$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145348.roa File: AS145348.roa (raw, json) Hash identifier: lZCtRwshWljFgmvsJfmtmVQvynhjCl6nyYqzEe8qpGY= Subject key identifier: 47:43:09:E1:F5:D8:2C:3C:A2:27:D7:2A:35:63:89:FD:5C:17:EF:08 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3BB2AFD344ABBBD84B708E7DABD5FA0C48ECC7FA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145348.roa Signing time: Wed 04 Mar 2026 06:20:22 +0000 ROA not before: Wed 04 Mar 2026 06:15:22 +0000 ROA not after: Wed 03 Mar 2027 06:20:22 +0000 asID: 145348 IP address blocks: 240a:aa8a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:b2:af:d3:44:ab:bb:d8:4b:70:8e:7d:ab:d5:fa:0c:48:ec:c7:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:22 2026 GMT Not After : Mar 3 06:20:22 2027 GMT Subject: CN=474309E1F5D82C3CA227D72A356389FD5C17EF08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:df:a4:de:5d:9f:94:a8:71:fd:9b:28:90:d6: fe:63:8a:cf:46:5f:0e:ad:8c:77:39:19:54:64:41: 58:96:62:4b:a3:fc:06:a2:fd:53:3c:5c:e4:7a:7b: e4:bf:6e:54:d2:a1:9d:e7:e4:dc:5c:08:ae:80:b0: e8:93:c5:50:b4:c0:ab:10:76:d6:0c:29:19:a1:28: d8:84:64:b5:77:3f:66:4b:b9:f6:51:53:4f:c6:77: b9:5d:b4:8c:7d:40:ef:15:f2:a8:35:29:46:23:8e: 55:bf:4e:25:f2:43:1c:a1:60:fa:85:30:4b:19:67: 38:5b:40:c2:f9:ca:a7:da:9f:f0:4a:fb:cf:37:e6: c8:da:c7:95:fd:97:f3:bb:9e:f2:d3:16:7e:58:70: 08:f3:e7:a1:9b:9b:7e:7e:76:34:da:4b:3c:fd:50: fc:cf:3c:aa:32:71:49:f1:9b:6c:58:ab:8c:7b:df: 07:5c:df:01:da:c3:cd:da:97:33:d2:95:94:c8:43: 89:1f:e3:49:11:9a:a8:4e:99:da:17:21:31:8c:f8: e5:13:94:82:b7:db:c8:bb:d8:92:c5:18:da:63:03: 10:e6:6a:0c:30:11:b3:c7:fe:d8:06:b7:6e:e5:12: 81:69:a9:6d:3b:4c:bd:22:de:85:c3:00:87:0a:e9: 90:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:43:09:E1:F5:D8:2C:3C:A2:27:D7:2A:35:63:89:FD:5C:17:EF:08 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145348.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa8a::/32 Signature Algorithm: sha256WithRSAEncryption bb:06:f9:b4:77:9e:0d:00:13:96:f7:ba:23:dc:57:5d:34:76: f1:18:ed:ec:45:fc:65:08:c5:b9:a0:d0:dd:38:c5:bf:dd:ec: 40:2b:f2:92:62:d5:05:68:48:29:13:b5:42:4e:23:ea:0c:5f: 13:21:cb:a5:27:e2:3b:1b:39:57:53:a9:14:c9:63:3e:27:e5: 3c:87:45:e0:4b:ed:19:14:9f:c3:12:31:71:20:de:cc:81:d0: 40:e7:11:d1:d9:ac:a6:de:22:7a:a8:b7:4e:f3:55:d3:db:30: 2a:25:5c:88:08:99:22:d7:50:a3:5b:0e:ac:fa:9f:4c:df:5b: db:aa:b7:70:23:fe:28:6c:d2:c4:8f:be:40:4a:5e:f0:9e:d0: 0b:e1:7e:c6:f9:32:96:f2:f1:e6:6e:ee:d7:43:da:b6:db:8a: 8f:a5:6d:e1:59:32:66:ff:cd:a6:97:7d:d0:ef:de:a5:59:d1: 1e:69:0d:8a:7b:dd:37:a1:c7:06:5f:e6:85:ce:fe:34:15:41: 32:30:aa:2e:5b:fc:ee:db:af:d8:73:c3:7f:92:eb:c6:04:ad: a3:ab:1c:c0:9d:82:10:34:c4:86:85:fa:90:55:cb:03:77:a1: e3:02:3f:20:da:a7:06:c5:36:70:d4:2c:ff:3a:e5:8b:ce:46: db:51:bd:6e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUO7Kv00Sru9hLcI59q9X6DEjsx/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyMloX DTI3MDMwMzA2MjAyMlowMzExMC8GA1UEAxMoNDc0MzA5RTFGNUQ4MkMzQ0EyMjdE NzJBMzU2Mzg5RkQ1QzE3RUYwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHfpN5dn5Socf2bKJDW/mOKz0ZfDq2MdzkZVGRBWJZiS6P8BqL9Uzxc5Hp7 5L9uVNKhnefk3FwIroCw6JPFULTAqxB21gwpGaEo2IRktXc/Zku59lFTT8Z3uV20 jH1A7xXyqDUpRiOOVb9OJfJDHKFg+oUwSxlnOFtAwvnKp9qf8Er7zzfmyNrHlf2X 87ue8tMWflhwCPPnoZubfn52NNpLPP1Q/M88qjJxSfGbbFirjHvfB1zfAdrDzdqX M9KVlMhDiR/jSRGaqE6Z2hchMYz45ROUgrfbyLvYksUY2mMDEOZqDDARs8f+2Aa3 buUSgWmpbTtMvSLehcMAhwrpkLkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRHQwnh 9dgsPKIn1yo1Y4n9XBfvCDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM0OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qoowDQYJKoZIhvcNAQELBQADggEBALsG+bR3ng0AE5b3uiPcV100dvEY7exF/GUI xbmg0N04xb/d7EAr8pJi1QVoSCkTtUJOI+oMXxMhy6Un4jsbOVdTqRTJYz4n5TyH ReBL7RkUn8MSMXEg3syB0EDnEdHZrKbeInqot07zVdPbMColXIgImSLXUKNbDqz6 n0zfW9uqt3Aj/ihs0sSPvkBKXvCe0Avhfsb5Mpby8eZu7tdD2rbbio+lbeFZMmb/ zaaXfdDv3qVZ0R5pDYp73TehxwZf5oXO/jQVQTIwqi5b/O7br9hzw3+S68YEraOr HMCdghA0xIaF+pBVywN3oeMCPyDapwbFNnDULP865YvORttRvW4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:42 2026 by rpki-client