$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145447.roa File: AS145447.roa (raw, json) Hash identifier: J05iQgY2KgpuwCv6eOe2h3Gcnf+qsL8ha891awN4VxQ= Subject key identifier: F7:9F:DB:E0:3F:E9:D7:92:22:23:B4:4E:16:E4:E2:7B:97:A2:EF:0D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 34BE899F4F88830586F0ADA5B795F48054A26E7A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145447.roa Signing time: Wed 04 Mar 2026 06:21:33 +0000 ROA not before: Wed 04 Mar 2026 06:16:33 +0000 ROA not after: Wed 03 Mar 2027 06:21:33 +0000 asID: 145447 IP address blocks: 240a:aaed::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:be:89:9f:4f:88:83:05:86:f0:ad:a5:b7:95:f4:80:54:a2:6e:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:33 2026 GMT Not After : Mar 3 06:21:33 2027 GMT Subject: CN=F79FDBE03FE9D7922223B44E16E4E27B97A2EF0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:c6:8b:76:d9:7c:c6:e4:15:95:94:d5:bb:80: ac:aa:76:f5:7b:70:45:cd:fb:28:af:b3:e5:02:8e: 31:72:b7:ec:5e:54:bc:bb:86:56:a8:21:7a:b1:0a: 6a:53:4f:e2:57:78:89:b8:c9:86:4d:7d:3c:4e:d4: 90:86:8c:7f:61:ee:ff:56:17:fc:e4:8d:ac:ec:6c: 54:af:f1:0c:7f:f5:42:25:62:bd:13:ec:bf:38:a8: c0:cd:bf:29:39:50:3f:d6:00:c2:4b:fc:6e:38:17: 45:09:2f:34:ce:07:57:2c:a7:e1:b9:57:a4:64:61: bb:3b:b7:13:04:cf:d1:a7:36:ea:38:5c:a2:33:34: 43:2d:a8:2a:ce:a1:d2:d3:f9:8f:f0:92:59:28:39: 6d:18:3b:f6:40:1d:0f:e5:98:bd:ab:0c:af:c2:d9: e2:af:34:85:74:31:81:83:da:eb:aa:9d:73:08:b3: a1:ad:1f:a2:5f:cc:ea:a4:61:25:b4:f3:e9:a9:5e: 45:05:51:8e:c0:f6:90:63:9e:9f:a2:97:df:93:95: 15:fe:57:bf:6b:e9:69:5c:3f:71:4e:a8:bd:ff:99: 99:94:84:37:d7:ff:72:39:09:5b:e0:1a:44:b6:e2: cb:90:66:03:36:05:fe:71:e8:de:5f:97:0e:72:83: 2e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:9F:DB:E0:3F:E9:D7:92:22:23:B4:4E:16:E4:E2:7B:97:A2:EF:0D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145447.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaed::/32 Signature Algorithm: sha256WithRSAEncryption 82:02:8c:0c:18:25:47:fc:21:c2:44:89:36:78:a1:74:19:61: 40:c7:53:b8:6b:f8:77:f7:bb:ab:5b:d9:a8:54:35:de:9a:27: 91:cd:16:b2:12:4f:ed:87:02:f6:7d:d2:61:d4:85:04:33:08: e2:48:06:52:52:5d:e5:d3:89:32:14:f8:b6:46:fb:75:93:74: 22:fb:92:a7:c8:af:ed:a9:de:57:51:64:4a:6c:f7:35:58:8c: 52:93:0c:b5:26:5d:18:bb:76:8c:7b:a7:ce:01:f4:ed:a2:7d: 82:77:4e:e0:1b:5c:08:f6:e6:c8:d3:95:d5:da:d5:9a:31:12: 8c:19:da:00:56:24:c6:f3:4f:d8:9e:c9:28:cf:f0:a7:29:7b: 43:64:d4:c4:ff:3d:03:35:2a:c0:4f:85:6a:d8:40:86:e2:12: f9:6b:3c:8a:f3:c7:89:51:fa:6b:3b:1a:22:3b:ad:05:ba:bf: 8c:64:8a:cb:02:67:57:b1:6a:ea:5a:93:56:f5:f5:be:62:6a: 52:fd:48:59:ed:81:20:14:1d:fa:2f:bc:73:10:bb:e2:5d:00: 5c:79:83:3b:be:38:5f:2f:a2:ad:46:45:b5:83:e4:85:b7:78: 59:fe:9b:26:ab:7c:95:06:81:4c:12:9f:51:7b:0c:97:46:12: 38:55:0b:58 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNL6Jn0+IgwWG8K2lt5X0gFSibnowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYzM1oX DTI3MDMwMzA2MjEzM1owMzExMC8GA1UEAxMoRjc5RkRCRTAzRkU5RDc5MjIyMjNC NDRFMTZFNEUyN0I5N0EyRUYwRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAITGi3bZfMbkFZWU1buArKp29XtwRc37KK+z5QKOMXK37F5UvLuGVqgherEK alNP4ld4ibjJhk19PE7UkIaMf2Hu/1YX/OSNrOxsVK/xDH/1QiVivRPsvziowM2/ KTlQP9YAwkv8bjgXRQkvNM4HVyyn4blXpGRhuzu3EwTP0ac26jhcojM0Qy2oKs6h 0tP5j/CSWSg5bRg79kAdD+WYvasMr8LZ4q80hXQxgYPa66qdcwizoa0fol/M6qRh JbTz6aleRQVRjsD2kGOen6KX35OVFf5Xv2vpaVw/cU6ovf+ZmZSEN9f/cjkJW+Aa RLbiy5BmAzYF/nHo3l+XDnKDLn8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT3n9vg P+nXkiIjtE4W5OJ7l6LvDTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qu0wDQYJKoZIhvcNAQELBQADggEBAIICjAwYJUf8IcJEiTZ4oXQZYUDHU7hr+Hf3 u6tb2ahUNd6aJ5HNFrIST+2HAvZ90mHUhQQzCOJIBlJSXeXTiTIU+LZG+3WTdCL7 kqfIr+2p3ldRZEps9zVYjFKTDLUmXRi7dox7p84B9O2ifYJ3TuAbXAj25sjTldXa 1ZoxEowZ2gBWJMbzT9ieySjP8Kcpe0Nk1MT/PQM1KsBPhWrYQIbiEvlrPIrzx4lR +ms7GiI7rQW6v4xkissCZ1exaupak1b19b5ialL9SFntgSAUHfovvHMQu+JdAFx5 gzu+OF8voq1GRbWD5IW3eFn+myarfJUGgUwSn1F7DJdGEjhVC1g= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:13 2026 by rpki-client