$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145752.roa File: AS145752.roa (raw, json) Hash identifier: c0SUiuWbVOdY9DK6WbhX6gK9t34fsQ4qxKl22PN9Ex8= Subject key identifier: 23:44:89:EB:26:59:E1:EB:3F:B6:25:FF:F0:5B:FC:81:1F:7C:0E:77 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 38EC442631217FCA173050380B04C0B878B7D0C6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145752.roa Signing time: Wed 04 Mar 2026 06:29:55 +0000 ROA not before: Wed 04 Mar 2026 06:24:55 +0000 ROA not after: Wed 03 Mar 2027 06:29:55 +0000 asID: 145752 IP address blocks: 240a:ac1e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:ec:44:26:31:21:7f:ca:17:30:50:38:0b:04:c0:b8:78:b7:d0:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:55 2026 GMT Not After : Mar 3 06:29:55 2027 GMT Subject: CN=234489EB2659E1EB3FB625FFF05BFC811F7C0E77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:93:92:1e:bf:19:84:e1:5f:47:84:17:4e:da: 6f:53:b4:ff:95:4a:c9:cb:44:1d:6d:eb:3b:f6:da: 36:64:2f:6b:8b:8d:95:10:16:72:c0:3f:75:81:bd: 9c:a4:01:96:0b:e0:ae:61:ba:d7:e1:82:c5:63:a9: 77:e1:48:21:cc:b2:ae:19:23:24:91:02:28:a4:e7: 23:89:30:fa:14:ed:2f:7d:48:56:53:74:a3:33:46: 92:31:0c:f3:5f:b7:ec:82:03:8a:24:b9:8e:24:58: 55:06:e4:05:c1:ff:0c:2c:0a:16:aa:04:cc:5a:e7: cf:b3:cc:7c:49:12:58:73:71:c3:8f:fe:c2:d7:b5: d2:6e:04:c1:18:f0:f0:63:db:da:dc:1c:0c:63:8e: ae:10:36:95:b5:ad:d1:43:e1:98:3f:2a:70:1a:b9: b5:27:58:5a:9e:b0:b9:aa:e5:7d:05:ef:7e:07:33: 49:b4:31:bc:20:d1:49:17:b4:9d:b2:31:26:37:55: a4:47:43:01:c4:e1:ca:4e:a4:0f:b2:27:53:2c:c6: 0c:71:e8:33:d5:31:35:66:26:96:f3:72:99:94:c7: f8:87:a3:d9:c0:d6:15:5a:2a:b0:75:d9:bf:79:92: 9d:60:a8:f9:93:94:9f:bc:64:2b:91:02:10:a5:03: 14:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:44:89:EB:26:59:E1:EB:3F:B6:25:FF:F0:5B:FC:81:1F:7C:0E:77 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145752.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac1e::/32 Signature Algorithm: sha256WithRSAEncryption 63:7f:78:94:62:4f:26:bf:dc:19:ae:67:5a:94:9b:e2:73:4b: 3a:12:6e:e3:81:3c:c7:92:04:bc:bc:79:f7:e9:da:c5:be:71: 01:cd:b4:c9:24:cf:8c:34:ca:80:7c:e4:55:b8:41:76:36:d9: 69:43:32:13:cb:3d:81:37:d3:10:46:e6:64:16:43:0e:a8:a4: 46:7e:32:c6:18:d0:6d:54:00:4d:85:33:a2:2b:7f:3d:0a:2f: 1d:ab:4d:17:9e:65:36:a2:b6:53:bb:5f:b3:52:9e:af:0b:35: b7:ca:26:8a:a9:cb:6a:a4:77:d1:d3:fa:d7:4b:ac:47:e6:6d: 14:af:f3:8f:b4:e4:12:bd:6b:22:f3:ed:79:fb:00:2b:be:1c: ee:a5:98:37:14:27:8e:13:ff:93:79:12:19:6e:e9:af:e4:7b: 84:44:34:e1:a2:aa:54:b8:8a:44:96:1e:a7:29:95:eb:0e:f0: fe:97:cd:34:06:1a:82:a6:9b:c8:76:84:e6:ba:9c:ba:19:90: 47:55:b8:db:51:d0:be:c6:08:31:24:45:d9:c9:2b:96:06:62: d7:11:5d:2c:6f:29:6f:14:98:a9:f4:e1:80:be:ea:f9:cc:99: 48:e2:b7:0d:5b:a9:d4:b0:06:5a:1c:70:5b:6c:97:4d:82:b4: 0a:56:65:4c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOOxEJjEhf8oXMFA4CwTAuHi30MYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1NVoX DTI3MDMwMzA2Mjk1NVowMzExMC8GA1UEAxMoMjM0NDg5RUIyNjU5RTFFQjNGQjYy NUZGRjA1QkZDODExRjdDMEU3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCTkh6/GYThX0eEF07ab1O0/5VKyctEHW3rO/baNmQva4uNlRAWcsA/dYG9 nKQBlgvgrmG61+GCxWOpd+FIIcyyrhkjJJECKKTnI4kw+hTtL31IVlN0ozNGkjEM 81+37IIDiiS5jiRYVQbkBcH/DCwKFqoEzFrnz7PMfEkSWHNxw4/+wte10m4EwRjw 8GPb2twcDGOOrhA2lbWt0UPhmD8qcBq5tSdYWp6wuarlfQXvfgczSbQxvCDRSRe0 nbIxJjdVpEdDAcThyk6kD7InUyzGDHHoM9UxNWYmlvNymZTH+Iej2cDWFVoqsHXZ v3mSnWCo+ZOUn7xkK5ECEKUDFCcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQjRInr Jlnh6z+2Jf/wW/yBH3wOdzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rB4wDQYJKoZIhvcNAQELBQADggEBAGN/eJRiTya/3BmuZ1qUm+JzSzoSbuOBPMeS BLy8effp2sW+cQHNtMkkz4w0yoB85FW4QXY22WlDMhPLPYE30xBG5mQWQw6opEZ+ MsYY0G1UAE2FM6Irfz0KLx2rTReeZTaitlO7X7NSnq8LNbfKJoqpy2qkd9HT+tdL rEfmbRSv84+05BK9ayLz7Xn7ACu+HO6lmDcUJ44T/5N5Ehlu6a/ke4RENOGiqlS4 ikSWHqcplesO8P6XzTQGGoKmm8h2hOa6nLoZkEdVuNtR0L7GCDEkRdnJK5YGYtcR XSxvKW8UmKn04YC+6vnMmUjitw1bqdSwBloccFtsl02CtApWZUw= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:41 2026 by rpki-client