$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145873.roa File: AS145873.roa (raw, json) Hash identifier: Mk33pXRCBG/tJPaLNW3NNzP5IBP3Ukj1K8IA0/tra0k= Subject key identifier: 25:AD:9E:BB:A2:7E:12:93:0B:93:E8:E3:74:36:63:B4:04:85:58:54 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 47F7A3CCA56E6F7D1EC0158A70A28AE2E446A745 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145873.roa Signing time: Wed 04 Mar 2026 06:30:30 +0000 ROA not before: Wed 04 Mar 2026 06:25:30 +0000 ROA not after: Wed 03 Mar 2027 06:30:30 +0000 asID: 145873 IP address blocks: 240a:ac97::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:f7:a3:cc:a5:6e:6f:7d:1e:c0:15:8a:70:a2:8a:e2:e4:46:a7:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:30 2026 GMT Not After : Mar 3 06:30:30 2027 GMT Subject: CN=25AD9EBBA27E12930B93E8E3743663B404855854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4b:99:f3:2d:3b:24:e5:9d:d2:7b:3b:dc:9a: e1:3e:d7:67:32:17:92:52:95:4a:46:48:7b:cc:dc: 5d:90:c3:21:6b:6a:4f:02:2a:e3:f0:f0:eb:ac:65: b3:41:5c:7d:c5:95:f5:ba:45:3d:bf:03:9d:4f:3b: d9:68:e1:b8:6f:2d:87:50:32:dd:ce:d2:aa:26:f5: 2f:bc:74:c9:c6:27:0f:c0:ae:79:a2:42:0c:6e:d5: 91:a8:d1:a6:0b:e8:2c:4c:e1:7d:2d:75:69:48:c6: be:e2:fc:42:bc:26:0c:74:de:20:17:6f:79:fc:98: 5e:60:e6:51:d9:77:bb:2a:6e:42:78:89:95:6c:fa: 91:61:62:d1:87:4c:5b:ed:21:21:f2:2e:13:34:08: 00:d4:06:88:7a:d9:84:8e:52:15:33:d4:83:30:9b: 69:8b:45:ce:ab:ae:ae:dc:be:6c:af:08:11:aa:e7: f4:24:9d:f9:9d:aa:c9:8e:9e:24:d2:46:64:bb:df: 9b:0f:c0:0b:39:ab:a8:83:83:9d:25:7a:01:75:bf: cd:30:9f:c4:24:f4:76:79:95:c6:b5:39:b3:4c:ad: 02:84:0c:11:ef:04:16:06:31:0a:d0:77:a1:56:2e: ea:cc:be:d0:b4:ce:27:79:c8:4d:e8:74:8e:ab:18: 9e:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:AD:9E:BB:A2:7E:12:93:0B:93:E8:E3:74:36:63:B4:04:85:58:54 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145873.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac97::/32 Signature Algorithm: sha256WithRSAEncryption 9b:12:10:f8:87:54:f8:37:29:f1:db:06:20:ba:1e:df:02:f7: 2f:ac:c2:cf:f8:7f:a5:71:34:ee:85:2b:4c:f8:c9:e8:ff:cd: 88:28:6d:38:db:d2:6e:09:91:1b:ca:0b:12:7a:41:19:18:ef: bb:94:05:71:89:83:5d:83:05:d5:6b:01:6f:9e:55:3d:78:b1: 39:df:cd:d4:7b:54:53:42:c2:0e:56:a3:41:a4:c3:20:ff:14: 25:9b:f7:81:f9:a8:7b:af:92:93:49:4c:a2:83:ed:d0:92:90: 90:c5:3c:dc:50:78:36:63:8a:9b:21:7b:69:bc:a8:1c:10:ff: 4b:fb:24:39:b7:27:23:38:0a:44:d6:d8:e8:de:4f:ca:80:cc: 5c:40:65:c9:ff:5c:19:7b:36:cb:5f:16:a1:4e:84:b5:ce:07: 38:d7:62:17:92:75:fd:92:66:9d:35:32:b5:9e:78:1b:f1:4e: 8d:37:62:c6:13:05:6d:55:1e:90:51:17:f8:b1:d5:01:74:31: 4d:01:1e:27:b4:b1:3b:15:a3:8a:ed:35:9b:bf:ba:c2:f9:85: 5d:57:fa:e4:1e:09:c4:7b:e3:b8:2e:d8:0f:ea:ac:4f:b2:62: d5:52:3d:da:77:25:a7:d0:e9:6b:77:83:b5:a2:e7:4d:05:13: a0:8e:c9:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUR/ejzKVub30ewBWKcKKK4uRGp0UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzMFoX DTI3MDMwMzA2MzAzMFowMzExMC8GA1UEAxMoMjVBRDlFQkJBMjdFMTI5MzBCOTNF OEUzNzQzNjYzQjQwNDg1NTg1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9LmfMtOyTlndJ7O9ya4T7XZzIXklKVSkZIe8zcXZDDIWtqTwIq4/Dw66xl s0FcfcWV9bpFPb8DnU872WjhuG8th1Ay3c7Sqib1L7x0ycYnD8CueaJCDG7VkajR pgvoLEzhfS11aUjGvuL8QrwmDHTeIBdvefyYXmDmUdl3uypuQniJlWz6kWFi0YdM W+0hIfIuEzQIANQGiHrZhI5SFTPUgzCbaYtFzquurty+bK8IEarn9CSd+Z2qyY6e JNJGZLvfmw/ACzmrqIODnSV6AXW/zTCfxCT0dnmVxrU5s0ytAoQMEe8EFgYxCtB3 oVYu6sy+0LTOJ3nITeh0jqsYnv8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQlrZ67 on4SkwuT6ON0NmO0BIVYVDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJcwDQYJKoZIhvcNAQELBQADggEBAJsSEPiHVPg3KfHbBiC6Ht8C9y+sws/4f6Vx NO6FK0z4yej/zYgobTjb0m4JkRvKCxJ6QRkY77uUBXGJg12DBdVrAW+eVT14sTnf zdR7VFNCwg5Wo0GkwyD/FCWb94H5qHuvkpNJTKKD7dCSkJDFPNxQeDZjipshe2m8 qBwQ/0v7JDm3JyM4CkTW2OjeT8qAzFxAZcn/XBl7NstfFqFOhLXOBzjXYheSdf2S Zp01MrWeeBvxTo03YsYTBW1VHpBRF/ix1QF0MU0BHie0sTsVo4rtNZu/usL5hV1X +uQeCcR747gu2A/qrE+yYtVSPdp3JafQ6Wt3g7Wi500FE6COyZA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:43 2026 by rpki-client