$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145868.roa File: AS145868.roa (raw, json) Hash identifier: Ppr+gYgQvA+MHZ8Yqq2s7+7Qi4Yeewp008c3m0j62ug= Subject key identifier: E3:74:1D:FF:03:F4:FB:45:3E:0F:18:43:16:D9:36:68:99:21:FD:90 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 101AEBD44E948D03C51184335D468526A475DCDA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145868.roa Signing time: Wed 04 Mar 2026 06:30:24 +0000 ROA not before: Wed 04 Mar 2026 06:25:24 +0000 ROA not after: Wed 03 Mar 2027 06:30:24 +0000 asID: 145868 IP address blocks: 240a:ac92::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:1a:eb:d4:4e:94:8d:03:c5:11:84:33:5d:46:85:26:a4:75:dc:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:24 2026 GMT Not After : Mar 3 06:30:24 2027 GMT Subject: CN=E3741DFF03F4FB453E0F184316D936689921FD90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:a9:c7:85:c2:59:14:2e:35:2c:c9:b2:33:b6: 5f:cf:8a:79:4e:78:61:a2:d8:8e:a3:59:90:5d:b3: 08:b2:63:ed:e3:3c:12:73:3b:ee:75:a5:a8:62:3f: ac:58:c1:7a:b1:5f:e9:a7:ac:6f:d7:39:6e:3f:ce: f4:f0:26:33:ea:f4:d3:af:52:79:05:9e:ee:e6:6e: 49:fe:b6:93:07:2b:e3:1d:64:4d:56:a5:52:5c:6c: f5:84:01:7f:2f:52:eb:e9:35:d3:18:c5:d6:f1:76: 67:4f:ed:75:4d:2a:83:4d:b8:4b:ab:79:fc:9c:ec: ec:fd:18:a4:f6:e7:12:11:8c:c8:c3:52:d6:ba:b8: 75:d8:59:7e:b7:d7:c0:9b:42:c2:90:77:5f:ac:13: 4a:66:6f:b7:bd:fa:1f:dc:63:3b:74:fd:f3:38:9d: fc:6b:c4:22:dc:89:65:88:50:e7:53:76:87:f0:e5: 02:57:50:9d:17:b7:ad:cb:d7:12:9b:ed:66:b5:d0: c6:ca:a5:72:fb:28:54:69:d9:10:87:1d:8d:09:89: b6:72:03:c7:45:43:c4:03:4e:d9:8c:a2:a1:3e:b5: 7e:39:67:8e:a7:46:1d:f2:d3:d9:20:58:37:6f:6b: 01:f4:ba:fd:4e:cf:56:fe:a3:90:11:86:e1:5b:b1: 8d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:74:1D:FF:03:F4:FB:45:3E:0F:18:43:16:D9:36:68:99:21:FD:90 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145868.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac92::/32 Signature Algorithm: sha256WithRSAEncryption 2f:f2:3e:ac:6a:c5:11:85:55:42:fa:4f:04:39:f0:54:13:7d: 27:d1:54:ca:13:86:f0:64:78:ce:ea:d7:ef:fd:92:d4:3c:32: 41:46:49:f8:8f:6d:c4:2f:5b:48:28:55:a4:b7:89:3f:3c:a1: 2c:bb:fa:22:d0:60:47:57:68:b2:23:15:c9:bd:68:9c:62:4d: 8c:3e:74:a4:d6:01:ee:fa:40:cd:95:30:ad:30:8c:57:71:2e: 81:bb:38:4f:c7:7b:c3:84:0a:b4:a5:e4:9d:0f:7a:14:82:2a: 59:e6:4b:d1:29:4e:77:16:c6:52:aa:23:a7:0b:7c:0f:bc:1b: 3e:1f:b1:40:da:5f:e6:41:ca:e8:35:df:1c:9f:5d:ff:ab:13: 18:b2:43:37:e1:ad:59:26:d8:74:a1:3b:53:15:f9:4e:62:f0: 95:14:07:e6:e5:dd:e5:e8:83:ab:33:84:91:48:f3:09:15:73: 9b:a6:3b:53:1c:cd:91:64:f9:42:19:6e:e6:bb:94:5e:6e:b8: eb:11:99:22:e3:18:8d:91:c6:88:88:a4:e3:e4:91:f2:db:f2: d1:5b:44:07:5d:98:e1:ea:2c:2e:18:b3:1a:9f:a1:36:0d:a9: de:1f:d1:24:ee:52:08:32:8a:06:2b:9b:97:c6:84:1d:e9:aa: 1e:5e:14:82 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEBrr1E6UjQPFEYQzXUaFJqR13NowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyNFoX DTI3MDMwMzA2MzAyNFowMzExMC8GA1UEAxMoRTM3NDFERkYwM0Y0RkI0NTNFMEYx ODQzMTZEOTM2Njg5OTIxRkQ5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI+px4XCWRQuNSzJsjO2X8+KeU54YaLYjqNZkF2zCLJj7eM8EnM77nWlqGI/ rFjBerFf6aesb9c5bj/O9PAmM+r0069SeQWe7uZuSf62kwcr4x1kTValUlxs9YQB fy9S6+k10xjF1vF2Z0/tdU0qg024S6t5/Jzs7P0YpPbnEhGMyMNS1rq4ddhZfrfX wJtCwpB3X6wTSmZvt736H9xjO3T98zid/GvEItyJZYhQ51N2h/DlAldQnRe3rcvX EpvtZrXQxsqlcvsoVGnZEIcdjQmJtnIDx0VDxANO2YyioT61fjlnjqdGHfLT2SBY N29rAfS6/U7PVv6jkBGG4VuxjSMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTjdB3/ A/T7RT4PGEMW2TZomSH9kDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJIwDQYJKoZIhvcNAQELBQADggEBAC/yPqxqxRGFVUL6TwQ58FQTfSfRVMoThvBk eM7q1+/9ktQ8MkFGSfiPbcQvW0goVaS3iT88oSy7+iLQYEdXaLIjFcm9aJxiTYw+ dKTWAe76QM2VMK0wjFdxLoG7OE/He8OECrSl5J0PehSCKlnmS9EpTncWxlKqI6cL fA+8Gz4fsUDaX+ZByug13xyfXf+rExiyQzfhrVkm2HShO1MV+U5i8JUUB+bl3eXo g6szhJFI8wkVc5umO1MczZFk+UIZbua7lF5uuOsRmSLjGI2RxoiIpOPkkfLb8tFb RAddmOHqLC4YsxqfoTYNqd4f0STuUggyigYrm5fGhB3pqh5eFII= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:37 2026 by rpki-client