$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145343.roa File: AS145343.roa (raw, json) Hash identifier: 92GBhBPPvfHMAQO9i/ksXPCO9cSzCe8d5k82obGHS0U= Subject key identifier: 3C:55:30:91:85:F5:54:63:DF:96:AE:7D:C8:ED:95:8D:FD:19:88:9B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 200821488B0397264CF3D69C8A5B33A95834575C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145343.roa Signing time: Wed 04 Mar 2026 06:21:13 +0000 ROA not before: Wed 04 Mar 2026 06:16:13 +0000 ROA not after: Wed 03 Mar 2027 06:21:13 +0000 asID: 145343 IP address blocks: 240a:aa85::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:08:21:48:8b:03:97:26:4c:f3:d6:9c:8a:5b:33:a9:58:34:57:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:13 2026 GMT Not After : Mar 3 06:21:13 2027 GMT Subject: CN=3C55309185F55463DF96AE7DC8ED958DFD19889B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:17:bb:ce:be:8a:94:72:12:f7:3a:57:c8:29: 0e:bc:e6:ac:c4:f1:e0:5b:56:f6:37:7e:11:55:d4: da:88:4d:cf:fb:58:46:5b:d5:da:84:2e:ae:d3:42: 71:9a:3e:0a:37:02:e8:e8:d6:d8:f9:e7:2e:a4:dc: 6a:50:84:97:88:5f:e7:e0:08:6a:95:a4:ef:75:c1: ee:de:50:d2:6d:e8:21:ef:15:e6:b2:8a:5c:1c:04: 02:6f:3d:b0:90:e7:0c:8f:e8:cf:e0:d4:09:6c:da: 70:08:07:31:b2:cb:82:88:24:49:58:91:01:91:84: 21:a8:f6:cb:9b:c4:c2:cc:58:e1:3d:8f:b6:b6:c8: 82:c9:b5:6c:49:13:26:a2:1b:15:b6:24:e0:ad:b8: 98:3a:ef:50:ff:ea:39:cc:03:42:5d:f0:1f:59:9f: 8d:c1:60:96:7d:35:92:74:24:50:a0:77:f6:c8:d4: 38:8b:6d:d3:ce:b7:68:f2:02:5d:58:04:fa:1f:46: 81:eb:42:ed:3d:13:37:ce:f8:89:3a:bc:be:8c:f4: f8:18:22:e8:6f:bf:a2:8c:04:29:56:bf:83:f0:47: dc:f3:58:a5:dd:28:01:fc:64:3d:fd:cd:63:5e:a2: a8:ab:a0:d8:c9:ea:00:70:a9:ad:ae:d2:18:15:45: fc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:55:30:91:85:F5:54:63:DF:96:AE:7D:C8:ED:95:8D:FD:19:88:9B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145343.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa85::/32 Signature Algorithm: sha256WithRSAEncryption 0f:37:5e:6a:e9:ba:dd:b6:63:0b:7f:89:33:42:ed:1e:4a:39: 07:51:8f:59:31:f1:91:38:b5:39:03:a6:89:07:50:38:9c:71: 6e:13:17:f6:6e:08:36:6a:1d:83:16:1e:f2:5d:ce:d5:da:ad: 58:5a:8e:6e:2b:01:cd:10:47:ca:0b:72:df:7b:ac:a3:28:94: ae:82:ac:a1:98:32:d5:c1:6f:48:2e:8a:31:69:93:63:7e:fd: 94:49:59:16:41:8f:87:94:fc:51:a8:0e:74:eb:85:07:f7:c1: 88:84:6c:a6:8e:8d:48:4d:76:82:d7:59:38:f0:6c:3f:d7:13: d8:d9:b4:2c:1b:1a:7a:4f:23:9f:dd:b8:6b:7f:9e:e7:26:ee: 47:d8:72:ea:89:71:c8:98:9e:8a:e0:f5:71:f4:93:8f:c2:ae: f8:27:6f:d2:0f:5e:0c:77:f9:41:b1:36:d7:e1:a4:24:55:42: ed:f2:1d:52:c3:04:13:f2:e5:25:8c:0c:6f:f9:bf:5d:29:05: 21:8f:e3:ee:ea:c3:d9:14:63:b3:dd:a4:06:f1:cf:5d:f8:d9: ea:aa:85:b8:bf:88:73:13:b3:af:e7:13:a3:34:df:38:fa:15: de:fe:a8:3c:8f:83:e7:98:ef:e8:a9:87:f1:14:f7:34:5e:08: ea:5e:8e:79 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIAghSIsDlyZM89acilszqVg0V1wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxM1oX DTI3MDMwMzA2MjExM1owMzExMC8GA1UEAxMoM0M1NTMwOTE4NUY1NTQ2M0RGOTZB RTdEQzhFRDk1OERGRDE5ODg5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALEXu86+ipRyEvc6V8gpDrzmrMTx4FtW9jd+EVXU2ohNz/tYRlvV2oQurtNC cZo+CjcC6OjW2PnnLqTcalCEl4hf5+AIapWk73XB7t5Q0m3oIe8V5rKKXBwEAm89 sJDnDI/oz+DUCWzacAgHMbLLgogkSViRAZGEIaj2y5vEwsxY4T2PtrbIgsm1bEkT JqIbFbYk4K24mDrvUP/qOcwDQl3wH1mfjcFgln01knQkUKB39sjUOItt0863aPIC XVgE+h9GgetC7T0TN874iTq8voz0+Bgi6G+/oowEKVa/g/BH3PNYpd0oAfxkPf3N Y16iqKug2MnqAHCpra7SGBVF/LcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ8VTCR hfVUY9+Wrn3I7ZWN/RmImzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qoUwDQYJKoZIhvcNAQELBQADggEBAA83Xmrput22Ywt/iTNC7R5KOQdRj1kx8ZE4 tTkDpokHUDiccW4TF/ZuCDZqHYMWHvJdztXarVhajm4rAc0QR8oLct97rKMolK6C rKGYMtXBb0guijFpk2N+/ZRJWRZBj4eU/FGoDnTrhQf3wYiEbKaOjUhNdoLXWTjw bD/XE9jZtCwbGnpPI5/duGt/nucm7kfYcuqJcciYnorg9XH0k4/Crvgnb9IPXgx3 +UGxNtfhpCRVQu3yHVLDBBPy5SWMDG/5v10pBSGP4+7qw9kUY7PdpAbxz1342eqq hbi/iHMTs6/nE6M03zj6Fd7+qDyPg+eY7+iph/EU9zReCOpejnk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:25 2026 by rpki-client