$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145723.roa File: AS145723.roa (raw, json) Hash identifier: gyYHvdbltP6XSIG4AU+T83m5RodY4ZDWIKAIkTsUSu4= Subject key identifier: 96:70:36:A5:2C:95:DE:FE:87:DD:50:ED:7C:D8:CF:87:8E:4E:08:6E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7D304CBA84FFF611975A1602F95B5A5B12631CAC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145723.roa Signing time: Wed 04 Mar 2026 06:30:44 +0000 ROA not before: Wed 04 Mar 2026 06:25:44 +0000 ROA not after: Wed 03 Mar 2027 06:30:44 +0000 asID: 145723 IP address blocks: 240a:ac01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:30:4c:ba:84:ff:f6:11:97:5a:16:02:f9:5b:5a:5b:12:63:1c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:44 2026 GMT Not After : Mar 3 06:30:44 2027 GMT Subject: CN=967036A52C95DEFE87DD50ED7CD8CF878E4E086E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:08:a5:0d:5e:93:ee:db:63:9d:15:5b:f9:87: a6:82:15:af:8e:f0:43:31:fa:cd:ed:7b:b1:c4:fa: 1a:a9:26:14:1f:ab:5f:63:1d:91:1b:1c:7c:fb:21: 4e:05:21:65:c4:2b:a6:b2:07:e4:7a:fe:83:e2:b5: e1:79:32:5f:19:5b:aa:78:56:86:0c:8b:a0:13:8b: 8c:55:6d:75:c0:f8:c9:c4:e5:f7:34:68:5f:4d:b7: a6:2d:04:60:8e:d5:e6:34:be:b7:cb:90:44:02:17: 23:80:9b:48:bc:d3:1b:10:3a:e3:04:70:39:a3:67: 34:c3:63:8e:19:3b:4f:0b:ac:7f:93:87:4a:d7:91: 46:66:cd:f0:0c:ce:e2:1d:e7:40:a1:99:c1:18:fc: c1:18:63:ee:b5:6e:c1:51:ce:c4:68:05:3b:80:6d: 41:a3:93:b6:2d:46:09:ae:a4:64:5e:23:19:e2:5c: cf:94:e3:50:69:01:9a:83:b7:9f:65:5f:14:23:12: e7:13:e9:a1:41:bb:7c:b7:c3:84:01:82:7e:1a:e8: e6:96:5c:eb:79:b4:05:20:43:6c:ab:4e:0f:5b:cb: 39:34:67:f7:87:0d:c8:03:bb:90:40:43:e4:8b:87: c8:5e:1d:bc:22:53:d6:c0:82:0e:72:6e:79:58:6d: 56:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:70:36:A5:2C:95:DE:FE:87:DD:50:ED:7C:D8:CF:87:8E:4E:08:6E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145723.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac01::/32 Signature Algorithm: sha256WithRSAEncryption 90:5f:18:a3:00:5d:b1:6d:7b:ba:fb:06:cc:88:a1:3e:a9:ff: fb:d3:ac:d2:4c:f8:5a:d1:b7:e8:08:6c:14:b1:d0:68:e6:f9: 04:aa:64:f3:fa:28:af:60:ee:0a:e1:22:9a:44:50:12:0b:82: f2:02:20:f0:7f:3a:c1:5f:98:c2:9d:b2:98:0c:94:46:11:18: 0d:1d:b5:32:b4:9f:77:cc:9b:54:71:39:57:bf:1f:4c:f3:82: 30:27:7b:a5:35:76:93:a5:32:e3:87:57:49:2c:10:5d:b7:fe: e0:95:37:17:eb:90:1a:3e:ee:9d:2b:9e:a2:68:bd:f1:3f:ed: 1a:9d:61:1b:09:4e:f8:19:d5:69:53:20:26:b3:d3:73:e7:80: 03:fd:bd:b6:89:55:51:3d:b6:4a:67:73:1a:d3:16:e3:98:d9: 6a:2d:3b:62:16:a9:13:80:93:ec:9f:83:2a:44:25:09:0d:55: 68:ab:7c:25:f9:ea:6e:b4:22:7c:dd:a8:01:5c:da:f2:b1:84: f9:0d:34:75:34:dc:03:a3:1f:28:89:50:be:88:f8:6b:9d:e2: ee:50:06:43:85:ce:c3:1f:7f:68:14:1e:36:b7:9c:47:fe:ba: 8d:9c:72:e4:5d:ae:d0:b7:0c:96:da:39:fe:73:0b:77:19:54: ee:aa:c0:a0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfTBMuoT/9hGXWhYC+VtaWxJjHKwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0NFoX DTI3MDMwMzA2MzA0NFowMzExMC8GA1UEAxMoOTY3MDM2QTUyQzk1REVGRTg3REQ1 MEVEN0NEOENGODc4RTRFMDg2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJEIpQ1ek+7bY50VW/mHpoIVr47wQzH6ze17scT6GqkmFB+rX2MdkRscfPsh TgUhZcQrprIH5Hr+g+K14XkyXxlbqnhWhgyLoBOLjFVtdcD4ycTl9zRoX023pi0E YI7V5jS+t8uQRAIXI4CbSLzTGxA64wRwOaNnNMNjjhk7Twusf5OHSteRRmbN8AzO 4h3nQKGZwRj8wRhj7rVuwVHOxGgFO4BtQaOTti1GCa6kZF4jGeJcz5TjUGkBmoO3 n2VfFCMS5xPpoUG7fLfDhAGCfhro5pZc63m0BSBDbKtOD1vLOTRn94cNyAO7kEBD 5IuHyF4dvCJT1sCCDnJueVhtVocCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSWcDal LJXe/ofdUO182M+Hjk4IbjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rAEwDQYJKoZIhvcNAQELBQADggEBAJBfGKMAXbFte7r7BsyIoT6p//vTrNJM+FrR t+gIbBSx0Gjm+QSqZPP6KK9g7grhIppEUBILgvICIPB/OsFfmMKdspgMlEYRGA0d tTK0n3fMm1RxOVe/H0zzgjAne6U1dpOlMuOHV0ksEF23/uCVNxfrkBo+7p0rnqJo vfE/7RqdYRsJTvgZ1WlTICaz03PngAP9vbaJVVE9tkpncxrTFuOY2WotO2IWqROA k+yfgypEJQkNVWirfCX56m60InzdqAFc2vKxhPkNNHU03AOjHyiJUL6I+Gud4u5Q BkOFzsMff2gUHja3nEf+uo2ccuRdrtC3DJbaOf5zC3cZVO6qwKA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:01 2026 by rpki-client