$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145875.roa File: AS145875.roa (raw, json) Hash identifier: BEbLkkduRzhaqsDGvYNsuezebKC6gY/l4AG/O6OeZxo= Subject key identifier: D7:51:11:C0:E2:85:B9:EF:2D:3D:2E:97:69:28:B0:CF:DD:58:BC:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2E0CE37F8B1C1F2B1FDC59036998270A6FA3DFE3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145875.roa Signing time: Wed 04 Mar 2026 06:30:03 +0000 ROA not before: Wed 04 Mar 2026 06:25:03 +0000 ROA not after: Wed 03 Mar 2027 06:30:03 +0000 asID: 145875 IP address blocks: 240a:ac99::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:0c:e3:7f:8b:1c:1f:2b:1f:dc:59:03:69:98:27:0a:6f:a3:df:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:03 2026 GMT Not After : Mar 3 06:30:03 2027 GMT Subject: CN=D75111C0E285B9EF2D3D2E976928B0CFDD58BC34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:27:ef:d1:25:20:07:bd:e4:cb:88:07:d2:77: 66:05:af:29:3b:74:ea:24:5c:ad:b1:89:f2:52:7a: f9:cf:f1:49:0a:e9:ed:46:ec:d9:6e:f8:3c:67:3b: eb:e1:e0:ff:b4:f9:c6:2d:53:0e:b4:16:68:40:2b: 4f:f0:2a:13:47:17:c6:f0:d3:0f:cd:9f:f7:9c:11: e5:82:89:02:4e:33:81:31:22:65:69:39:88:8c:2f: f8:87:c7:67:04:4b:57:39:b8:e8:e4:09:34:aa:fd: f5:89:06:05:d1:85:72:19:a5:5a:50:f3:6c:17:a6: 97:74:4b:61:84:84:95:0d:9a:84:97:37:7e:56:2f: b6:db:e9:f4:92:f0:21:6c:20:23:c6:94:63:ca:35: ee:7f:35:40:a9:95:34:ef:49:ea:16:32:08:df:fd: f4:27:2b:eb:37:41:2c:ac:d2:e2:21:e2:e7:d0:eb: c4:c9:c2:ce:05:4d:4a:2e:4c:93:ab:0e:1a:74:d4: 9a:4c:f6:a0:54:28:f0:ea:6d:76:c6:e1:95:e9:de: 3a:fc:10:a7:16:c2:90:6d:71:e9:bc:ef:61:56:ec: a1:0f:85:68:fb:7c:33:f0:f1:4b:83:8a:40:12:8c: 46:d6:ea:32:ca:fb:a1:48:18:34:7d:24:83:ba:d2: 76:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:51:11:C0:E2:85:B9:EF:2D:3D:2E:97:69:28:B0:CF:DD:58:BC:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145875.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac99::/32 Signature Algorithm: sha256WithRSAEncryption 02:9a:ca:24:19:c8:b9:94:9b:37:aa:45:00:f1:b1:fc:2b:2b: 37:81:b3:a9:c5:2d:73:41:0b:2a:0d:62:94:01:58:b9:e8:2d: 51:47:0b:98:c3:08:92:7c:f3:82:3f:51:24:57:02:03:69:31: 3d:19:18:de:0f:04:fa:f7:05:03:e7:34:91:7d:ad:a5:54:4f: 74:56:b8:43:21:8c:1d:f6:2c:63:a5:19:e4:3b:ca:0c:b3:78: a4:17:95:7e:34:a9:3f:2a:97:ac:c0:1a:1d:7b:0b:ab:d2:c8: ac:b8:2f:41:c9:12:38:da:38:8d:59:67:85:7c:01:b9:e3:eb: ec:de:62:c9:83:57:d3:7e:2c:c4:ee:75:13:05:d8:c0:0a:ee: e7:6e:fc:70:26:be:8a:d8:ba:59:dc:60:b7:f1:a2:7d:b9:6d: 19:15:3a:9f:d0:3d:3f:f7:b2:35:0f:a6:8a:a5:74:0b:68:0c: e1:f0:a1:f3:6e:54:c8:c9:11:66:27:eb:b2:6e:21:83:d6:60: be:17:a3:95:df:01:29:78:74:ac:eb:3c:5d:f8:f5:c4:17:38: b0:95:95:8a:87:16:fd:56:f1:e3:83:41:41:ae:e2:72:d4:54: 11:ed:c3:2e:28:a7:13:56:f7:e1:87:be:34:d1:bd:48:51:62: 1d:d9:eb:c8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULgzjf4scHysf3FkDaZgnCm+j3+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwM1oX DTI3MDMwMzA2MzAwM1owMzExMC8GA1UEAxMoRDc1MTExQzBFMjg1QjlFRjJEM0Qy RTk3NjkyOEIwQ0ZERDU4QkMzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJkn79ElIAe95MuIB9J3ZgWvKTt06iRcrbGJ8lJ6+c/xSQrp7Ubs2W74PGc7 6+Hg/7T5xi1TDrQWaEArT/AqE0cXxvDTD82f95wR5YKJAk4zgTEiZWk5iIwv+IfH ZwRLVzm46OQJNKr99YkGBdGFchmlWlDzbBeml3RLYYSElQ2ahJc3flYvttvp9JLw IWwgI8aUY8o17n81QKmVNO9J6hYyCN/99Ccr6zdBLKzS4iHi59DrxMnCzgVNSi5M k6sOGnTUmkz2oFQo8OptdsbhleneOvwQpxbCkG1x6bzvYVbsoQ+FaPt8M/DxS4OK QBKMRtbqMsr7oUgYNH0kg7rSdrUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTXURHA 4oW57y09LpdpKLDP3Vi8NDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJkwDQYJKoZIhvcNAQELBQADggEBAAKayiQZyLmUmzeqRQDxsfwrKzeBs6nFLXNB CyoNYpQBWLnoLVFHC5jDCJJ884I/USRXAgNpMT0ZGN4PBPr3BQPnNJF9raVUT3RW uEMhjB32LGOlGeQ7ygyzeKQXlX40qT8ql6zAGh17C6vSyKy4L0HJEjjaOI1ZZ4V8 Abnj6+zeYsmDV9N+LMTudRMF2MAK7udu/HAmvorYulncYLfxon25bRkVOp/QPT/3 sjUPpoqldAtoDOHwofNuVMjJEWYn67JuIYPWYL4Xo5XfASl4dKzrPF349cQXOLCV lYqHFv1W8eODQUGu4nLUVBHtwy4opxNW9+GHvjTRvUhRYh3Z68g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:50 2026 by rpki-client