$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145371.roa File: AS145371.roa (raw, json) Hash identifier: bwnL4c32lOWON1mEiKplZG2ZsHX4cEDOJ9NjWLO9BaU= Subject key identifier: 5E:F7:D9:6D:37:22:C2:FA:89:BE:C8:AC:B7:C6:B9:46:97:B0:82:FD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 17246C4605A51CFF4618C1E3D9F41D3A7D7A2A8F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145371.roa Signing time: Wed 04 Mar 2026 06:22:20 +0000 ROA not before: Wed 04 Mar 2026 06:17:20 +0000 ROA not after: Wed 03 Mar 2027 06:22:20 +0000 asID: 145371 IP address blocks: 240a:aaa1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:24:6c:46:05:a5:1c:ff:46:18:c1:e3:d9:f4:1d:3a:7d:7a:2a:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:20 2026 GMT Not After : Mar 3 06:22:20 2027 GMT Subject: CN=5EF7D96D3722C2FA89BEC8ACB7C6B94697B082FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ce:97:a0:a8:ac:1f:6b:4d:bd:00:77:81:04: 6a:1c:99:b7:30:fc:0c:02:a7:06:d4:19:a5:49:c7: b3:ce:c7:8d:b6:dc:1c:b5:82:3a:dc:d3:7b:7f:94: d0:0c:21:04:2b:01:cb:f0:de:d5:76:48:e7:18:9b: 04:44:f1:f9:0d:ee:40:38:5a:a5:e4:9a:b4:e7:bb: 31:4a:41:a4:e4:55:13:11:84:e8:00:1d:b2:91:37: b8:2a:a0:ce:3f:08:1b:54:fc:ff:f9:21:93:c0:b7: a9:44:f2:9b:d5:a2:9c:84:c8:5b:53:02:0e:f4:11: aa:f0:ef:46:80:1a:45:d8:f7:1d:b6:ed:83:05:b3: ee:8f:97:b5:63:10:5b:2a:f8:a2:27:28:99:78:cd: 88:74:04:ca:bc:76:1b:82:d1:94:36:9f:45:ac:91: 4d:cc:ff:bd:7b:8b:69:95:72:4f:9a:bd:89:ba:a2: 65:61:d1:9e:07:50:7e:f8:97:c4:97:59:52:dc:07: 14:ca:ca:8d:b6:65:fe:89:12:8d:85:f7:32:cc:51: 31:00:95:b7:67:c7:f4:7c:1a:c3:c3:45:b8:fc:30: 0c:a4:6d:1e:24:1c:64:68:ce:85:2b:ea:22:18:c2: 96:38:37:0c:d9:dc:2f:06:73:00:19:e3:8e:ce:22: f0:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:F7:D9:6D:37:22:C2:FA:89:BE:C8:AC:B7:C6:B9:46:97:B0:82:FD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145371.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaa1::/32 Signature Algorithm: sha256WithRSAEncryption b5:ac:37:13:5f:f9:2d:f1:a1:ff:e7:96:88:fe:c4:94:28:8c: cb:ad:f8:0d:d5:34:ab:5c:3f:a2:88:37:b1:da:d5:16:77:3a: 2e:37:8d:9c:96:c6:19:1e:48:31:ad:3e:df:5c:27:58:b1:a0: 34:22:be:f4:98:aa:a2:be:76:05:e9:b8:ec:5d:57:3a:61:d7: a5:6c:1b:5c:68:82:82:d0:a7:84:06:58:aa:df:84:93:13:bd: 66:b7:da:f8:9d:04:06:00:f3:7e:d3:3d:4e:f9:84:0d:df:e0: 01:5e:9d:74:30:be:37:30:35:6c:7a:bc:2c:fc:80:99:54:b4: 95:ba:d7:29:8e:d3:b5:5b:65:dd:03:42:e4:3e:9c:2b:16:d9: f7:71:3b:24:77:29:3a:99:5e:37:9f:ff:b1:56:3f:50:88:66: 17:58:16:d1:01:07:0d:4f:5e:f5:3c:11:a0:c1:60:58:ee:e7: e8:3a:9f:80:55:5e:13:58:55:8f:79:7b:ce:cd:11:36:07:33: 24:84:0d:57:0b:9e:b6:b2:10:2e:35:a3:6c:0f:9a:0f:9a:73: 6b:c4:de:3c:cb:3b:0e:b8:aa:15:27:79:ae:f2:8c:70:83:57: 78:44:5c:1c:7a:51:c4:6d:57:1c:51:f0:8e:66:64:74:15:25: ad:c2:f4:09 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFyRsRgWlHP9GGMHj2fQdOn16Ko8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyMFoX DTI3MDMwMzA2MjIyMFowMzExMC8GA1UEAxMoNUVGN0Q5NkQzNzIyQzJGQTg5QkVD OEFDQjdDNkI5NDY5N0IwODJGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOfOl6CorB9rTb0Ad4EEahyZtzD8DAKnBtQZpUnHs87HjbbcHLWCOtzTe3+U 0AwhBCsBy/De1XZI5xibBETx+Q3uQDhapeSatOe7MUpBpORVExGE6AAdspE3uCqg zj8IG1T8//khk8C3qUTym9WinITIW1MCDvQRqvDvRoAaRdj3HbbtgwWz7o+XtWMQ Wyr4oicomXjNiHQEyrx2G4LRlDafRayRTcz/vXuLaZVyT5q9ibqiZWHRngdQfviX xJdZUtwHFMrKjbZl/okSjYX3MsxRMQCVt2fH9Hwaw8NFuPwwDKRtHiQcZGjOhSvq IhjCljg3DNncLwZzABnjjs4i8OsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRe99lt NyLC+om+yKy3xrlGl7CC/TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qqEwDQYJKoZIhvcNAQELBQADggEBALWsNxNf+S3xof/nloj+xJQojMut+A3VNKtc P6KIN7Ha1RZ3Oi43jZyWxhkeSDGtPt9cJ1ixoDQivvSYqqK+dgXpuOxdVzph16Vs G1xogoLQp4QGWKrfhJMTvWa32vidBAYA837TPU75hA3f4AFenXQwvjcwNWx6vCz8 gJlUtJW61ymO07VbZd0DQuQ+nCsW2fdxOyR3KTqZXjef/7FWP1CIZhdYFtEBBw1P XvU8EaDBYFju5+g6n4BVXhNYVY95e87NETYHMySEDVcLnrayEC41o2wPmg+ac2vE 3jzLOw64qhUnea7yjHCDV3hEXBx6UcRtVxxR8I5mZHQVJa3C9Ak= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:07 2026 by rpki-client