$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145452.roa File: AS145452.roa (raw, json) Hash identifier: u13Lf+PCQBe3yqjVtPnj0zWnk9A8Ugy4/oFA7PQc96s= Subject key identifier: BA:D9:D0:0D:EC:D5:C0:ED:F0:57:F4:04:B6:CE:B2:96:A9:C3:F3:31 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 185C104C8BC3F842A29469FE50A476D6000112AF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145452.roa Signing time: Wed 04 Mar 2026 06:19:57 +0000 ROA not before: Wed 04 Mar 2026 06:14:57 +0000 ROA not after: Wed 03 Mar 2027 06:19:57 +0000 asID: 145452 IP address blocks: 240a:aaf2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:5c:10:4c:8b:c3:f8:42:a2:94:69:fe:50:a4:76:d6:00:01:12:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:57 2026 GMT Not After : Mar 3 06:19:57 2027 GMT Subject: CN=BAD9D00DECD5C0EDF057F404B6CEB296A9C3F331 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5b:96:22:99:40:23:96:2b:39:9d:90:ed:0d: 06:cf:ad:8b:fe:a4:ee:2f:ca:c0:88:ae:a0:e2:bb: a9:15:36:30:6d:43:ba:b2:cc:f9:77:df:a6:56:11: fb:82:70:58:17:aa:17:5d:b5:1d:de:5d:ef:74:1d: b7:d4:3d:2b:21:90:49:0a:ec:5e:3c:0c:fd:7a:c5: 47:0d:e4:89:4d:e4:3e:60:48:69:10:f8:9b:ce:2f: 21:e5:2a:81:72:1e:db:b4:0f:bf:77:a5:df:b5:bc: 23:57:b2:71:14:cc:62:52:b8:df:b5:a9:d9:54:77: 48:06:3c:cc:71:d5:b9:29:e5:4e:ab:d5:f3:ad:a8: e4:76:2e:11:c5:d3:1c:ef:c9:ff:c0:ed:ba:51:44: 1a:a3:cf:51:6f:8d:84:68:ec:2e:08:9c:7a:80:ff: bb:ae:00:5b:a0:c1:d4:76:ad:af:2e:e1:8d:0c:7a: b4:05:34:2e:ad:61:3d:90:17:6c:15:4f:bc:f6:51: dd:c3:2a:bf:b2:46:66:46:c9:20:61:bc:1d:05:49: 5f:b7:45:8b:1f:6e:a2:ee:a8:74:26:27:de:d7:84: fc:90:1a:76:21:87:52:d7:52:9d:68:8a:b8:60:fe: 49:36:af:c4:96:5a:98:d1:fe:9f:d6:ac:5a:47:b3: e4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:D9:D0:0D:EC:D5:C0:ED:F0:57:F4:04:B6:CE:B2:96:A9:C3:F3:31 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145452.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aaf2::/32 Signature Algorithm: sha256WithRSAEncryption 81:5f:1a:e7:47:57:c9:4a:e9:7b:97:59:4f:c1:51:b9:b5:4c: 83:5c:88:9d:73:3b:91:bf:09:84:52:2f:34:44:4c:d5:87:ea: 94:e6:3d:12:13:a8:ba:31:74:97:80:5b:ba:c8:27:8b:3f:9e: 94:d9:0f:ab:87:6a:67:b9:77:9a:82:a5:12:ea:77:b3:64:16: 73:97:4e:2c:2d:50:43:bb:49:4b:fa:e2:d2:28:3e:1e:63:c2: 1b:27:f8:c4:fa:6c:ef:fa:dc:ff:71:ba:57:70:3d:de:57:60: 23:d5:99:36:7d:93:73:f9:a0:b8:a2:d1:dd:38:f1:93:ad:e7: 7f:12:33:66:a4:81:64:62:e0:59:fc:9f:6a:09:2a:b8:6f:a5: ac:c2:11:0a:12:27:b7:40:40:d3:c3:2b:54:b7:89:35:c2:3b: 53:6a:a4:2e:a6:28:43:1e:2e:1d:65:f7:57:82:e0:90:e2:e8: cc:0a:c0:c3:98:a8:58:07:43:46:08:a9:05:10:67:5a:1d:45: 9f:85:a8:4d:44:28:8e:54:e7:86:79:a2:52:f0:01:16:d8:66: b6:5c:35:62:2e:d2:d9:a1:a4:48:44:4e:ee:c4:fa:ba:3f:cc: 4f:f8:34:28:a2:df:cc:57:b2:e6:47:89:82:22:ba:f9:18:2e: 67:26:74:1e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGFwQTIvD+EKilGn+UKR21gABEq8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1N1oX DTI3MDMwMzA2MTk1N1owMzExMC8GA1UEAxMoQkFEOUQwMERFQ0Q1QzBFREYwNTdG NDA0QjZDRUIyOTZBOUMzRjMzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMRbliKZQCOWKzmdkO0NBs+ti/6k7i/KwIiuoOK7qRU2MG1DurLM+XffplYR +4JwWBeqF121Hd5d73Qdt9Q9KyGQSQrsXjwM/XrFRw3kiU3kPmBIaRD4m84vIeUq gXIe27QPv3el37W8I1eycRTMYlK437Wp2VR3SAY8zHHVuSnlTqvV862o5HYuEcXT HO/J/8DtulFEGqPPUW+NhGjsLgiceoD/u64AW6DB1Hatry7hjQx6tAU0Lq1hPZAX bBVPvPZR3cMqv7JGZkbJIGG8HQVJX7dFix9uou6odCYn3teE/JAadiGHUtdSnWiK uGD+STavxJZamNH+n9asWkez5JUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS62dAN 7NXA7fBX9AS2zrKWqcPzMTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qvIwDQYJKoZIhvcNAQELBQADggEBAIFfGudHV8lK6XuXWU/BUbm1TINciJ1zO5G/ CYRSLzRETNWH6pTmPRITqLoxdJeAW7rIJ4s/npTZD6uHame5d5qCpRLqd7NkFnOX TiwtUEO7SUv64tIoPh5jwhsn+MT6bO/63P9xuldwPd5XYCPVmTZ9k3P5oLii0d04 8ZOt538SM2akgWRi4Fn8n2oJKrhvpazCEQoSJ7dAQNPDK1S3iTXCO1NqpC6mKEMe Lh1l91eC4JDi6MwKwMOYqFgHQ0YIqQUQZ1odRZ+FqE1EKI5U54Z5olLwARbYZrZc NWIu0tmhpEhETu7E+ro/zE/4NCii38xXsuZHiYIiuvkYLmcmdB4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:03 2026 by rpki-client