$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145383.roa File: AS145383.roa (raw, json) Hash identifier: weOung63TgISKPw2DULneuvbVKeItPA9JdfUwxEtoc0= Subject key identifier: 6D:2E:C3:DA:04:BE:28:46:F2:DE:A8:5F:0E:CC:08:31:46:99:23:AA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 53D99457D87484DB434F8560043A48C4BF279848 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145383.roa Signing time: Wed 04 Mar 2026 06:20:41 +0000 ROA not before: Wed 04 Mar 2026 06:15:41 +0000 ROA not after: Wed 03 Mar 2027 06:20:41 +0000 asID: 145383 IP address blocks: 240a:aaad::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:d9:94:57:d8:74:84:db:43:4f:85:60:04:3a:48:c4:bf:27:98:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:41 2026 GMT Not After : Mar 3 06:20:41 2027 GMT Subject: CN=6D2EC3DA04BE2846F2DEA85F0ECC0831469923AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:ab:18:68:71:96:42:12:db:a3:7b:21:56:74: da:16:96:86:37:ce:50:db:b7:1c:16:70:c6:85:10: f8:65:ee:d9:5f:0c:c6:67:0e:50:17:96:99:7e:2f: c6:38:f5:58:53:d5:14:e8:be:f9:72:d1:31:22:71: eb:83:5c:ea:dd:3d:bc:5c:db:48:6a:02:01:08:70: 77:d6:6e:86:64:8d:aa:5e:d4:c5:4f:2e:e1:34:d0: 52:91:c3:2e:40:fb:09:e7:91:d2:46:e1:4e:ba:e1: e8:ab:dc:27:84:3d:6f:6d:9b:d9:f5:97:ce:20:68: 99:dd:3a:45:86:3f:37:0a:ad:e9:8e:00:43:8b:c6: 6a:02:43:22:ca:96:fe:84:f0:65:65:4c:74:04:32: 9d:50:69:92:bb:dd:2a:c0:52:b1:fc:aa:e4:f4:cb: 20:13:ba:07:0d:73:1f:5a:f2:c6:c5:44:12:24:49: 98:7c:2b:b5:8f:a9:ac:f0:40:f1:b8:c6:88:76:24: 5f:48:0a:22:cd:d2:91:a0:b2:47:bb:83:40:c2:01: dd:f7:2d:86:c5:b4:1f:90:b1:8e:32:5d:5f:9c:3c: 7b:e3:ed:e4:04:e1:ba:a9:e6:de:8e:fa:9e:a4:b1: 4d:67:07:f9:d2:be:8b:10:83:f3:92:0b:0a:dd:1a: 4d:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:2E:C3:DA:04:BE:28:46:F2:DE:A8:5F:0E:CC:08:31:46:99:23:AA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145383.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaad::/32 Signature Algorithm: sha256WithRSAEncryption b5:56:14:da:e7:93:8b:1b:26:4f:af:15:d3:d5:5d:67:02:c8: 66:2a:53:ea:91:8e:ae:5e:ae:0c:ac:d1:d3:fa:bd:e7:02:96: 05:54:f2:63:57:b9:4d:02:1d:0c:7e:e8:65:71:a2:49:f4:7d: 93:6d:fd:95:fe:a7:1a:d0:b7:ae:99:1e:70:78:de:fd:95:63: 34:29:9e:d2:85:81:8d:3d:ef:a1:fa:32:4f:be:43:82:ff:1b: e4:f5:21:be:b8:10:fc:87:61:d3:2f:30:dc:54:9a:5d:83:ac: af:31:61:70:4c:fc:73:bc:f1:ea:38:0c:d3:a1:9f:02:b9:5c: d6:99:5f:ef:34:d3:e3:5c:3f:bf:bf:7d:a8:93:e6:24:2c:cc: 39:8a:5e:7c:90:5a:66:15:58:06:63:0d:22:d1:5b:3b:26:22: 16:61:10:1d:f0:44:3f:ac:02:18:83:0e:95:b5:72:c8:1d:fe: 15:65:88:8f:7f:3c:89:10:e5:f9:fd:5c:1a:03:6b:e8:ba:55: 21:ba:bb:29:40:e1:df:90:5f:61:1e:fe:a1:5c:85:df:75:26: 15:89:45:ec:c3:04:af:9a:64:6b:d7:24:a1:4f:e1:49:64:c6: 1e:cc:f7:c4:98:fa:17:31:b1:44:e9:11:87:f9:ee:7a:46:f5: 59:e9:2f:7c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUU9mUV9h0hNtDT4VgBDpIxL8nmEgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0MVoX DTI3MDMwMzA2MjA0MVowMzExMC8GA1UEAxMoNkQyRUMzREEwNEJFMjg0NkYyREVB ODVGMEVDQzA4MzE0Njk5MjNBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJurGGhxlkIS26N7IVZ02haWhjfOUNu3HBZwxoUQ+GXu2V8MxmcOUBeWmX4v xjj1WFPVFOi++XLRMSJx64Nc6t09vFzbSGoCAQhwd9ZuhmSNql7UxU8u4TTQUpHD LkD7CeeR0kbhTrrh6KvcJ4Q9b22b2fWXziBomd06RYY/Nwqt6Y4AQ4vGagJDIsqW /oTwZWVMdAQynVBpkrvdKsBSsfyq5PTLIBO6Bw1zH1ryxsVEEiRJmHwrtY+prPBA 8bjGiHYkX0gKIs3SkaCyR7uDQMIB3fcthsW0H5CxjjJdX5w8e+Pt5AThuqnm3o76 nqSxTWcH+dK+ixCD85ILCt0aTTUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRtLsPa BL4oRvLeqF8OzAgxRpkjqjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM4My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qq0wDQYJKoZIhvcNAQELBQADggEBALVWFNrnk4sbJk+vFdPVXWcCyGYqU+qRjq5e rgys0dP6vecClgVU8mNXuU0CHQx+6GVxokn0fZNt/ZX+pxrQt66ZHnB43v2VYzQp ntKFgY0976H6Mk++Q4L/G+T1Ib64EPyHYdMvMNxUml2DrK8xYXBM/HO88eo4DNOh nwK5XNaZX+800+NcP7+/faiT5iQszDmKXnyQWmYVWAZjDSLRWzsmIhZhEB3wRD+s AhiDDpW1csgd/hVliI9/PIkQ5fn9XBoDa+i6VSG6uylA4d+QX2Ee/qFchd91JhWJ RezDBK+aZGvXJKFP4Ulkxh7M98SY+hcxsUTpEYf57npG9VnpL3w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:56 2026 by rpki-client