$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145786.roa File: AS145786.roa (raw, json) Hash identifier: kxoBq6NsErsXoSeyei2Z/LrrvCX5ox3I7ubXKor8g7U= Subject key identifier: FA:B4:39:12:EE:A4:15:AF:29:39:97:D2:48:09:2F:D7:FE:30:5C:74 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7047875158EEBC0EC45663ABECFF2FF6FD5EF9AA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145786.roa Signing time: Wed 04 Mar 2026 06:30:13 +0000 ROA not before: Wed 04 Mar 2026 06:25:13 +0000 ROA not after: Wed 03 Mar 2027 06:30:13 +0000 asID: 145786 IP address blocks: 240a:ac40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:47:87:51:58:ee:bc:0e:c4:56:63:ab:ec:ff:2f:f6:fd:5e:f9:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:13 2026 GMT Not After : Mar 3 06:30:13 2027 GMT Subject: CN=FAB43912EEA415AF293997D248092FD7FE305C74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:41:99:3c:d0:70:9b:89:a6:05:50:24:15:05: 57:b1:51:1b:c5:0d:b4:c4:65:ad:90:60:1f:65:51: 87:fa:07:8c:47:98:61:40:8c:7e:dd:06:e8:43:46: 2e:ea:e2:50:10:87:9f:f8:8d:94:dc:55:0e:67:5b: 56:79:83:6c:0e:18:ee:65:57:57:80:71:81:c8:99: 36:b4:be:10:a1:e7:da:58:49:7c:a2:6e:6d:7a:25: 57:c6:a7:43:ed:50:b4:09:2e:ff:d6:b3:bd:07:a9: 48:30:93:53:1c:39:d5:14:9a:98:44:20:8a:cf:c9: 54:aa:70:33:26:6e:59:ea:47:7b:9b:4e:20:72:72: 64:54:63:81:9d:b0:69:60:37:9d:11:81:ea:89:89: 77:f0:35:3e:38:de:35:ec:5f:0f:50:82:12:4e:38: 0f:10:ca:a5:86:92:dd:05:7a:a8:6b:4d:0c:ed:90: b4:26:38:20:4d:a1:47:88:f1:39:4b:4d:4d:09:32: a6:08:55:ec:89:cd:84:87:f4:85:1f:d2:c5:3a:1a: e7:7e:ad:5d:ff:fc:fc:8a:7f:af:09:5c:6b:f5:10: 31:4e:fc:b5:a4:c3:9a:0f:1c:5a:7d:28:ee:a2:da: d5:0a:02:44:37:fa:5e:32:27:e6:97:8b:d7:69:55: b9:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:B4:39:12:EE:A4:15:AF:29:39:97:D2:48:09:2F:D7:FE:30:5C:74 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145786.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac40::/32 Signature Algorithm: sha256WithRSAEncryption 32:c6:bd:32:1f:11:ae:45:1f:83:b4:fd:60:c3:bd:a5:21:c6: ec:f0:01:53:84:e6:dd:22:98:bf:a4:4c:71:fe:1c:3a:17:da: 29:d0:7d:1d:b6:e3:cd:24:d3:ea:85:6f:2e:5a:79:99:4c:9a: b9:56:e3:de:89:dc:b0:ac:22:49:30:64:33:f0:96:61:94:9b: 67:7d:fe:c9:a2:0d:b9:5a:f5:50:71:4f:05:f4:ea:19:dd:02: d3:cb:1a:59:8e:77:4b:f8:51:76:ef:60:33:37:25:ab:d8:81: 98:fd:16:17:dd:97:1b:71:42:73:3a:fc:f9:0f:a5:1b:84:6a: 7c:82:fb:0e:44:4a:7c:ce:6b:8d:68:61:42:71:ba:84:3f:ae: d1:d4:79:ac:eb:9a:6c:c0:d5:c6:6d:26:06:ea:ce:83:7f:98: 0a:f9:07:c4:f6:cb:6a:bf:39:af:6b:a3:d2:a5:b8:20:e5:12: 07:23:f0:2e:cd:51:10:79:16:2e:21:b1:d8:7e:a0:51:3c:be: 81:23:e9:87:1e:fa:7a:52:68:17:4e:f5:38:bf:2d:3c:26:56: 98:99:73:03:b6:7d:55:4e:19:5a:07:93:e8:46:13:d9:fb:32: 99:cf:80:bd:ea:e4:4d:03:30:60:e3:f7:c1:15:6d:4a:15:c5: 79:34:b1:76 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcEeHUVjuvA7EVmOr7P8v9v1e+aowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxM1oX DTI3MDMwMzA2MzAxM1owMzExMC8GA1UEAxMoRkFCNDM5MTJFRUE0MTVBRjI5Mzk5 N0QyNDgwOTJGRDdGRTMwNUM3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMlBmTzQcJuJpgVQJBUFV7FRG8UNtMRlrZBgH2VRh/oHjEeYYUCMft0G6ENG LuriUBCHn/iNlNxVDmdbVnmDbA4Y7mVXV4BxgciZNrS+EKHn2lhJfKJubXolV8an Q+1QtAku/9azvQepSDCTUxw51RSamEQgis/JVKpwMyZuWepHe5tOIHJyZFRjgZ2w aWA3nRGB6omJd/A1PjjeNexfD1CCEk44DxDKpYaS3QV6qGtNDO2QtCY4IE2hR4jx OUtNTQkypghV7InNhIf0hR/SxToa536tXf/8/Ip/rwlca/UQMU78taTDmg8cWn0o 7qLa1QoCRDf6XjIn5peL12lVuVkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT6tDkS 7qQVryk5l9JICS/X/jBcdDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTc4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rEAwDQYJKoZIhvcNAQELBQADggEBADLGvTIfEa5FH4O0/WDDvaUhxuzwAVOE5t0i mL+kTHH+HDoX2inQfR22480k0+qFby5aeZlMmrlW496J3LCsIkkwZDPwlmGUm2d9 /smiDbla9VBxTwX06hndAtPLGlmOd0v4UXbvYDM3JavYgZj9FhfdlxtxQnM6/PkP pRuEanyC+w5ESnzOa41oYUJxuoQ/rtHUeazrmmzA1cZtJgbqzoN/mAr5B8T2y2q/ Oa9ro9KluCDlEgcj8C7NURB5Fi4hsdh+oFE8voEj6Yce+npSaBdO9Ti/LTwmVpiZ cwO2fVVOGVoHk+hGE9n7MpnPgL3q5E0DMGDj98EVbUoVxXk0sXY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:05 2026 by rpki-client