$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145312.roa File: AS145312.roa (raw, json) Hash identifier: nxkUgxCNwdfzXLwfXmoAbJQJfICv+v3mTOUnwTi8xro= Subject key identifier: E2:E0:28:5B:0F:AA:63:F5:53:2F:CD:80:24:0E:72:DA:E8:1F:7B:3B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3ACA6FCDEC90F628F494109F58F6D0DEA60FB937 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145312.roa Signing time: Wed 04 Mar 2026 06:20:14 +0000 ROA not before: Wed 04 Mar 2026 06:15:14 +0000 ROA not after: Wed 03 Mar 2027 06:20:14 +0000 asID: 145312 IP address blocks: 240a:aa66::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:ca:6f:cd:ec:90:f6:28:f4:94:10:9f:58:f6:d0:de:a6:0f:b9:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:14 2026 GMT Not After : Mar 3 06:20:14 2027 GMT Subject: CN=E2E0285B0FAA63F5532FCD80240E72DAE81F7B3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2f:60:1c:ad:da:3d:7a:c0:66:75:2a:e1:2d: a7:b2:7b:80:60:a2:ba:e7:d4:0c:63:f4:5e:40:49: 91:90:34:ea:72:96:49:41:ab:74:26:ed:7c:a9:6c: 36:2c:bb:19:ba:90:21:78:f2:95:fb:6e:0a:4f:16: 5d:5c:56:d1:96:9b:bc:c7:bf:24:34:31:73:2f:0f: 12:8f:4b:c8:70:2f:df:e5:cd:d5:a5:9d:76:ad:ce: 5d:2e:01:a9:6b:45:43:73:d6:f3:ec:88:80:d7:61: 6b:d8:56:67:9e:73:e6:de:08:bf:c3:36:33:f4:c9: c2:c0:2a:ed:17:77:57:57:a7:10:8d:a1:20:82:78: c1:be:29:18:d6:89:2d:e2:ff:33:0b:c3:f0:b1:3a: 25:25:c5:a5:41:c1:ec:a4:f6:fc:a5:d6:6c:97:b6: 56:6d:aa:39:6f:55:99:31:69:26:4d:ec:16:ad:85: 18:38:aa:b3:56:c6:ae:68:27:b2:1e:4d:91:d4:2f: df:ae:0e:29:d7:a8:91:f9:5e:85:f9:b6:d4:62:97: d8:45:d1:45:e2:c7:f1:04:9a:ba:0f:0a:39:d8:b9: 47:dc:67:bc:a5:18:92:95:b2:9e:51:28:70:69:e5: d1:d9:d2:2e:19:91:09:1e:81:18:be:b1:59:c3:5a: a6:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:E0:28:5B:0F:AA:63:F5:53:2F:CD:80:24:0E:72:DA:E8:1F:7B:3B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145312.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa66::/32 Signature Algorithm: sha256WithRSAEncryption 68:3b:3a:aa:05:96:a6:d4:a5:ab:20:0f:9d:7f:2d:8d:5f:81: b1:7a:74:88:63:7a:7c:85:6e:fc:f0:58:bc:c0:6f:46:38:63: e2:54:74:99:d2:e5:bc:bd:e3:ab:3c:0d:60:7c:ec:f1:13:1d: 5d:68:13:b5:99:ac:02:43:f9:aa:49:d4:62:30:ec:85:8c:31: e4:40:b3:b6:e0:d0:d8:15:9b:b5:32:35:1b:a4:a2:5b:7f:a0: 22:f9:9f:69:d7:a0:72:ff:a3:99:07:50:e4:0f:d2:b9:be:69: 9b:5f:16:12:95:ed:22:d3:6a:15:b1:d9:a1:06:f0:59:d7:45: cd:35:a9:3a:76:ec:f1:94:38:9e:9f:f3:29:ba:f6:79:75:3c: ec:f5:25:49:0f:97:e9:68:b0:c7:07:59:80:7e:3b:11:03:e8: cd:d0:10:05:b7:95:53:27:58:97:21:8b:67:8b:3a:e2:c3:c0: 6a:cf:cd:5e:0f:5b:e3:e4:46:30:e6:07:db:cc:6a:ff:8f:64: 5b:8f:aa:37:38:f7:c8:89:8e:88:4f:fb:4c:c7:ae:21:9d:01: bd:8c:d2:50:0c:27:88:21:93:c6:4f:b7:50:86:4b:6b:c9:1b: 79:3a:a1:03:04:56:a6:d0:be:6a:b5:23:c8:27:d7:fe:44:d3: d7:25:c8:b0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOspvzeyQ9ij0lBCfWPbQ3qYPuTcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxNFoX DTI3MDMwMzA2MjAxNFowMzExMC8GA1UEAxMoRTJFMDI4NUIwRkFBNjNGNTUzMkZD RDgwMjQwRTcyREFFODFGN0IzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALMvYByt2j16wGZ1KuEtp7J7gGCiuufUDGP0XkBJkZA06nKWSUGrdCbtfKls Niy7GbqQIXjylftuCk8WXVxW0ZabvMe/JDQxcy8PEo9LyHAv3+XN1aWddq3OXS4B qWtFQ3PW8+yIgNdha9hWZ55z5t4Iv8M2M/TJwsAq7Rd3V1enEI2hIIJ4wb4pGNaJ LeL/MwvD8LE6JSXFpUHB7KT2/KXWbJe2Vm2qOW9VmTFpJk3sFq2FGDiqs1bGrmgn sh5NkdQv364OKdeokflehfm21GKX2EXRReLH8QSaug8KOdi5R9xnvKUYkpWynlEo cGnl0dnSLhmRCR6BGL6xWcNappkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTi4Chb D6pj9VMvzYAkDnLa6B97OzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMxMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qmYwDQYJKoZIhvcNAQELBQADggEBAGg7OqoFlqbUpasgD51/LY1fgbF6dIhjenyF bvzwWLzAb0Y4Y+JUdJnS5by946s8DWB87PETHV1oE7WZrAJD+apJ1GIw7IWMMeRA s7bg0NgVm7UyNRukolt/oCL5n2nXoHL/o5kHUOQP0rm+aZtfFhKV7SLTahWx2aEG 8FnXRc01qTp27PGUOJ6f8ym69nl1POz1JUkPl+losMcHWYB+OxED6M3QEAW3lVMn WJchi2eLOuLDwGrPzV4PW+PkRjDmB9vMav+PZFuPqjc498iJjohP+0zHriGdAb2M 0lAMJ4ghk8ZPt1CGS2vJG3k6oQMEVqbQvmq1I8gn1/5E09clyLA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client