$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145865.roa File: AS145865.roa (raw, json) Hash identifier: 2fU72AIzJKmgPNc3xhcdBQEwN5wdKzeN2sbD/dbuvfk= Subject key identifier: 97:D7:BF:84:F3:88:59:BF:75:03:66:D4:19:E0:2D:1C:C8:F9:8F:40 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 322B23FD4522ABAF35315A327EEA3F229F40ED78 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145865.roa Signing time: Wed 04 Mar 2026 06:30:10 +0000 ROA not before: Wed 04 Mar 2026 06:25:10 +0000 ROA not after: Wed 03 Mar 2027 06:30:10 +0000 asID: 145865 IP address blocks: 240a:ac8f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:2b:23:fd:45:22:ab:af:35:31:5a:32:7e:ea:3f:22:9f:40:ed:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:10 2026 GMT Not After : Mar 3 06:30:10 2027 GMT Subject: CN=97D7BF84F38859BF750366D419E02D1CC8F98F40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:94:c8:16:da:ae:c3:48:17:82:aa:45:bc:6e: 02:bf:02:30:38:70:31:f8:18:ca:4f:20:22:7e:bc: d1:34:5d:9e:ca:aa:41:a7:10:bc:a1:f6:85:c3:f0: 7c:4a:c8:77:e7:aa:1e:66:52:81:b9:e1:58:e0:12: 6e:0b:b4:17:62:0c:2b:d2:f3:6e:22:d5:fd:00:99: e6:4d:7d:61:da:e1:2e:40:18:a3:8c:09:61:92:ee: 49:c5:4b:29:a6:26:99:6b:ec:fe:6e:7c:a6:8f:5e: 88:66:12:7b:f3:ec:e6:6c:32:87:e2:75:cf:27:f0: be:be:bd:a7:7d:8c:13:97:47:7f:02:b7:84:68:b2: 93:57:6d:67:60:a2:2b:d2:5c:28:e5:2d:d4:60:e5: e1:ff:df:16:d9:23:12:cc:a0:26:bb:37:23:62:47: df:22:20:d2:16:02:f4:c4:41:52:f3:ca:ea:e4:ae: 5a:6d:c8:74:16:49:66:23:1a:85:dc:e4:93:a2:83: 55:95:f2:54:5b:95:2d:9c:99:97:0b:8b:cd:8b:98: 2f:21:cd:46:99:59:5a:7c:9c:c6:e4:ad:d6:4f:86: a1:20:91:1b:5e:72:83:96:c2:fd:56:cc:6a:27:84: 31:73:4f:fc:04:be:bc:fa:0f:85:d6:7b:3e:50:78: 52:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:D7:BF:84:F3:88:59:BF:75:03:66:D4:19:E0:2D:1C:C8:F9:8F:40 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145865.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac8f::/32 Signature Algorithm: sha256WithRSAEncryption 66:86:84:b3:59:ad:6b:8b:9a:1f:a0:9e:b7:e5:23:5d:18:a3: 79:5b:27:3b:e4:3c:3c:6a:fb:7e:90:b5:79:0e:b7:fe:30:86: c9:54:b6:e5:5b:29:cc:25:5b:d2:f4:30:56:a3:83:78:97:ac: 5c:0e:5f:1b:ba:15:7b:af:15:89:71:9d:69:63:f0:84:c2:3d: f6:8a:94:91:70:d7:65:dd:34:e2:18:78:04:ef:e1:fe:28:b5: 8c:10:fc:d0:4d:df:f3:b1:af:9b:1a:e1:ed:ba:24:91:20:97: 79:b9:d7:19:4c:9e:98:2a:3c:96:29:f1:18:37:94:26:c1:67: bb:10:11:12:31:4f:89:ee:b9:0f:07:56:41:a0:f7:fe:d4:db: 39:6b:88:c6:ab:a3:b0:98:ce:9e:cb:78:aa:85:9e:d0:20:c1: 0b:dc:8f:ca:20:fd:fc:0d:ce:c1:a5:48:1e:d7:54:a6:9c:8f: c7:0b:3c:de:37:67:74:1f:ac:23:be:8a:10:50:57:c8:90:6e: 1e:16:13:7f:20:bd:74:87:5f:6f:b0:cf:9a:e4:a9:75:30:cb: ea:aa:9b:a8:b2:a6:7b:c9:e1:71:e6:b7:29:72:d3:2c:bd:b7: cd:26:86:db:06:08:88:5d:a5:ba:09:35:a9:b5:c1:a8:60:ba: 55:6b:ce:a8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMisj/UUiq681MVoyfuo/Ip9A7XgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxMFoX DTI3MDMwMzA2MzAxMFowMzExMC8GA1UEAxMoOTdEN0JGODRGMzg4NTlCRjc1MDM2 NkQ0MTlFMDJEMUNDOEY5OEY0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKiUyBbarsNIF4KqRbxuAr8CMDhwMfgYyk8gIn680TRdnsqqQacQvKH2hcPw fErId+eqHmZSgbnhWOASbgu0F2IMK9LzbiLV/QCZ5k19YdrhLkAYo4wJYZLuScVL KaYmmWvs/m58po9eiGYSe/Ps5mwyh+J1zyfwvr69p32ME5dHfwK3hGiyk1dtZ2Ci K9JcKOUt1GDl4f/fFtkjEsygJrs3I2JH3yIg0hYC9MRBUvPK6uSuWm3IdBZJZiMa hdzkk6KDVZXyVFuVLZyZlwuLzYuYLyHNRplZWnycxuSt1k+GoSCRG15yg5bC/VbM aieEMXNP/AS+vPoPhdZ7PlB4UmsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSX17+E 84hZv3UDZtQZ4C0cyPmPQDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg2NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rI8wDQYJKoZIhvcNAQELBQADggEBAGaGhLNZrWuLmh+gnrflI10Yo3lbJzvkPDxq +36QtXkOt/4whslUtuVbKcwlW9L0MFajg3iXrFwOXxu6FXuvFYlxnWlj8ITCPfaK lJFw12XdNOIYeATv4f4otYwQ/NBN3/Oxr5sa4e26JJEgl3m51xlMnpgqPJYp8Rg3 lCbBZ7sQERIxT4nuuQ8HVkGg9/7U2zlriMaro7CYzp7LeKqFntAgwQvcj8og/fwN zsGlSB7XVKacj8cLPN43Z3QfrCO+ihBQV8iQbh4WE38gvXSHX2+wz5rkqXUwy+qq m6iypnvJ4XHmtyly0yy9t80mhtsGCIhdpboJNam1wahgulVrzqg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:22 2026 by rpki-client