKswulg3G5tCjWHGm2kz1sKV8kCJr6gnTmWxlAsYYDCLG1q ldBUzWqyLz4d2xtkT1rrYVRT9khMee7rg4fYNsvL1XO9hlnEi8FZGdDZFS3sPUwN YlFOGbFM1/2Y678LP1abM2hC5B+8kOVJkCgCRCbDjuu5COF03WEowi7vYgkH0mtD JAhCqthe6+uZ9Gs9Gn21XAJTqTJeE9m7sFmxrqsYYvamYpuAuxpYEaZ56HYfwG11 9HIxzx11YpV258fHoFs+mmKGslcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRa5vMl r5kmNAkC12Nc6GKJPIXooDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI5My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qlMwDQYJKoZIhvcNAQELBQADggEBANa1YvQa6JjpDyKRbW9QIPEofVqO2cAHMb0D PtHmHnB3iQdCLgKj0xpbW+f/HYR34AmFBiQ5Sf21oCieItqB2DPiiyyhmqO4QF9g YnMGAlEUSrZrBLdEndSQkWvK+m9AWv4o2EU1OBzoIVAK/UL1xjPW11NzGtzVExPg j4eryRgYB39NrEC/z1bX3bQKWqpxOnMil7vAt+3o5kL3g8SzmG9OXM98cL3us+oZ 0mN9kzftplI8pLqiSqd6weHmHAZYwDAjVlxYYET65ZTKbVrTBsXIbH+Kc2DDmI8E p/B36PM8g1gzexsUSqPpy2q4D8+v/hDhKgBBunP4WQFJ5+w9CnE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:12 2026 by rpki-client