$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145814.roa File: AS145814.roa (raw, json) Hash identifier: vooQtiBEewXCNSx3UftTdNvLmdcpCbfXhowuzWw96aI= Subject key identifier: 5A:FE:78:C5:28:7C:37:2D:DB:55:AE:47:A2:91:35:81:08:5E:AC:15 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4FD12D53355E422C3046D518170DBB69133E18B4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145814.roa Signing time: Wed 04 Mar 2026 06:29:58 +0000 ROA not before: Wed 04 Mar 2026 06:24:58 +0000 ROA not after: Wed 03 Mar 2027 06:29:58 +0000 asID: 145814 IP address blocks: 240a:ac5c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:d1:2d:53:35:5e:42:2c:30:46:d5:18:17:0d:bb:69:13:3e:18:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:58 2026 GMT Not After : Mar 3 06:29:58 2027 GMT Subject: CN=5AFE78C5287C372DDB55AE47A2913581085EAC15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a9:a6:42:bf:48:8b:41:5e:cc:46:2e:41:56: 70:ef:e4:f4:a1:26:95:0b:a4:6d:72:ac:4e:a0:79: bf:dc:bf:de:99:1f:00:cc:40:71:1e:86:78:5e:8b: 31:dd:69:aa:47:67:23:95:ca:ff:8e:cb:3a:60:e0: 0d:bb:33:55:fe:4e:f2:eb:c7:56:59:28:50:f3:e1: 86:a4:e5:22:28:4b:b3:68:4f:31:06:5c:e2:bb:9c: ef:55:30:77:bb:1d:88:a6:d7:fd:60:40:83:07:20: a7:12:bd:a3:60:95:e6:16:3e:62:72:59:41:21:31: c3:a7:09:08:b6:98:9d:60:96:0b:90:87:6a:69:ee: 05:21:d8:80:9f:e2:a7:b8:74:28:89:a6:6b:29:16: 6b:56:13:74:41:6b:26:26:09:28:2e:b5:1a:19:d9: 8f:49:0b:8d:4e:5f:68:76:3e:5e:87:04:6b:2d:ff: 6a:10:f0:99:fe:ef:77:55:8f:93:c6:29:b6:9e:4c: 99:64:c5:5e:3b:de:6b:bf:74:ad:d7:4f:ee:b5:68: 68:54:c8:56:f0:5e:47:c1:3a:ae:f5:4a:81:8b:ba: cf:b9:04:af:ac:e6:3b:01:1e:9f:d9:ef:47:66:c4: 35:fb:02:72:03:3a:43:63:70:08:cc:f9:28:53:30: 5c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:FE:78:C5:28:7C:37:2D:DB:55:AE:47:A2:91:35:81:08:5E:AC:15 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145814.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac5c::/32 Signature Algorithm: sha256WithRSAEncryption 75:95:d0:ba:d6:b8:99:48:7c:d2:f8:03:7e:84:7a:24:5a:9e: f6:67:ba:8a:72:dd:db:a7:e8:b8:ae:ef:fe:56:0a:a3:e8:74: bf:79:a4:45:54:09:3d:a8:bc:30:b0:97:0c:24:c8:55:e6:a8: 6e:ba:fb:9c:d9:7b:a5:64:2b:7f:9b:f0:9c:34:2c:98:5b:4a: 09:29:07:07:63:4d:43:28:8a:ec:3f:27:7e:6b:3a:74:47:ef: 67:78:11:51:30:95:a2:b8:81:4e:db:12:e0:58:1c:b1:01:8b: 31:b2:c2:2c:a9:f9:12:4d:09:ab:8c:da:f9:42:f4:11:a5:5e: 6e:1e:d9:7b:bf:05:0f:63:5d:5c:89:9b:8f:cf:ff:81:13:f3: 25:91:71:84:36:ba:14:73:48:36:e8:9f:91:a1:6d:93:f7:a6: 7a:fa:18:01:52:41:12:07:42:98:c2:92:dc:75:c8:c4:e5:27: 74:71:f7:e1:b5:88:aa:a7:2c:b9:54:27:c8:a9:7a:f3:d5:32: 18:fa:32:54:32:2a:12:26:83:bc:39:6c:0d:8a:19:3f:16:38: 21:1c:fd:78:4e:1c:2b:df:fd:87:f3:6d:b1:92:e7:ea:6d:21: ed:04:8c:00:75:0e:9e:5d:3f:dc:77:5a:84:fe:46:b7:19:7d: a3:cd:fd:58 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUT9EtUzVeQiwwRtUYFw27aRM+GLQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1OFoX DTI3MDMwMzA2Mjk1OFowMzExMC8GA1UEAxMoNUFGRTc4QzUyODdDMzcyRERCNTVB RTQ3QTI5MTM1ODEwODVFQUMxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+ppkK/SItBXsxGLkFWcO/k9KEmlQukbXKsTqB5v9y/3pkfAMxAcR6GeF6L Md1pqkdnI5XK/47LOmDgDbszVf5O8uvHVlkoUPPhhqTlIihLs2hPMQZc4ruc71Uw d7sdiKbX/WBAgwcgpxK9o2CV5hY+YnJZQSExw6cJCLaYnWCWC5CHamnuBSHYgJ/i p7h0KImmaykWa1YTdEFrJiYJKC61GhnZj0kLjU5faHY+XocEay3/ahDwmf7vd1WP k8Yptp5MmWTFXjvea790rddP7rVoaFTIVvBeR8E6rvVKgYu6z7kEr6zmOwEen9nv R2bENfsCcgM6Q2NwCMz5KFMwXKMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRa/njF KHw3LdtVrkeikTWBCF6sFTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTgxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rFwwDQYJKoZIhvcNAQELBQADggEBAHWV0LrWuJlIfNL4A36EeiRanvZnuopy3dun 6Liu7/5WCqPodL95pEVUCT2ovDCwlwwkyFXmqG66+5zZe6VkK3+b8Jw0LJhbSgkp BwdjTUMoiuw/J35rOnRH72d4EVEwlaK4gU7bEuBYHLEBizGywiyp+RJNCauM2vlC 9BGlXm4e2Xu/BQ9jXVyJm4/P/4ET8yWRcYQ2uhRzSDbon5GhbZP3pnr6GAFSQRIH QpjCktx1yMTlJ3Rx9+G1iKqnLLlUJ8ipevPVMhj6MlQyKhImg7w5bA2KGT8WOCEc /XhOHCvf/YfzbbGS5+ptIe0EjAB1Dp5dP9x3WoT+RrcZfaPN/Vg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:50 2026 by rpki-client