$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145764.roa File: AS145764.roa (raw, json) Hash identifier: adXqRppM5jHNOR1XfvFrLz0rzQW5T97i41wQ4dXlXcI= Subject key identifier: 03:27:4E:5A:A2:5A:60:57:AE:D5:78:36:87:6F:FD:4D:53:30:B8:D5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 20321596942C3F13CEDE5FC76EFDCFDD8CFCA7E4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145764.roa Signing time: Wed 04 Mar 2026 06:29:57 +0000 ROA not before: Wed 04 Mar 2026 06:24:57 +0000 ROA not after: Wed 03 Mar 2027 06:29:57 +0000 asID: 145764 IP address blocks: 240a:ac2a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:32:15:96:94:2c:3f:13:ce:de:5f:c7:6e:fd:cf:dd:8c:fc:a7:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:57 2026 GMT Not After : Mar 3 06:29:57 2027 GMT Subject: CN=03274E5AA25A6057AED57836876FFD4D5330B8D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9c:79:2f:bc:94:1e:3b:6e:b5:f0:96:08:d0: c1:6e:a1:c5:e4:d3:0c:f8:be:47:1a:5e:b8:a7:4e: 8c:d6:5a:29:4c:b3:08:65:2a:fc:00:6a:40:b2:5f: d9:d7:66:8c:d7:5c:91:d7:86:66:4f:ea:d9:f8:a1: 2a:b5:24:75:98:a1:32:2f:b7:12:c7:26:0d:e2:51: 82:91:df:8b:32:66:16:fc:c2:ca:bb:de:41:80:80: 84:96:0b:81:db:0c:cf:ed:b7:f0:82:a3:51:7b:5b: c0:83:a2:87:1d:0f:d6:97:37:37:dc:d9:78:52:75: ac:55:b5:ce:19:85:9b:c6:15:2d:c2:b6:8a:e6:6b: 94:c9:c2:c5:85:e2:38:c3:a7:76:fc:f0:08:0e:60: 6d:2c:87:7a:87:93:91:1f:55:89:6b:7b:f9:65:54: b6:cb:4e:ff:16:b0:58:78:f6:e5:ac:75:48:14:5a: cd:17:1b:f3:c8:e2:df:0c:f6:d4:d8:de:8c:17:ba: 69:a8:b1:73:2f:33:25:16:50:61:fe:48:73:aa:99: 1c:c8:bf:4d:27:f6:d4:7f:ec:eb:16:ee:a1:09:bd: a1:41:5f:7c:9c:04:d5:b8:0d:39:3c:17:3c:13:4f: 3a:89:07:64:1a:15:32:a2:e3:e4:61:bc:fb:8b:ae: ab:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:27:4E:5A:A2:5A:60:57:AE:D5:78:36:87:6F:FD:4D:53:30:B8:D5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145764.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac2a::/32 Signature Algorithm: sha256WithRSAEncryption 51:c8:24:39:06:48:7e:e0:86:63:b4:32:83:a1:6d:5c:a6:59: 73:60:79:d6:1b:ba:2a:d8:3b:08:98:0e:21:45:cd:29:aa:9b: c1:c4:1d:55:53:75:99:a0:8d:37:3d:a8:f1:7c:22:df:bf:a2: 37:62:1b:85:d8:3b:11:8e:cf:44:76:86:fa:e8:2e:52:28:43: 3b:99:80:e1:51:c4:38:4f:b3:8f:9c:7d:1e:09:1a:2f:18:66: 44:99:f1:ea:27:36:56:13:12:40:3c:d0:58:3a:40:41:1d:e8: 5e:d5:a7:fa:a1:6c:41:14:7d:aa:0e:f3:a6:44:1d:41:fc:b3: 8c:e6:81:00:2a:8d:81:03:18:6f:02:16:9d:6e:62:13:3d:96: 8f:9e:ea:34:d4:c9:be:2a:b0:47:0e:f0:37:f8:b5:81:ce:c8: fb:e3:ce:46:78:93:f3:29:52:a9:94:39:20:e0:2b:e5:96:10: 27:d1:72:07:65:b3:e1:5a:90:79:c2:95:c7:49:5f:48:64:2d: 07:e7:fa:82:d6:c8:02:33:5a:e4:53:47:c6:56:ca:21:76:28: 55:7d:85:6d:13:c0:21:c7:f5:ec:0a:cb:9c:b4:0f:50:18:77: 39:bd:3d:1e:de:25:b9:1c:c7:bb:65:48:79:f1:77:70:49:5e: 26:87:f6:e5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIDIVlpQsPxPO3l/Hbv3P3Yz8p+QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1N1oX DTI3MDMwMzA2Mjk1N1owMzExMC8GA1UEAxMoMDMyNzRFNUFBMjVBNjA1N0FFRDU3 ODM2ODc2RkZENEQ1MzMwQjhENTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaceS+8lB47brXwlgjQwW6hxeTTDPi+RxpeuKdOjNZaKUyzCGUq/ABqQLJf 2ddmjNdckdeGZk/q2fihKrUkdZihMi+3EscmDeJRgpHfizJmFvzCyrveQYCAhJYL gdsMz+238IKjUXtbwIOihx0P1pc3N9zZeFJ1rFW1zhmFm8YVLcK2iuZrlMnCxYXi OMOndvzwCA5gbSyHeoeTkR9ViWt7+WVUtstO/xawWHj25ax1SBRazRcb88ji3wz2 1NjejBe6aaixcy8zJRZQYf5Ic6qZHMi/TSf21H/s6xbuoQm9oUFffJwE1bgNOTwX PBNPOokHZBoVMqLj5GG8+4uuq8cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQDJ05a olpgV67VeDaHb/1NUzC41TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc2NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rCowDQYJKoZIhvcNAQELBQADggEBAFHIJDkGSH7ghmO0MoOhbVymWXNgedYbuirY OwiYDiFFzSmqm8HEHVVTdZmgjTc9qPF8It+/ojdiG4XYOxGOz0R2hvroLlIoQzuZ gOFRxDhPs4+cfR4JGi8YZkSZ8eonNlYTEkA80Fg6QEEd6F7Vp/qhbEEUfaoO86ZE HUH8s4zmgQAqjYEDGG8CFp1uYhM9lo+e6jTUyb4qsEcO8Df4tYHOyPvjzkZ4k/Mp UqmUOSDgK+WWECfRcgdls+FakHnClcdJX0hkLQfn+oLWyAIzWuRTR8ZWyiF2KFV9 hW0TwCHH9ewKy5y0D1AYdzm9PR7eJbkcx7tlSHnxd3BJXiaH9uU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:09 2026 by rpki-client