$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145753.roa File: AS145753.roa (raw, json) Hash identifier: Umcm27VZyE8AMMdMTrVBgRoXzF7dEnjBWPloHwdqxCk= Subject key identifier: 66:46:8B:7C:42:5D:CC:C5:3C:71:91:69:9B:F8:47:7D:0A:2B:E3:4E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A507C908955191B4E1A1E681976E4B15BF13968 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145753.roa Signing time: Wed 04 Mar 2026 06:30:48 +0000 ROA not before: Wed 04 Mar 2026 06:25:48 +0000 ROA not after: Wed 03 Mar 2027 06:30:48 +0000 asID: 145753 IP address blocks: 240a:ac1f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:50:7c:90:89:55:19:1b:4e:1a:1e:68:19:76:e4:b1:5b:f1:39:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:48 2026 GMT Not After : Mar 3 06:30:48 2027 GMT Subject: CN=66468B7C425DCCC53C7191699BF8477D0A2BE34E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c0:17:df:e0:a7:a4:ab:f3:ab:8b:5b:42:71: 2d:4e:ce:f8:ae:ce:fa:34:ed:33:ae:12:59:76:13: 2d:44:9a:89:ec:27:7c:26:82:56:09:62:ac:c4:4c: 23:73:bc:d2:38:fe:a2:36:6b:89:7f:f0:f7:63:25: 2d:21:fc:22:86:3b:3b:a0:64:4a:4c:4d:62:cd:6d: 17:b6:e6:a7:30:5c:79:36:7f:b9:42:27:8d:87:5a: ba:35:83:67:85:82:7d:15:f1:56:8a:93:d4:ac:47: 79:b3:b8:14:91:26:1f:18:d7:ce:7f:f2:35:95:c3: 1f:fb:ab:91:74:96:92:fb:a5:72:35:dd:89:e5:e1: 01:e9:c3:92:15:7f:fc:ce:7f:5d:30:14:f8:7e:ae: 76:0c:4c:5e:54:cf:3d:bf:14:01:5d:3e:e7:b6:ef: b3:b9:88:b8:ce:05:e9:f0:85:0f:3d:57:13:8c:f8: 2d:83:16:c4:21:15:c6:70:c4:a0:bd:78:9f:53:ae: a0:ae:66:2c:09:be:a2:ba:24:a0:de:eb:3f:22:a5: 40:6b:9f:d4:4a:c5:05:39:23:f5:50:73:ce:a3:70: 13:57:c3:66:d5:52:05:47:70:cb:9b:d7:53:c4:4b: 8d:ec:d2:8a:51:96:4f:28:cb:89:3e:3a:91:7d:b5: e6:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:46:8B:7C:42:5D:CC:C5:3C:71:91:69:9B:F8:47:7D:0A:2B:E3:4E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145753.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac1f::/32 Signature Algorithm: sha256WithRSAEncryption da:39:33:e9:04:1e:51:01:00:87:70:37:f1:5c:0c:74:b6:fa: d6:1e:eb:32:e1:b6:90:53:cb:27:f4:7d:aa:aa:3c:d9:b4:a3: 3b:8d:02:f9:48:db:ce:f3:a2:ff:49:6f:c7:39:68:54:32:5c: c9:29:6e:a5:87:8f:ae:43:fa:96:de:2d:3c:30:bb:9e:a6:2f: 55:04:99:1d:9d:67:a0:d0:da:8a:50:c1:a4:44:be:b9:ba:89: 59:40:b2:08:21:7a:9c:09:e6:80:78:10:97:39:ce:0c:92:0b: be:7c:7f:08:b2:1e:19:47:57:c3:93:c9:e7:2d:56:91:d3:bb: 9f:52:0a:70:32:3b:4f:8b:98:56:19:55:e9:1d:05:0d:67:ab: 6e:44:6b:59:3f:29:2d:80:6a:47:5f:92:cc:ac:53:6b:e3:81: 37:48:c0:36:28:b0:f5:98:10:1f:a0:70:74:bc:9f:e0:bd:89: 01:8b:05:cc:70:56:c1:a4:77:f3:8d:6f:b7:26:fb:3b:83:49: ab:21:19:c2:aa:e8:1b:13:55:ad:90:b0:0c:e6:1d:34:d5:97: 55:7d:db:78:54:64:26:7e:2a:d3:65:94:45:80:b4:23:ba:ca: 32:a8:64:5b:e6:b1:12:07:15:a0:af:15:e6:de:78:b0:9c:11: e2:77:78:aa -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWlB8kIlVGRtOGh5oGXbksVvxOWgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0OFoX DTI3MDMwMzA2MzA0OFowMzExMC8GA1UEAxMoNjY0NjhCN0M0MjVEQ0NDNTNDNzE5 MTY5OUJGODQ3N0QwQTJCRTM0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfAF9/gp6Sr86uLW0JxLU7O+K7O+jTtM64SWXYTLUSaiewnfCaCVglirMRM I3O80jj+ojZriX/w92MlLSH8IoY7O6BkSkxNYs1tF7bmpzBceTZ/uUInjYdaujWD Z4WCfRXxVoqT1KxHebO4FJEmHxjXzn/yNZXDH/urkXSWkvulcjXdieXhAenDkhV/ /M5/XTAU+H6udgxMXlTPPb8UAV0+57bvs7mIuM4F6fCFDz1XE4z4LYMWxCEVxnDE oL14n1OuoK5mLAm+orokoN7rPyKlQGuf1ErFBTkj9VBzzqNwE1fDZtVSBUdwy5vX U8RLjezSilGWTyjLiT46kX215h0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRmRot8 Ql3MxTxxkWmb+Ed9CivjTjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rB8wDQYJKoZIhvcNAQELBQADggEBANo5M+kEHlEBAIdwN/FcDHS2+tYe6zLhtpBT yyf0faqqPNm0ozuNAvlI287zov9Jb8c5aFQyXMkpbqWHj65D+pbeLTwwu56mL1UE mR2dZ6DQ2opQwaREvrm6iVlAsgghepwJ5oB4EJc5zgySC758fwiyHhlHV8OTyect VpHTu59SCnAyO0+LmFYZVekdBQ1nq25Ea1k/KS2AakdfksysU2vjgTdIwDYosPWY EB+gcHS8n+C9iQGLBcxwVsGkd/ONb7cm+zuDSashGcKq6BsTVa2QsAzmHTTVl1V9 23hUZCZ+KtNllEWAtCO6yjKoZFvmsRIHFaCvFebeeLCcEeJ3eKo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:24 2026 by rpki-client