$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145867.roa File: AS145867.roa (raw, json) Hash identifier: vA0QDdMO9nQTvjMVou0XjNee17auQ1+5KaHp1iwDbRo= Subject key identifier: EC:B9:F6:20:4C:18:99:AB:12:46:68:9F:E5:69:00:05:C0:FC:3F:25 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3F5EA19340E4E48391BE3C3BA33978F9D237D831 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145867.roa Signing time: Wed 04 Mar 2026 06:30:07 +0000 ROA not before: Wed 04 Mar 2026 06:25:07 +0000 ROA not after: Wed 03 Mar 2027 06:30:07 +0000 asID: 145867 IP address blocks: 240a:ac91::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:5e:a1:93:40:e4:e4:83:91:be:3c:3b:a3:39:78:f9:d2:37:d8:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:07 2026 GMT Not After : Mar 3 06:30:07 2027 GMT Subject: CN=ECB9F6204C1899AB1246689FE5690005C0FC3F25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:38:db:ec:88:04:8a:92:dd:9c:88:42:c5:13: 93:21:ef:42:39:36:cd:00:ae:3d:d9:2d:5d:a7:0c: 66:d0:0e:08:c8:6f:a7:d6:c5:56:b2:ca:60:ca:60: 04:5f:3a:67:7b:7e:f5:11:8a:8b:7f:c0:ac:f4:c1: 0c:23:d0:12:91:91:b4:f6:f5:39:d1:37:63:0a:d8: c9:5b:8c:6f:24:ae:ab:5a:a5:0a:82:b0:8a:a5:8b: d2:d7:ad:47:32:a2:03:5c:41:1f:3e:6a:25:d2:4e: 1b:98:c9:24:88:1f:ea:6c:69:a6:1a:05:50:ee:a2: b3:62:8f:f2:3c:2b:ae:d0:21:95:9a:b4:2a:5b:bf: cf:66:f3:8c:8e:3f:6e:44:d5:8e:f7:e0:ea:e8:02: 34:22:1d:c1:7b:21:a6:59:78:a1:4a:d9:65:8c:85: 5e:2f:c3:76:7e:7c:3e:d8:64:24:5d:f7:d2:93:97: e9:6b:78:96:b0:f2:fc:17:23:b2:84:1f:ed:d3:ae: 64:bf:44:63:24:45:98:ab:ee:86:e8:60:ae:cf:0f: 6d:86:85:da:ce:07:eb:3b:b3:32:87:f0:a6:f6:a2: 7e:07:da:b3:49:a2:a6:da:a6:50:65:60:96:7c:26: 8f:1e:70:19:35:97:98:c2:ee:ea:7c:00:41:76:cb: cf:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:B9:F6:20:4C:18:99:AB:12:46:68:9F:E5:69:00:05:C0:FC:3F:25 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145867.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac91::/32 Signature Algorithm: sha256WithRSAEncryption ad:bd:af:6f:29:08:c6:a0:39:51:42:e1:04:e6:b7:f9:02:5a: d0:1c:6a:1c:8c:95:d3:be:57:f7:1b:43:94:aa:a7:a7:fb:b5: ed:29:58:30:28:4a:0e:e1:32:56:e9:c4:bc:74:52:07:2d:42: 41:90:5a:d0:5b:80:e4:84:4a:6e:c2:c8:9e:bf:a9:d1:91:4b: 1a:7c:aa:75:a8:f5:f9:dd:59:b0:1b:1d:20:7d:6e:22:65:e2: 8c:b0:9e:be:aa:66:d3:d1:c5:59:ea:6b:14:20:86:bd:72:1e: 8f:83:2d:ec:61:59:22:43:a5:9e:35:15:19:77:f5:11:70:80: d4:63:99:5e:4b:1b:9c:71:85:e5:af:73:41:cc:e7:32:5e:cc: bf:52:72:c3:80:be:c9:dc:d0:5b:38:ef:81:bd:95:ab:75:49: 58:db:99:11:de:6c:00:e8:8f:39:52:51:2b:cf:6d:81:07:3a: 1c:20:55:57:1c:3d:0a:b1:c6:6a:ef:9f:a6:81:5c:23:cb:41: 8e:78:3b:5e:56:21:46:b6:0c:54:63:8c:1d:70:ca:3d:40:22: e3:b4:47:71:12:a1:f2:92:d9:c6:68:ba:3e:a8:e6:df:dd:9b: 3f:78:4e:2d:a5:3d:56:96:3a:8d:ad:e7:94:53:24:3a:a6:79: bd:66:73:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP16hk0Dk5IORvjw7ozl4+dI32DEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwN1oX DTI3MDMwMzA2MzAwN1owMzExMC8GA1UEAxMoRUNCOUY2MjA0QzE4OTlBQjEyNDY2 ODlGRTU2OTAwMDVDMEZDM0YyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQ42+yIBIqS3ZyIQsUTkyHvQjk2zQCuPdktXacMZtAOCMhvp9bFVrLKYMpg BF86Z3t+9RGKi3/ArPTBDCPQEpGRtPb1OdE3YwrYyVuMbySuq1qlCoKwiqWL0tet RzKiA1xBHz5qJdJOG5jJJIgf6mxpphoFUO6is2KP8jwrrtAhlZq0Klu/z2bzjI4/ bkTVjvfg6ugCNCIdwXshpll4oUrZZYyFXi/Ddn58PthkJF330pOX6Wt4lrDy/Bcj soQf7dOuZL9EYyRFmKvuhuhgrs8PbYaF2s4H6zuzMofwpvaifgfas0miptqmUGVg lnwmjx5wGTWXmMLu6nwAQXbLz0kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTsufYg TBiZqxJGaJ/laQAFwPw/JTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJEwDQYJKoZIhvcNAQELBQADggEBAK29r28pCMagOVFC4QTmt/kCWtAcahyMldO+ V/cbQ5Sqp6f7te0pWDAoSg7hMlbpxLx0UgctQkGQWtBbgOSESm7CyJ6/qdGRSxp8 qnWo9fndWbAbHSB9biJl4oywnr6qZtPRxVnqaxQghr1yHo+DLexhWSJDpZ41FRl3 9RFwgNRjmV5LG5xxheWvc0HM5zJezL9ScsOAvsnc0Fs474G9lat1SVjbmRHebADo jzlSUSvPbYEHOhwgVVccPQqxxmrvn6aBXCPLQY54O15WIUa2DFRjjB1wyj1AIuO0 R3ESofKS2cZouj6o5t/dmz94Ti2lPVaWOo2t55RTJDqmeb1mc3I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:52 2026 by rpki-client