$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145324.roa File: AS145324.roa (raw, json) Hash identifier: gUPTyVQoh6IskJH894D6wsHD0rMVwiM3vwjJwiPGhGM= Subject key identifier: D5:70:97:3D:F2:8E:9B:A6:73:62:D8:D1:77:48:77:A9:87:1B:AE:A7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 43E98243F38B6E3D6C18B14240AB9EC68AD4B4AD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145324.roa Signing time: Wed 04 Mar 2026 06:21:40 +0000 ROA not before: Wed 04 Mar 2026 06:16:40 +0000 ROA not after: Wed 03 Mar 2027 06:21:40 +0000 asID: 145324 IP address blocks: 240a:aa72::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:e9:82:43:f3:8b:6e:3d:6c:18:b1:42:40:ab:9e:c6:8a:d4:b4:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:40 2026 GMT Not After : Mar 3 06:21:40 2027 GMT Subject: CN=D570973DF28E9BA67362D8D1774877A9871BAEA7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:eb:32:ad:5c:ac:c3:20:db:5b:22:4e:11:a0: b8:a2:83:4d:ab:27:71:88:23:2b:4a:a3:a8:51:88: b2:c2:f1:67:5f:e6:d0:36:6f:5a:0b:0a:2d:d6:df: 7b:cb:52:ad:87:c8:44:af:a1:bb:53:f4:f9:16:e1: 0b:80:d3:e7:c4:f5:92:43:e1:2c:65:e8:72:c5:fd: c8:d4:34:51:4d:65:1e:66:f7:9e:63:09:cb:f3:66: 61:52:40:eb:dd:6e:4b:0b:8b:68:21:f7:74:7e:f9: 5c:6a:73:c6:7e:cd:51:0c:fa:84:61:56:c8:7d:19: 22:60:cb:3d:38:d2:34:02:02:7e:80:ae:15:46:29: c8:99:8f:ff:71:30:58:1e:d9:11:db:0d:c5:94:df: 74:0e:24:e6:3d:50:da:03:c9:e5:2e:2d:83:32:87: 12:08:6e:7d:c7:e7:55:fd:58:8a:f3:82:92:77:a2: ad:30:af:e6:a3:bf:8b:fb:2e:a1:19:2f:77:b6:97: cf:47:3a:40:86:2f:20:9d:d4:ba:36:3e:37:67:7d: 4d:8a:91:aa:9b:ea:d8:6e:44:9c:f5:d8:54:85:e3: 0e:17:c5:ee:f6:8f:61:6d:5e:d8:d5:8f:44:e5:96: 0d:5f:b4:37:c2:2c:e2:2b:44:ea:aa:e1:d8:0f:41: f1:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:70:97:3D:F2:8E:9B:A6:73:62:D8:D1:77:48:77:A9:87:1B:AE:A7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145324.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa72::/32 Signature Algorithm: sha256WithRSAEncryption 84:c1:4e:12:a9:51:83:fd:22:af:12:53:62:27:c4:af:da:f7: 0c:48:7b:58:4f:93:ce:2e:5f:09:2a:21:72:e8:94:25:56:94: 05:1e:d0:87:23:26:8f:e3:7f:b0:79:55:77:91:74:fa:20:f8: a0:c1:0d:d4:22:db:26:c4:79:1a:3e:13:6d:ab:f1:be:55:cc: 09:4f:58:e5:3f:b3:d2:f1:c7:d0:a4:de:56:5c:fb:f2:a8:7a: a4:6c:82:ac:89:90:96:36:83:e2:45:0a:36:0c:0b:52:32:8f: 2e:60:66:34:2b:47:f4:d0:ad:55:d3:f0:d8:58:4d:b3:3d:cc: 76:7b:6a:87:39:bf:e8:60:38:13:7f:bd:cc:a0:74:ac:cb:42: cf:f4:cf:72:40:a2:24:3e:57:98:9d:83:08:fa:c2:98:61:ad: 4b:e1:a4:02:8c:6c:36:01:1a:56:9c:b9:a7:89:d5:7d:84:cf: 49:f0:56:47:2a:1e:df:a2:c7:22:22:b6:26:d2:37:dd:5f:96: 7f:de:72:01:bb:89:e2:f3:5f:16:79:7b:07:b2:e1:43:e8:5b: da:d4:44:b3:91:93:12:bc:8a:15:43:7a:5d:8a:3d:99:da:35: 47:51:02:0b:6c:33:1e:ef:c8:fe:4a:dd:39:13:04:0d:4d:c8: 5c:b4:68:2d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQ+mCQ/OLbj1sGLFCQKuexorUtK0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0MFoX DTI3MDMwMzA2MjE0MFowMzExMC8GA1UEAxMoRDU3MDk3M0RGMjhFOUJBNjczNjJE OEQxNzc0ODc3QTk4NzFCQUVBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANHrMq1crMMg21siThGguKKDTasncYgjK0qjqFGIssLxZ1/m0DZvWgsKLdbf e8tSrYfIRK+hu1P0+RbhC4DT58T1kkPhLGXocsX9yNQ0UU1lHmb3nmMJy/NmYVJA 691uSwuLaCH3dH75XGpzxn7NUQz6hGFWyH0ZImDLPTjSNAICfoCuFUYpyJmP/3Ew WB7ZEdsNxZTfdA4k5j1Q2gPJ5S4tgzKHEghufcfnVf1YivOCkneirTCv5qO/i/su oRkvd7aXz0c6QIYvIJ3UujY+N2d9TYqRqpvq2G5EnPXYVIXjDhfF7vaPYW1e2NWP ROWWDV+0N8Is4itE6qrh2A9B8XUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTVcJc9 8o6bpnNi2NF3SHephxuupzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qnIwDQYJKoZIhvcNAQELBQADggEBAITBThKpUYP9Iq8SU2InxK/a9wxIe1hPk84u XwkqIXLolCVWlAUe0IcjJo/jf7B5VXeRdPog+KDBDdQi2ybEeRo+E22r8b5VzAlP WOU/s9Lxx9Ck3lZc+/KoeqRsgqyJkJY2g+JFCjYMC1Iyjy5gZjQrR/TQrVXT8NhY TbM9zHZ7aoc5v+hgOBN/vcygdKzLQs/0z3JAoiQ+V5idgwj6wphhrUvhpAKMbDYB GlacuaeJ1X2Ez0nwVkcqHt+ixyIitibSN91fln/ecgG7ieLzXxZ5ewey4UPoW9rU RLORkxK8ihVDel2KPZnaNUdRAgtsMx7vyP5K3TkTBA1NyFy0aC0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:54 2026 by rpki-client