$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145849.roa File: AS145849.roa (raw, json) Hash identifier: ifGYHzs+ZoolkvPGwvABHxndFoXt5NWX/9L/0kXMWvo= Subject key identifier: BE:49:DD:2F:8C:A4:1C:35:D1:11:C9:E4:4A:ED:CB:7A:52:A4:B6:FA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 70BFFA11E2CBB2E69881C3CC97876DB16C9CEF08 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145849.roa Signing time: Wed 04 Mar 2026 06:29:43 +0000 ROA not before: Wed 04 Mar 2026 06:24:43 +0000 ROA not after: Wed 03 Mar 2027 06:29:43 +0000 asID: 145849 IP address blocks: 240a:ac7f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:bf:fa:11:e2:cb:b2:e6:98:81:c3:cc:97:87:6d:b1:6c:9c:ef:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:43 2026 GMT Not After : Mar 3 06:29:43 2027 GMT Subject: CN=BE49DD2F8CA41C35D111C9E44AEDCB7A52A4B6FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ef:40:d3:13:b9:b2:15:58:07:43:af:70:22: 6b:f7:4e:3f:a3:f7:e0:e3:d3:2e:fb:c3:ab:b0:9f: d4:4d:cd:90:a7:6c:1c:74:cf:40:93:cd:bf:e2:f5: b0:4c:a1:b5:14:b0:b0:11:c4:1b:0f:12:70:f7:5a: 54:a6:7b:61:6d:01:06:59:61:c8:7b:5a:9d:bb:fe: 6a:96:22:4a:ee:7a:27:34:f9:79:70:6b:cb:c5:b5: 8f:60:0f:67:35:24:51:b6:37:5c:5b:5c:92:56:5b: ce:1f:b6:55:43:3a:54:1f:38:3d:64:ec:0a:46:fd: 80:04:eb:f6:21:a5:29:8b:d1:a0:f9:c9:91:4f:0c: 72:9a:da:77:64:12:f0:e7:4a:5c:4a:70:36:28:6c: f5:b7:23:e1:aa:5e:e9:3e:d7:b1:d5:d3:44:be:af: 41:30:49:b5:2d:b7:4c:86:61:82:10:e7:17:69:1a: e7:0b:1e:27:89:f3:19:1a:35:94:76:a7:06:1f:d5: fb:91:fd:59:d2:dd:16:c7:3b:6f:a7:01:d0:32:8e: bc:a5:91:eb:19:09:22:ce:bf:c7:35:b6:14:84:9a: c1:a2:2f:29:d8:ae:de:28:dc:2f:f6:e3:af:1e:0d: 9c:62:d1:dc:ed:f2:e6:ed:8e:4c:40:03:9b:c5:ad: 3f:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:49:DD:2F:8C:A4:1C:35:D1:11:C9:E4:4A:ED:CB:7A:52:A4:B6:FA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145849.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac7f::/32 Signature Algorithm: sha256WithRSAEncryption 72:27:71:42:6b:03:7f:d5:2a:cb:c1:9d:37:ff:ac:5b:af:32: f1:fb:d7:16:17:07:a5:af:82:57:ac:fe:cf:d1:a6:03:0e:22: ff:82:92:ac:40:c6:e9:7a:58:ce:ba:89:1f:04:f4:a1:a3:b2: f3:c8:cb:a3:c5:e3:67:39:53:f0:c2:dd:60:18:7a:ef:94:6d: d6:b7:17:a3:c2:6e:1a:0b:39:18:a2:05:28:d2:3b:d5:45:6d: 66:f1:7e:c1:3f:c9:3e:ff:a5:58:0b:07:15:e6:60:e7:2d:8a: ce:c7:96:29:db:83:66:04:a5:49:01:66:14:33:45:0e:3e:2c: 43:aa:2e:d5:c5:f4:f7:ad:8f:40:48:d4:a4:16:26:b8:af:1c: 7a:dd:89:7c:dc:22:08:35:53:a4:09:79:fc:5c:4d:45:2e:86: 3c:3d:66:77:9c:12:a9:6a:6d:c9:d4:51:ab:47:34:17:53:34: d3:7d:fb:a9:83:5f:4e:c0:f6:be:44:9a:4e:c7:c2:d3:ac:09: 70:26:8c:31:d4:6e:2f:9e:6d:e5:af:83:1b:64:9e:be:17:68: 98:4e:8c:78:ba:6a:c9:ef:6d:cd:0f:98:b7:d2:59:5b:9a:cf: 6f:eb:20:01:59:31:3c:21:40:f5:0e:ff:33:83:d1:36:88:83: 51:ec:4a:cf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcL/6EeLLsuaYgcPMl4dtsWyc7wgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0M1oX DTI3MDMwMzA2Mjk0M1owMzExMC8GA1UEAxMoQkU0OUREMkY4Q0E0MUMzNUQxMTFD OUU0NEFFRENCN0E1MkE0QjZGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDvQNMTubIVWAdDr3Aia/dOP6P34OPTLvvDq7Cf1E3NkKdsHHTPQJPNv+L1 sEyhtRSwsBHEGw8ScPdaVKZ7YW0BBllhyHtanbv+apYiSu56JzT5eXBry8W1j2AP ZzUkUbY3XFtcklZbzh+2VUM6VB84PWTsCkb9gATr9iGlKYvRoPnJkU8Mcprad2QS 8OdKXEpwNihs9bcj4ape6T7XsdXTRL6vQTBJtS23TIZhghDnF2ka5wseJ4nzGRo1 lHanBh/V+5H9WdLdFsc7b6cB0DKOvKWR6xkJIs6/xzW2FISawaIvKdiu3ijcL/bj rx4NnGLR3O3y5u2OTEADm8WtPy0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS+Sd0v jKQcNdERyeRK7ct6UqS2+jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg0OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rH8wDQYJKoZIhvcNAQELBQADggEBAHIncUJrA3/VKsvBnTf/rFuvMvH71xYXB6Wv gles/s/RpgMOIv+CkqxAxul6WM66iR8E9KGjsvPIy6PF42c5U/DC3WAYeu+Ubda3 F6PCbhoLORiiBSjSO9VFbWbxfsE/yT7/pVgLBxXmYOctis7Hlinbg2YEpUkBZhQz RQ4+LEOqLtXF9Petj0BI1KQWJrivHHrdiXzcIgg1U6QJefxcTUUuhjw9ZnecEqlq bcnUUatHNBdTNNN9+6mDX07A9r5Emk7HwtOsCXAmjDHUbi+ebeWvgxtknr4XaJhO jHi6asnvbc0PmLfSWVuaz2/rIAFZMTwhQPUO/zOD0TaIg1HsSs8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:35 2026 by rpki-client