$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145757.roa File: AS145757.roa (raw, json) Hash identifier: QJKX0B3f2/RiJtw1tglaBmYJg3k/1HpqLw0eP8idrxA= Subject key identifier: 7C:D6:81:2A:13:C8:07:C7:89:B7:5E:64:38:23:4D:90:A0:7B:6D:0B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1196B7EADEDEAF91BC05DE98A1A219AAEB836ACE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145757.roa Signing time: Wed 04 Mar 2026 06:29:48 +0000 ROA not before: Wed 04 Mar 2026 06:24:48 +0000 ROA not after: Wed 03 Mar 2027 06:29:48 +0000 asID: 145757 IP address blocks: 240a:ac23::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:96:b7:ea:de:de:af:91:bc:05:de:98:a1:a2:19:aa:eb:83:6a:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:48 2026 GMT Not After : Mar 3 06:29:48 2027 GMT Subject: CN=7CD6812A13C807C789B75E6438234D90A07B6D0B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:69:0b:92:65:1e:38:fa:a8:23:e8:b6:53:72: f9:55:4c:6f:f1:75:40:2e:99:12:46:78:10:d5:77: 1c:09:60:f3:f9:71:8c:96:f8:06:6a:5f:83:0a:8e: 41:8a:b8:95:d8:6c:89:47:bd:bf:15:28:08:ed:82: d1:18:60:62:78:12:5d:59:09:3a:4c:20:1e:c3:46: f2:27:a8:d0:63:75:5e:0f:9f:db:bc:3f:6e:77:cc: e3:fe:5c:2a:f1:67:af:97:8f:d3:d8:58:96:17:04: 6e:94:bd:60:ea:44:60:a3:2a:0c:2c:f1:cc:93:72: f8:4a:29:f5:5c:26:31:80:fe:fc:b8:4c:5f:b9:56: 14:e7:10:13:76:98:57:2a:e8:23:25:2e:5d:14:15: ae:cb:e0:29:12:c6:3c:52:32:cf:80:7f:b4:b4:4d: 6f:8d:98:6f:49:84:96:0f:00:14:48:ff:cf:2a:50: b3:b2:b4:f8:1d:73:ec:a6:a3:12:7e:76:02:96:4c: 81:ea:47:c5:93:4e:28:86:e6:a1:54:5c:a2:53:f6: 34:16:2f:71:a6:6a:c9:63:2b:ab:09:36:6a:e2:59: 1a:63:53:92:a7:59:2c:28:6d:e8:d2:b9:58:5f:cc: 59:b3:48:39:fd:18:40:d9:dd:06:1f:4f:6a:61:32: 3f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:D6:81:2A:13:C8:07:C7:89:B7:5E:64:38:23:4D:90:A0:7B:6D:0B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145757.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac23::/32 Signature Algorithm: sha256WithRSAEncryption 6f:75:c3:44:96:bc:87:61:01:fb:2a:35:e4:5d:94:8f:fe:a4: 52:42:34:2c:dc:65:e5:d6:39:b7:2e:0d:a3:8e:33:75:8a:b2: 52:5b:42:ec:eb:d7:b7:f0:c7:3c:c2:57:a3:1c:c3:0d:62:e5: 91:5c:6d:47:2c:89:74:4f:78:4f:42:1e:e7:02:41:e8:10:b4: 94:86:95:6b:5f:9c:30:ee:cf:f8:74:17:c9:97:25:f1:b0:12: a8:69:da:fa:23:46:d4:81:11:57:f1:d3:72:6a:71:76:3d:75: 01:03:aa:ba:cd:66:a9:d9:b5:c0:cf:6b:7a:99:74:b0:a7:ae: d2:3e:86:ab:af:d5:37:64:90:ae:cc:f4:fe:9d:ff:58:a3:37: 96:17:71:b1:00:03:42:da:26:bb:d5:66:81:ab:29:6f:c4:c1: b1:8b:4f:c2:3e:13:79:a6:ff:81:6a:9e:f0:78:19:80:2d:8a: 09:58:28:c6:a2:2a:85:1e:d0:29:af:db:97:20:9c:42:74:2f: 0c:b6:17:63:dc:6d:2d:72:a8:95:36:94:b8:f7:8c:f8:11:45: 35:68:3b:20:a5:59:33:50:92:a4:03:a5:39:3d:67:15:e5:e6: de:b1:3c:fa:05:1e:de:a5:cd:df:f4:5f:46:10:0b:b3:93:10: 14:79:97:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEZa36t7er5G8Bd6YoaIZquuDas4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0OFoX DTI3MDMwMzA2Mjk0OFowMzExMC8GA1UEAxMoN0NENjgxMkExM0M4MDdDNzg5Qjc1 RTY0MzgyMzREOTBBMDdCNkQwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANRpC5JlHjj6qCPotlNy+VVMb/F1QC6ZEkZ4ENV3HAlg8/lxjJb4BmpfgwqO QYq4ldhsiUe9vxUoCO2C0RhgYngSXVkJOkwgHsNG8ieo0GN1Xg+f27w/bnfM4/5c KvFnr5eP09hYlhcEbpS9YOpEYKMqDCzxzJNy+Eop9VwmMYD+/LhMX7lWFOcQE3aY VyroIyUuXRQVrsvgKRLGPFIyz4B/tLRNb42Yb0mElg8AFEj/zypQs7K0+B1z7Kaj En52ApZMgepHxZNOKIbmoVRcolP2NBYvcaZqyWMrqwk2auJZGmNTkqdZLCht6NK5 WF/MWbNIOf0YQNndBh9PamEyP70CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR81oEq E8gHx4m3XmQ4I02QoHttCzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rCMwDQYJKoZIhvcNAQELBQADggEBAG91w0SWvIdhAfsqNeRdlI/+pFJCNCzcZeXW ObcuDaOOM3WKslJbQuzr17fwxzzCV6Mcww1i5ZFcbUcsiXRPeE9CHucCQegQtJSG lWtfnDDuz/h0F8mXJfGwEqhp2vojRtSBEVfx03JqcXY9dQEDqrrNZqnZtcDPa3qZ dLCnrtI+hquv1TdkkK7M9P6d/1ijN5YXcbEAA0LaJrvVZoGrKW/EwbGLT8I+E3mm /4FqnvB4GYAtiglYKMaiKoUe0Cmv25cgnEJ0Lwy2F2PcbS1yqJU2lLj3jPgRRTVo OyClWTNQkqQDpTk9ZxXl5t6xPPoFHt6lzd/0X0YQC7OTEBR5l3M= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:43 2026 by rpki-client