$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145860.roa File: AS145860.roa (raw, json) Hash identifier: rgGIbKWQze7x51EKQ8Lijm2qtRBc6DgtlPs6LvsRx+M= Subject key identifier: 5F:ED:B3:3D:28:25:18:C9:64:15:8A:C4:87:1F:8F:9B:CF:81:B1:20 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 010418836DF56E9547735D9962A4F6D710AD285E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145860.roa Signing time: Wed 04 Mar 2026 06:31:00 +0000 ROA not before: Wed 04 Mar 2026 06:26:00 +0000 ROA not after: Wed 03 Mar 2027 06:31:00 +0000 asID: 145860 IP address blocks: 240a:ac8a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:04:18:83:6d:f5:6e:95:47:73:5d:99:62:a4:f6:d7:10:ad:28:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:00 2026 GMT Not After : Mar 3 06:31:00 2027 GMT Subject: CN=5FEDB33D282518C964158AC4871F8F9BCF81B120 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:60:0e:ed:a8:b1:ae:06:af:da:9a:9b:63:58: 0f:12:63:d3:25:46:3b:50:6a:dc:ee:62:3e:3f:14: e6:b0:a6:9d:c2:ad:d2:c9:19:10:01:f9:bb:91:52: d7:6c:a0:77:47:eb:82:2a:c9:77:d0:97:e9:c4:8c: 90:24:5a:ba:97:28:02:29:fe:f1:79:8c:63:de:46: e4:f4:9e:20:0d:a1:1e:75:43:70:b5:af:60:db:8f: f7:07:6e:ca:57:bd:f2:68:d8:cf:2a:9c:00:1e:13: 3a:1f:ee:12:2d:f0:3e:8e:70:2e:89:80:cf:54:3a: 10:5c:12:19:89:1c:85:43:bc:30:f6:b6:31:df:4d: fb:92:35:7e:8e:77:dd:3e:a4:b8:3c:58:1e:a1:c5: 3e:4d:bc:f5:a0:d6:ab:67:e5:a2:6e:2a:75:f6:d6: ae:44:50:5d:a2:da:92:27:65:52:21:1f:ab:49:44: 16:23:52:57:6b:90:e8:97:04:e4:60:73:7b:9c:7d: 8f:a0:94:3e:3a:77:62:23:13:8b:0d:b0:2a:a7:80: d8:ee:9b:38:d6:08:0a:76:b1:99:24:b5:fe:ce:3e: 88:62:a1:18:79:be:00:19:7c:43:78:79:40:54:98: a6:de:7b:d0:ba:32:8d:30:bd:f3:39:ca:90:47:f7: 49:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:ED:B3:3D:28:25:18:C9:64:15:8A:C4:87:1F:8F:9B:CF:81:B1:20 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145860.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac8a::/32 Signature Algorithm: sha256WithRSAEncryption 80:2f:b7:96:31:02:8f:25:83:30:d3:37:f3:e1:42:ee:e1:6b: f2:b2:20:19:12:28:d4:b1:2e:b3:03:45:c8:ee:5b:7b:65:4f: 65:ec:3a:09:75:b7:e0:8c:cc:49:db:70:e5:33:13:99:4c:d5: fd:d5:8b:f5:f4:fd:64:3f:d3:a8:31:92:d9:a0:90:a2:a3:a1: ac:6c:c3:53:12:09:7f:27:4d:bd:70:78:9f:25:85:9b:f2:c3: e8:31:9f:45:66:98:12:4f:cd:ef:e5:a1:d0:51:90:b1:4e:33: 3c:ed:48:14:9e:4f:59:13:e5:87:fa:a2:af:13:63:9b:93:fd: 87:62:d5:ac:61:a3:62:44:1f:6e:30:25:10:9a:2c:e8:98:50: 74:02:cf:ae:94:c2:45:07:d8:30:52:99:6d:b7:d5:cd:55:49: a5:ba:88:ef:60:0c:1f:bf:81:5f:5e:6b:49:24:b9:6c:8e:ef: c8:53:af:5b:19:82:f4:19:46:78:ea:b3:df:42:e6:c6:63:a6: ac:f3:89:c2:34:49:8e:a3:ea:9b:da:cc:bc:62:c9:22:6b:0b: 5b:db:4b:84:0b:6c:41:f5:a8:f2:d5:4d:23:dc:5c:de:12:37: c9:14:82:67:69:82:57:ff:5b:76:05:1c:6c:11:d8:88:d9:fb: a6:c1:e1:68 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAQQYg231bpVHc12ZYqT21xCtKF4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwMFoX DTI3MDMwMzA2MzEwMFowMzExMC8GA1UEAxMoNUZFREIzM0QyODI1MThDOTY0MTU4 QUM0ODcxRjhGOUJDRjgxQjEyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpgDu2osa4Gr9qam2NYDxJj0yVGO1Bq3O5iPj8U5rCmncKt0skZEAH5u5FS 12ygd0frgirJd9CX6cSMkCRaupcoAin+8XmMY95G5PSeIA2hHnVDcLWvYNuP9wdu yle98mjYzyqcAB4TOh/uEi3wPo5wLomAz1Q6EFwSGYkchUO8MPa2Md9N+5I1fo53 3T6kuDxYHqHFPk289aDWq2flom4qdfbWrkRQXaLakidlUiEfq0lEFiNSV2uQ6JcE 5GBze5x9j6CUPjp3YiMTiw2wKqeA2O6bONYICnaxmSS1/s4+iGKhGHm+ABl8Q3h5 QFSYpt570LoyjTC98znKkEf3Sc0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRf7bM9 KCUYyWQVisSHH4+bz4GxIDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rIowDQYJKoZIhvcNAQELBQADggEBAIAvt5YxAo8lgzDTN/PhQu7ha/KyIBkSKNSx LrMDRcjuW3tlT2XsOgl1t+CMzEnbcOUzE5lM1f3Vi/X0/WQ/06gxktmgkKKjoaxs w1MSCX8nTb1weJ8lhZvyw+gxn0VmmBJPze/lodBRkLFOMzztSBSeT1kT5Yf6oq8T Y5uT/Ydi1axho2JEH24wJRCaLOiYUHQCz66UwkUH2DBSmW231c1VSaW6iO9gDB+/ gV9ea0kkuWyO78hTr1sZgvQZRnjqs99C5sZjpqzzicI0SY6j6pvazLxiySJrC1vb S4QLbEH1qPLVTSPcXN4SN8kUgmdpglf/W3YFHGwR2IjZ+6bB4Wg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:05 2026 by rpki-client