$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145352.roa File: AS145352.roa (raw, json) Hash identifier: d9G2nDdmzlrCuWyyok/vwksmOmABWmM6pRfCbFIw2po= Subject key identifier: EE:8E:4C:E7:50:54:6F:9D:B5:DD:80:2B:41:80:D8:9B:D4:C7:0F:B5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 13673C972C0C979C7F6DDC1B6D93CC0CAB78C1CF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145352.roa Signing time: Wed 04 Mar 2026 06:21:08 +0000 ROA not before: Wed 04 Mar 2026 06:16:08 +0000 ROA not after: Wed 03 Mar 2027 06:21:08 +0000 asID: 145352 IP address blocks: 240a:aa8e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:67:3c:97:2c:0c:97:9c:7f:6d:dc:1b:6d:93:cc:0c:ab:78:c1:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:08 2026 GMT Not After : Mar 3 06:21:08 2027 GMT Subject: CN=EE8E4CE750546F9DB5DD802B4180D89BD4C70FB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:f7:2a:57:5f:7c:c9:9a:27:5b:bf:1b:13:d6: be:05:fa:ae:da:dd:e8:cf:f2:51:0b:4b:a4:66:a7: 4b:60:5c:0d:16:bc:2e:93:28:97:cd:66:b8:16:71: 8f:2f:3e:9f:c1:cf:f6:0e:5c:68:6b:4a:88:87:59: e6:56:fc:9f:61:79:72:ce:20:1f:50:2d:3b:00:34: 39:64:62:4f:53:53:e7:82:8f:1b:19:4c:bf:2f:5f: 1a:7b:25:61:56:fd:3b:a6:40:52:d3:b1:7a:95:32: e9:f6:e2:8c:6c:b5:32:9e:1b:38:14:aa:35:41:0e: dd:86:3c:f3:df:01:27:b6:7c:5e:a4:bc:8c:36:c0: bb:70:eb:a2:3c:f6:15:da:5e:34:88:3b:c7:9d:3d: ed:a6:8e:34:3c:5f:3c:b1:4f:1f:d4:50:13:c8:31: 1a:11:98:3a:25:b6:c1:04:eb:a3:fe:41:68:5f:34: 43:64:0f:26:36:eb:dc:b4:74:7e:a9:a5:e6:ea:4b: bd:7b:04:ae:47:ad:a9:1e:e0:27:6a:35:b9:05:23: dd:72:8b:9a:1f:b6:bc:a0:fe:18:ab:ef:38:d8:9c: 3d:f6:4a:6d:f4:db:5b:8a:45:16:de:80:1d:7d:b6: b9:bd:53:c5:29:3b:65:d4:60:01:33:81:73:fe:41: b0:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:8E:4C:E7:50:54:6F:9D:B5:DD:80:2B:41:80:D8:9B:D4:C7:0F:B5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145352.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa8e::/32 Signature Algorithm: sha256WithRSAEncryption da:59:8f:80:35:fa:23:74:83:2d:23:af:73:d6:d5:57:63:13: b2:35:da:52:f7:36:cd:81:39:38:9e:0f:cd:13:66:9b:ef:c2: 1c:29:dc:98:81:fc:cd:e4:df:1f:38:81:14:51:f6:29:10:00: 35:36:56:05:63:71:d2:a2:68:f1:c8:06:a1:8c:40:13:83:14: 53:5e:6e:c4:e5:2f:24:7f:70:4e:c7:86:3b:94:70:35:06:5e: 0b:19:2f:eb:75:04:0e:e4:be:d3:a3:0f:64:7f:ca:a5:2a:08: b1:86:b9:98:d7:3a:4a:b2:47:ac:07:83:a0:da:56:99:57:7e: bb:2d:a3:93:b9:6c:e7:29:9b:f6:df:93:3f:8d:30:27:b9:44: 1d:6b:8c:93:05:c2:8c:8e:d9:60:ae:e5:20:3f:ba:8a:fe:87: 39:f6:c4:32:79:40:e8:f5:de:bb:f4:38:ce:b1:72:09:79:ce: 51:9b:47:41:77:03:e9:00:2e:7a:68:fa:d1:6a:c5:20:39:b8: 88:94:46:cd:e1:ea:35:0a:57:5c:b9:f6:3f:2d:60:80:ed:58: 11:e4:d5:f6:fd:48:f9:c7:5b:36:86:51:26:bd:be:db:01:e4: b0:fc:da:f6:b5:39:80:f7:7e:50:ea:76:66:7b:1a:93:ff:4a: bb:17:c9:da -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUE2c8lywMl5x/bdwbbZPMDKt4wc8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYwOFoX DTI3MDMwMzA2MjEwOFowMzExMC8GA1UEAxMoRUU4RTRDRTc1MDU0NkY5REI1REQ4 MDJCNDE4MEQ4OUJENEM3MEZCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOf3KldffMmaJ1u/GxPWvgX6rtrd6M/yUQtLpGanS2BcDRa8LpMol81muBZx jy8+n8HP9g5caGtKiIdZ5lb8n2F5cs4gH1AtOwA0OWRiT1NT54KPGxlMvy9fGnsl YVb9O6ZAUtOxepUy6fbijGy1Mp4bOBSqNUEO3YY8898BJ7Z8XqS8jDbAu3Drojz2 FdpeNIg7x5097aaONDxfPLFPH9RQE8gxGhGYOiW2wQTro/5BaF80Q2QPJjbr3LR0 fqml5upLvXsErketqR7gJ2o1uQUj3XKLmh+2vKD+GKvvONicPfZKbfTbW4pFFt6A HX22ub1TxSk7ZdRgATOBc/5BsDECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTujkzn UFRvnbXdgCtBgNib1McPtTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qo4wDQYJKoZIhvcNAQELBQADggEBANpZj4A1+iN0gy0jr3PW1VdjE7I12lL3Ns2B OTieD80TZpvvwhwp3JiB/M3k3x84gRRR9ikQADU2VgVjcdKiaPHIBqGMQBODFFNe bsTlLyR/cE7HhjuUcDUGXgsZL+t1BA7kvtOjD2R/yqUqCLGGuZjXOkqyR6wHg6Da VplXfrsto5O5bOcpm/bfkz+NMCe5RB1rjJMFwoyO2WCu5SA/uor+hzn2xDJ5QOj1 3rv0OM6xcgl5zlGbR0F3A+kALnpo+tFqxSA5uIiURs3h6jUKV1y59j8tYIDtWBHk 1fb9SPnHWzaGUSa9vtsB5LD82va1OYD3flDqdmZ7GpP/SrsXydo= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:35 2026 by rpki-client