$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145878.roa File: AS145878.roa (raw, json) Hash identifier: TBlplBE5250j672F4mwcYUarRBcjmt0J/pIV4NPVyYA= Subject key identifier: 43:B1:B1:ED:67:A5:63:7E:42:6A:39:E6:07:55:EC:CB:A9:F5:3E:7D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3763580E58E83563A6167692481B16EA12CA95BA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145878.roa Signing time: Wed 04 Mar 2026 06:29:52 +0000 ROA not before: Wed 04 Mar 2026 06:24:52 +0000 ROA not after: Wed 03 Mar 2027 06:29:52 +0000 asID: 145878 IP address blocks: 240a:ac9c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:63:58:0e:58:e8:35:63:a6:16:76:92:48:1b:16:ea:12:ca:95:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:52 2026 GMT Not After : Mar 3 06:29:52 2027 GMT Subject: CN=43B1B1ED67A5637E426A39E60755ECCBA9F53E7D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4a:9c:b0:62:83:54:31:8f:f3:ba:b1:b1:b2: b7:41:8e:3b:20:da:fc:78:f4:cd:15:77:70:ba:39: 49:49:45:25:0e:a0:6c:a7:0f:de:8a:75:3b:50:62: 86:08:35:91:36:55:b6:38:c7:2b:b5:c9:1a:52:11: 14:e5:45:f4:b1:03:12:c6:23:dd:ac:08:ae:66:64: dd:c2:66:82:08:44:2e:78:7c:82:70:6e:54:52:79: b9:0f:3b:f2:9f:15:2b:af:88:5e:3b:c8:67:4d:cb: 47:29:b1:39:be:da:3b:ff:78:d5:ff:cc:cd:1b:3d: d1:1f:76:f0:e8:3b:70:6d:7e:5a:00:b3:b2:b1:eb: 4a:b8:22:e0:37:80:60:fb:3e:f9:56:96:a0:91:a3: b4:67:d3:7e:7c:02:1c:1b:9d:38:f3:22:5f:d0:26: 4f:17:67:79:87:c7:48:a2:b7:cf:5a:9a:7c:23:8b: d9:ff:a4:eb:e4:35:ed:c4:c0:3f:3b:26:df:8f:9f: c8:08:5d:30:3d:42:06:b5:65:a9:f8:0d:b7:93:31: 70:27:32:a4:01:18:bc:d8:95:43:73:cf:91:0d:0f: cf:90:ef:77:23:73:49:36:38:d5:6c:83:0a:74:ea: d3:ca:64:7c:20:2f:74:b6:37:f5:f9:c1:03:aa:45: b1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:B1:B1:ED:67:A5:63:7E:42:6A:39:E6:07:55:EC:CB:A9:F5:3E:7D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145878.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac9c::/32 Signature Algorithm: sha256WithRSAEncryption b7:f4:d0:4a:7e:0f:7f:1a:fa:87:cb:38:2b:43:f2:64:b9:e1: 19:d2:06:e8:86:ba:73:72:20:14:ec:fa:1a:1d:2c:df:46:ac: 8f:bf:a0:03:cd:86:0b:aa:1f:2e:48:e5:6e:48:99:91:54:eb: 64:ef:39:8f:3f:30:15:49:35:86:ec:9e:b7:c3:db:0f:ad:20: 4a:e9:36:73:e4:80:f2:ad:a1:bd:5c:26:df:2a:a1:26:83:87: 3c:27:29:05:f0:d2:65:a4:f2:39:46:09:f8:9e:29:90:3c:69: a1:db:08:90:72:cd:3d:f5:88:ee:57:56:86:e1:d4:13:ed:47: 10:ea:f9:3c:42:74:5e:5d:48:fd:e5:c0:53:e4:6c:ae:75:ab: d2:8a:cb:76:5b:73:25:7a:98:8c:92:8e:b1:50:7c:6f:2c:97: 64:92:a1:2d:5b:e0:bf:db:7c:a6:89:84:06:a7:f0:4c:2c:4e: a6:ac:d0:dd:b6:82:3d:b1:1a:b1:b2:aa:c2:37:05:77:59:31: e3:67:70:f2:ef:c0:63:62:3d:25:cb:1c:11:43:4f:ce:39:99: 9f:b2:c2:96:89:df:48:ad:8b:c3:fd:2f:3e:50:78:7f:49:c9: ee:c1:b6:8f:2d:54:4e:3b:32:c0:35:2a:c8:82:71:73:5b:bc: cf:05:a0:2f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUN2NYDljoNWOmFnaSSBsW6hLKlbowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1MloX DTI3MDMwMzA2Mjk1MlowMzExMC8GA1UEAxMoNDNCMUIxRUQ2N0E1NjM3RTQyNkEz OUU2MDc1NUVDQ0JBOUY1M0U3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlKnLBig1Qxj/O6sbGyt0GOOyDa/Hj0zRV3cLo5SUlFJQ6gbKcP3op1O1Bi hgg1kTZVtjjHK7XJGlIRFOVF9LEDEsYj3awIrmZk3cJmgghELnh8gnBuVFJ5uQ87 8p8VK6+IXjvIZ03LRymxOb7aO/941f/MzRs90R928Og7cG1+WgCzsrHrSrgi4DeA YPs++VaWoJGjtGfTfnwCHBudOPMiX9AmTxdneYfHSKK3z1qafCOL2f+k6+Q17cTA Pzsm34+fyAhdMD1CBrVlqfgNt5MxcCcypAEYvNiVQ3PPkQ0Pz5DvdyNzSTY41WyD CnTq08pkfCAvdLY39fnBA6pFsfUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRDsbHt Z6VjfkJqOeYHVezLqfU+fTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rJwwDQYJKoZIhvcNAQELBQADggEBALf00Ep+D38a+ofLOCtD8mS54RnSBuiGunNy IBTs+hodLN9GrI+/oAPNhguqHy5I5W5ImZFU62TvOY8/MBVJNYbsnrfD2w+tIErp NnPkgPKtob1cJt8qoSaDhzwnKQXw0mWk8jlGCfieKZA8aaHbCJByzT31iO5XVobh 1BPtRxDq+TxCdF5dSP3lwFPkbK51q9KKy3ZbcyV6mIySjrFQfG8sl2SSoS1b4L/b fKaJhAan8EwsTqas0N22gj2xGrGyqsI3BXdZMeNncPLvwGNiPSXLHBFDT845mZ+y wpaJ30iti8P9Lz5QeH9Jye7Bto8tVE47MsA1KsiCcXNbvM8FoC8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:44 2026 by rpki-client