$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145766.roa File: AS145766.roa (raw, json) Hash identifier: B5R5sdjhgd9R4BTXWH2TSQ833krRHkUlbPsPuF69Tu0= Subject key identifier: 4D:2D:0B:10:1D:3B:32:10:1E:F8:53:6A:06:02:A1:83:DB:66:46:2A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 600BE61931A23D508E47B0BF806E44C2F0BE297F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145766.roa Signing time: Wed 04 Mar 2026 06:29:59 +0000 ROA not before: Wed 04 Mar 2026 06:24:59 +0000 ROA not after: Wed 03 Mar 2027 06:29:59 +0000 asID: 145766 IP address blocks: 240a:ac2c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:0b:e6:19:31:a2:3d:50:8e:47:b0:bf:80:6e:44:c2:f0:be:29:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:59 2026 GMT Not After : Mar 3 06:29:59 2027 GMT Subject: CN=4D2D0B101D3B32101EF8536A0602A183DB66462A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:75:5c:83:eb:a2:5e:16:f5:85:e6:31:c2:4a: c0:2d:b3:22:28:bf:d1:08:05:f0:cf:20:6b:b3:8b: 16:44:4f:7e:a9:95:5f:00:85:5e:50:a1:05:a3:79: 71:aa:41:58:5e:e4:05:3b:10:04:e1:79:44:13:08: 7e:7a:f6:5f:ec:43:fa:1e:ac:7e:dc:61:31:d6:f6: 20:ce:39:ba:38:b5:c4:11:d5:b1:f8:af:06:48:8f: ee:a8:9e:f1:fa:3c:90:13:1c:b0:a3:83:25:10:21: fd:da:d7:6b:46:12:84:8a:21:fe:69:53:6a:1b:0d: 2e:97:ba:ed:88:2f:7f:d7:b7:ea:4d:18:76:e8:fb: 8f:e2:17:cd:e8:31:e4:9b:7e:c4:65:04:66:93:2a: bf:f3:02:d7:1d:bf:e1:d6:cc:28:28:ab:7a:c5:3d: 2b:af:62:a2:31:e4:85:0e:f6:91:0d:9c:34:c4:74: db:0a:5e:c5:b4:c3:1f:30:29:c2:b9:56:b6:6f:aa: 3e:24:c2:25:83:9b:d1:32:f0:dc:64:d3:41:d0:00: 07:21:e3:f8:a9:ad:44:e4:e1:c2:76:c4:cf:43:e5: 6e:6e:a8:34:96:7f:44:9e:82:27:02:94:77:f0:5b: 14:4c:7f:f5:b9:cb:6b:65:c5:72:67:e9:2d:b3:6c: 2b:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:2D:0B:10:1D:3B:32:10:1E:F8:53:6A:06:02:A1:83:DB:66:46:2A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145766.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac2c::/32 Signature Algorithm: sha256WithRSAEncryption b3:c9:ca:4d:d1:a4:47:ff:14:58:79:35:06:26:76:ad:f5:22: 17:37:e2:2f:4c:2a:3d:f8:57:40:7e:cb:d9:82:7b:fc:e2:b8: d6:04:65:db:64:47:9c:76:74:b9:01:73:4b:8d:0f:ba:36:23: 21:a4:3f:6e:16:ed:c0:98:7c:0b:2e:87:f6:24:a1:48:12:57: 47:5a:d8:c8:4b:c6:82:a7:a0:9c:e7:1d:11:11:4b:87:50:46: 55:b3:3f:a8:4c:d3:c7:81:01:34:95:39:75:b9:4a:53:81:0b: a8:33:29:13:58:ac:5c:3c:09:c7:8b:5d:70:2c:93:e3:a7:0a: 20:12:b1:54:e9:f6:bc:4f:73:d2:7c:c1:7a:9e:70:7f:53:a2: 43:a5:99:72:7e:34:b6:62:6d:4e:d6:31:82:62:b4:f8:ef:5a: 49:56:ab:7c:70:60:66:e4:70:86:fa:f7:23:90:33:ca:c4:c8: b5:06:25:24:78:68:01:20:6d:cb:2b:b8:7a:41:a2:57:c7:9a: e9:9f:91:09:ea:8c:9c:2c:88:7c:4b:a9:f5:4c:b4:12:9d:d7: 84:8d:64:30:d8:90:b7:6a:e7:f9:c7:e9:30:a1:18:05:32:01: 05:aa:6c:04:d1:d1:64:c5:94:9b:c8:57:85:41:51:2d:fa:64: ca:5a:15:6b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYAvmGTGiPVCOR7C/gG5EwvC+KX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1OVoX DTI3MDMwMzA2Mjk1OVowMzExMC8GA1UEAxMoNEQyRDBCMTAxRDNCMzIxMDFFRjg1 MzZBMDYwMkExODNEQjY2NDYyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALV1XIProl4W9YXmMcJKwC2zIii/0QgF8M8ga7OLFkRPfqmVXwCFXlChBaN5 capBWF7kBTsQBOF5RBMIfnr2X+xD+h6sftxhMdb2IM45uji1xBHVsfivBkiP7qie 8fo8kBMcsKODJRAh/drXa0YShIoh/mlTahsNLpe67Ygvf9e36k0Yduj7j+IXzegx 5Jt+xGUEZpMqv/MC1x2/4dbMKCiresU9K69iojHkhQ72kQ2cNMR02wpexbTDHzAp wrlWtm+qPiTCJYOb0TLw3GTTQdAAByHj+KmtROThwnbEz0Plbm6oNJZ/RJ6CJwKU d/BbFEx/9bnLa2XFcmfpLbNsK1sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRNLQsQ HTsyEB74U2oGAqGD22ZGKjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc2Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rCwwDQYJKoZIhvcNAQELBQADggEBALPJyk3RpEf/FFh5NQYmdq31Ihc34i9MKj34 V0B+y9mCe/ziuNYEZdtkR5x2dLkBc0uND7o2IyGkP24W7cCYfAsuh/YkoUgSV0da 2MhLxoKnoJznHRERS4dQRlWzP6hM08eBATSVOXW5SlOBC6gzKRNYrFw8CceLXXAs k+OnCiASsVTp9rxPc9J8wXqecH9TokOlmXJ+NLZibU7WMYJitPjvWklWq3xwYGbk cIb69yOQM8rEyLUGJSR4aAEgbcsruHpBolfHmumfkQnqjJwsiHxLqfVMtBKd14SN ZDDYkLdq5/nH6TChGAUyAQWqbATR0WTFlJvIV4VBUS36ZMpaFWs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:44 2026 by rpki-client