$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145823.roa File: AS145823.roa (raw, json) Hash identifier: vfHrTVQV+Rb8y99CVPOu6m7G8cjAKIcmcYe8lqpiyH0= Subject key identifier: 39:69:95:98:09:E5:19:81:F9:F0:91:74:51:49:D9:13:23:A4:E0:03 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 433EE64C327E86373F3DA612FF28D8D7E23EB17B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145823.roa Signing time: Wed 04 Mar 2026 06:30:36 +0000 ROA not before: Wed 04 Mar 2026 06:25:36 +0000 ROA not after: Wed 03 Mar 2027 06:30:36 +0000 asID: 145823 IP address blocks: 240a:ac65::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:3e:e6:4c:32:7e:86:37:3f:3d:a6:12:ff:28:d8:d7:e2:3e:b1:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:36 2026 GMT Not After : Mar 3 06:30:36 2027 GMT Subject: CN=3969959809E51981F9F091745149D91323A4E003 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3a:c8:79:2b:5b:88:80:94:a1:32:c8:7f:fe: 14:25:47:00:9b:9e:3c:09:c3:e0:f1:aa:26:bc:e9: 79:81:29:7a:4d:50:26:cb:ce:b5:a5:d5:09:4b:7d: 39:d0:4f:10:71:86:ec:40:ed:84:d7:7d:e4:fe:3a: 90:82:44:ac:34:b5:46:0a:af:c0:dc:9b:e7:10:72: 17:e5:40:4a:63:75:bf:54:da:53:54:1f:79:f4:39: 1c:fe:d3:35:d7:25:89:63:47:60:1f:15:9d:a8:fc: 94:50:37:64:58:35:2d:c4:c7:85:4e:35:6f:57:4d: a1:f2:f9:a0:3b:cd:7f:40:37:93:53:bb:df:3e:7c: c4:aa:ae:5f:42:45:da:1e:34:4e:f4:9c:dc:b7:7e: 2e:b5:82:1d:29:be:7b:9f:ee:5e:6f:11:08:eb:e4: b5:7a:24:d3:5c:39:14:cd:5d:41:a1:61:c4:f6:05: 3a:2a:9d:0e:f2:f2:0d:a0:f4:6a:13:aa:54:2a:08: a6:ad:d6:1a:be:da:a8:80:8b:12:28:26:81:a9:9f: 43:62:fb:22:0f:6f:ce:d4:43:21:92:4d:2b:60:ec: eb:d3:81:fd:c3:5c:f1:6c:54:b5:c2:3a:e0:d2:ee: 39:6d:9f:05:be:e0:29:28:c4:85:7c:04:4f:19:65: 0b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:69:95:98:09:E5:19:81:F9:F0:91:74:51:49:D9:13:23:A4:E0:03 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145823.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac65::/32 Signature Algorithm: sha256WithRSAEncryption ae:45:ff:95:d5:bb:59:1d:ec:3b:1a:34:52:81:f9:35:3b:4c: bf:a4:6a:df:a1:63:19:88:3f:04:68:87:25:bd:66:10:6e:1a: 3d:8b:93:e2:28:81:2b:4b:e2:b9:18:97:e2:35:ae:f1:56:d1: 3b:ce:60:78:3a:58:50:99:fb:a4:97:97:11:1a:0f:bc:e2:13: 08:ed:05:4e:ee:9d:88:bf:dd:13:3a:9c:be:17:0c:d9:0a:d7: 9e:1f:9a:12:3c:1a:b1:cd:67:7d:a0:85:6e:70:f6:d8:34:13: c8:a5:72:81:c2:29:83:6d:14:75:69:94:dc:7a:aa:b0:98:19: ac:dd:4b:98:28:59:4d:2e:3d:d4:89:97:a0:53:0f:1a:61:ef: 6e:a2:2d:7d:ae:b5:58:e3:fa:6a:11:70:66:26:df:74:be:99: ec:4f:09:b9:cd:c7:d0:04:e8:c7:70:d7:d8:23:eb:87:57:fb: ed:06:cb:5d:9b:f1:c1:ad:37:0a:e6:a0:76:52:2e:f1:d5:2b: e4:df:88:96:92:98:29:b9:bb:88:80:a5:2e:96:25:3f:48:7c: 69:64:b4:6e:6f:38:64:cb:e5:8e:56:b7:7f:ea:f6:14:d8:5a: 95:d0:5f:52:c6:bc:a6:d8:da:7e:e0:8c:d6:20:e3:0b:76:fb: 1e:dc:78:5c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQz7mTDJ+hjc/PaYS/yjY1+I+sXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzNloX DTI3MDMwMzA2MzAzNlowMzExMC8GA1UEAxMoMzk2OTk1OTgwOUU1MTk4MUY5RjA5 MTc0NTE0OUQ5MTMyM0E0RTAwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL86yHkrW4iAlKEyyH/+FCVHAJuePAnD4PGqJrzpeYEpek1QJsvOtaXVCUt9 OdBPEHGG7EDthNd95P46kIJErDS1RgqvwNyb5xByF+VASmN1v1TaU1QfefQ5HP7T NdcliWNHYB8Vnaj8lFA3ZFg1LcTHhU41b1dNofL5oDvNf0A3k1O73z58xKquX0JF 2h40TvSc3Ld+LrWCHSm+e5/uXm8RCOvktXok01w5FM1dQaFhxPYFOiqdDvLyDaD0 ahOqVCoIpq3WGr7aqICLEigmgamfQ2L7Ig9vztRDIZJNK2Ds69OB/cNc8WxUtcI6 4NLuOW2fBb7gKSjEhXwETxllC3MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ5aZWY CeUZgfnwkXRRSdkTI6TgAzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTgyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rGUwDQYJKoZIhvcNAQELBQADggEBAK5F/5XVu1kd7DsaNFKB+TU7TL+kat+hYxmI PwRohyW9ZhBuGj2Lk+IogStL4rkYl+I1rvFW0TvOYHg6WFCZ+6SXlxEaD7ziEwjt BU7unYi/3RM6nL4XDNkK154fmhI8GrHNZ32ghW5w9tg0E8ilcoHCKYNtFHVplNx6 qrCYGazdS5goWU0uPdSJl6BTDxph726iLX2utVjj+moRcGYm33S+mexPCbnNx9AE 6Mdw19gj64dX++0Gy12b8cGtNwrmoHZSLvHVK+TfiJaSmCm5u4iApS6WJT9IfGlk tG5vOGTL5Y5Wt3/q9hTYWpXQX1LGvKbY2n7gjNYg4wt2+x7ceFw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:01 2026 by rpki-client