$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145850.roa File: AS145850.roa (raw, json) Hash identifier: dikASo8j6TVOu4ir93Pe63GxZqltk9H7d+TH2Azzl1w= Subject key identifier: 12:B3:62:9A:D6:A8:B2:B2:C6:0A:7B:C2:E3:05:C8:0F:27:1A:83:3D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 23A91D6D16B83D1B307AA30EBE8425118720E93C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145850.roa Signing time: Wed 04 Mar 2026 06:31:10 +0000 ROA not before: Wed 04 Mar 2026 06:26:10 +0000 ROA not after: Wed 03 Mar 2027 06:31:10 +0000 asID: 145850 IP address blocks: 240a:ac80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:a9:1d:6d:16:b8:3d:1b:30:7a:a3:0e:be:84:25:11:87:20:e9:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:10 2026 GMT Not After : Mar 3 06:31:10 2027 GMT Subject: CN=12B3629AD6A8B2B2C60A7BC2E305C80F271A833D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:78:e7:2f:ab:78:a1:a9:4c:9e:a6:06:df:c2: 04:2b:ab:c3:e9:89:f5:91:88:7c:bb:ba:31:eb:c2: 90:b0:1a:be:0b:84:3e:1d:a1:bc:7a:0b:03:e4:2f: a7:2a:02:8d:92:54:aa:57:f5:9d:6e:56:02:cf:5f: 87:75:92:f5:7f:8e:4a:4e:79:64:5a:87:7b:68:3b: 20:be:42:46:38:c8:13:9e:35:f3:d4:12:dd:89:51: 17:71:46:13:d1:f8:e3:96:b6:e6:89:ee:cb:2a:6f: 16:78:6e:74:38:83:08:09:e3:0e:81:5b:73:75:9f: f4:69:c8:97:99:c3:52:e2:a3:52:31:f6:eb:50:c8: 15:ec:d4:5b:77:12:cb:b4:ec:e2:c9:22:3d:35:55: 3d:7f:43:29:fb:e7:e9:1a:a8:e5:e6:c9:c8:df:3a: c4:89:47:31:be:c1:c8:63:7b:8d:4a:77:04:93:40: 8b:6c:13:59:ba:45:f9:5a:5d:30:21:d9:73:48:e3: af:3f:f0:10:79:36:b5:02:06:77:be:5d:f9:5b:09: 40:01:95:f0:56:a8:e9:84:01:7c:34:14:82:58:bf: 12:65:0b:fa:2b:6a:f3:7b:c9:d6:b8:03:72:1e:0d: 00:58:87:ef:ba:65:cb:01:23:77:a6:94:95:5e:ed: 65:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B3:62:9A:D6:A8:B2:B2:C6:0A:7B:C2:E3:05:C8:0F:27:1A:83:3D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145850.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac80::/32 Signature Algorithm: sha256WithRSAEncryption dc:fb:8d:b3:f6:4e:38:5f:3a:f0:af:84:17:cf:15:48:ca:71: 85:de:9d:63:ee:49:f7:17:4a:ab:42:9b:d2:c2:0c:75:f4:07: e0:09:8c:b7:9b:2a:e7:18:04:d6:a7:d7:62:29:f5:8a:91:78: b7:ae:7b:4f:14:6c:d6:c8:f2:6a:1d:89:2c:6c:fb:66:eb:44: ef:72:17:1f:a4:f7:19:07:d5:62:7d:7a:9a:a0:d0:1c:76:f3: 25:1c:d9:8b:4a:bc:f5:44:f7:db:81:a6:e2:2f:4b:b1:8c:fb: 2d:a2:a7:16:10:a7:9a:47:bd:a2:ea:0c:d5:2f:a6:11:14:1f: 45:2d:ae:6f:a2:61:51:f9:d4:a1:cf:36:6d:f5:68:f8:59:35: 62:c4:48:20:b8:b0:b9:be:1f:38:9b:03:5b:bf:69:5c:d2:3c: 7d:e9:b3:27:3a:33:7d:b2:c4:9e:c1:ec:76:a8:78:e7:6b:8f: 8a:2d:7b:5e:f2:9c:0f:b1:04:a5:df:9e:ad:2c:a6:e6:b6:72: 38:c4:bd:5c:9a:1b:f3:81:d7:32:c7:e4:61:61:a9:f8:65:3b: 4c:24:2d:fa:da:fa:4d:1c:d7:51:39:87:9a:8c:18:a2:fa:78: c9:d6:90:6c:51:53:ba:77:f3:20:17:c9:80:5b:c8:a5:73:98: c7:cc:10:f8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI6kdbRa4PRsweqMOvoQlEYcg6TwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYxMFoX DTI3MDMwMzA2MzExMFowMzExMC8GA1UEAxMoMTJCMzYyOUFENkE4QjJCMkM2MEE3 QkMyRTMwNUM4MEYyNzFBODMzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM545y+reKGpTJ6mBt/CBCurw+mJ9ZGIfLu6MevCkLAavguEPh2hvHoLA+Qv pyoCjZJUqlf1nW5WAs9fh3WS9X+OSk55ZFqHe2g7IL5CRjjIE54189QS3YlRF3FG E9H445a25onuyypvFnhudDiDCAnjDoFbc3Wf9GnIl5nDUuKjUjH261DIFezUW3cS y7Ts4skiPTVVPX9DKfvn6Rqo5ebJyN86xIlHMb7ByGN7jUp3BJNAi2wTWbpF+Vpd MCHZc0jjrz/wEHk2tQIGd75d+VsJQAGV8Fao6YQBfDQUgli/EmUL+itq83vJ1rgD ch4NAFiH77plywEjd6aUlV7tZWcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQSs2Ka 1qiyssYKe8LjBcgPJxqDPTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rIAwDQYJKoZIhvcNAQELBQADggEBANz7jbP2TjhfOvCvhBfPFUjKcYXenWPuSfcX SqtCm9LCDHX0B+AJjLebKucYBNan12Ip9YqReLeue08UbNbI8modiSxs+2brRO9y Fx+k9xkH1WJ9epqg0Bx28yUc2YtKvPVE99uBpuIvS7GM+y2ipxYQp5pHvaLqDNUv phEUH0Utrm+iYVH51KHPNm31aPhZNWLESCC4sLm+HzibA1u/aVzSPH3psyc6M32y xJ7B7HaoeOdrj4ote17ynA+xBKXfnq0spua2cjjEvVyaG/OB1zLH5GFhqfhlO0wk Lfra+k0c11E5h5qMGKL6eMnWkGxRU7p38yAXyYBbyKVzmMfMEPg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:04 2026 by rpki-client