$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145337.roa File: AS145337.roa (raw, json) Hash identifier: 5AM2zhAxSr0oK3mAagxlZwbUB/j2RHQGxclX6XSoE0w= Subject key identifier: 5C:85:AE:D1:DE:15:99:B7:F4:A9:78:76:4D:9B:41:7A:77:96:ED:51 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 170F2EA7CB5928B87B5567B544576BC094B41708 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145337.roa Signing time: Wed 04 Mar 2026 06:22:06 +0000 ROA not before: Wed 04 Mar 2026 06:17:06 +0000 ROA not after: Wed 03 Mar 2027 06:22:06 +0000 asID: 145337 IP address blocks: 240a:aa7f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:0f:2e:a7:cb:59:28:b8:7b:55:67:b5:44:57:6b:c0:94:b4:17:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:06 2026 GMT Not After : Mar 3 06:22:06 2027 GMT Subject: CN=5C85AED1DE1599B7F4A978764D9B417A7796ED51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:23:90:78:75:eb:39:ad:7a:be:11:d3:9a:98: 77:6a:17:68:e5:ec:5b:8e:07:b1:c4:5f:68:9d:32: 03:a9:21:7b:29:13:24:3e:88:a8:35:e0:07:51:c8: 66:6c:71:64:f3:3f:5e:f7:f6:9b:3b:c0:56:5b:26: 74:ea:a9:3c:23:37:55:88:f8:db:3e:81:32:60:bb: 84:9a:10:b1:69:67:be:6b:af:ec:76:d6:6c:c9:5c: 84:d2:d2:ee:ee:e1:32:7a:ee:f7:7d:2e:16:7f:29: ba:35:77:55:fd:fb:ea:b3:1b:a1:5f:41:c8:02:28: 8d:ed:46:b0:e3:f2:cc:8a:92:14:00:73:ee:4f:9d: 67:df:8f:82:31:11:f5:70:54:dd:92:8c:00:f1:7d: ea:f3:28:b8:27:d3:7e:8d:41:27:e1:36:c4:ae:66: 3e:91:35:6c:bc:b1:33:87:0a:e2:20:9f:ba:27:fb: b7:f6:08:dd:50:db:a5:d6:20:c1:3f:a8:90:75:b4: 21:63:f2:9e:b0:f7:e5:ae:87:cd:c3:d0:92:58:e3: 5c:2c:66:5b:f7:bb:d2:57:8a:be:6b:d1:16:68:20: ec:77:a2:e9:b9:7e:12:ed:c2:51:21:07:20:4d:f2: 9f:1e:31:ce:7a:1c:3b:eb:d8:fc:45:8e:36:8a:3f: e9:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:85:AE:D1:DE:15:99:B7:F4:A9:78:76:4D:9B:41:7A:77:96:ED:51 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa7f::/32 Signature Algorithm: sha256WithRSAEncryption 51:2c:c1:d4:ae:61:97:bf:e4:bb:b1:1d:d5:1d:06:b1:ee:cb: 69:26:e4:42:8e:a8:c6:6d:c9:8a:a8:d9:41:ad:0d:71:48:e6: 95:af:68:51:04:7d:3d:b2:fb:ee:59:15:e2:b8:69:1c:d7:48: 05:82:eb:6a:86:cc:1e:16:e3:fe:ac:d6:c8:cc:87:51:bf:f8: 47:bb:26:3d:f6:fb:40:70:17:eb:8d:63:d8:c7:22:cd:f7:20: 7c:e3:11:75:13:0b:1a:b6:65:07:8a:85:f8:a6:fe:35:dc:5c: a1:b6:a1:cd:b7:74:5c:a1:f3:85:2b:90:67:8b:ef:cb:6c:8c: 69:fc:41:87:2c:ed:df:96:ec:ad:0f:59:24:77:b2:61:44:81: a0:5b:af:f4:42:a5:96:3e:44:e4:d7:7f:20:fc:ed:6c:58:40: 59:c3:09:c6:99:48:e1:7f:ef:7f:ae:19:ca:50:a6:6d:f8:ec: a1:2b:80:ab:a3:51:50:75:df:03:b6:64:7b:ed:d3:12:60:40: cc:fe:e5:fe:4b:17:7d:3b:d4:d8:4b:49:ad:5a:5f:71:3c:82: 46:19:08:8b:d7:fb:e8:65:dd:98:c0:22:75:ae:77:0d:7a:cd: c1:3b:2a:c3:64:4a:60:d3:4b:60:86:12:79:07:ef:bf:87:5a: a6:18:3f:95 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFw8up8tZKLh7VWe1RFdrwJS0FwgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcwNloX DTI3MDMwMzA2MjIwNlowMzExMC8GA1UEAxMoNUM4NUFFRDFERTE1OTlCN0Y0QTk3 ODc2NEQ5QjQxN0E3Nzk2RUQ1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkjkHh16zmter4R05qYd2oXaOXsW44HscRfaJ0yA6kheykTJD6IqDXgB1HI ZmxxZPM/Xvf2mzvAVlsmdOqpPCM3VYj42z6BMmC7hJoQsWlnvmuv7HbWbMlchNLS 7u7hMnru930uFn8pujV3Vf376rMboV9ByAIoje1GsOPyzIqSFABz7k+dZ9+PgjER 9XBU3ZKMAPF96vMouCfTfo1BJ+E2xK5mPpE1bLyxM4cK4iCfuif7t/YI3VDbpdYg wT+okHW0IWPynrD35a6HzcPQkljjXCxmW/e70leKvmvRFmgg7Hei6bl+Eu3CUSEH IE3ynx4xznocO+vY/EWONoo/6VsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRcha7R 3hWZt/SpeHZNm0F6d5btUTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qn8wDQYJKoZIhvcNAQELBQADggEBAFEswdSuYZe/5LuxHdUdBrHuy2km5EKOqMZt yYqo2UGtDXFI5pWvaFEEfT2y++5ZFeK4aRzXSAWC62qGzB4W4/6s1sjMh1G/+Ee7 Jj32+0BwF+uNY9jHIs33IHzjEXUTCxq2ZQeKhfim/jXcXKG2oc23dFyh84UrkGeL 78tsjGn8QYcs7d+W7K0PWSR3smFEgaBbr/RCpZY+ROTXfyD87WxYQFnDCcaZSOF/ 73+uGcpQpm347KErgKujUVB13wO2ZHvt0xJgQMz+5f5LF3071NhLSa1aX3E8gkYZ CIvX++hl3ZjAInWudw16zcE7KsNkSmDTS2CGEnkH77+HWqYYP5U= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:43 2026 by rpki-client