$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145930.roa File: AS145930.roa (raw, json) Hash identifier: kPcZW/5L47xoQi7fe6YwyUW41ocZCtLSHAE0VSf+09A= Subject key identifier: D0:B7:F4:BD:85:7F:7E:3A:77:34:D2:7B:50:B4:04:31:EA:A1:E9:72 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 33D78CC757B381937CE0A521ADC86DFBBB5D004B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145930.roa Signing time: Wed 04 Mar 2026 06:29:52 +0000 ROA not before: Wed 04 Mar 2026 06:24:52 +0000 ROA not after: Wed 03 Mar 2027 06:29:52 +0000 asID: 145930 IP address blocks: 240a:acd0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:d7:8c:c7:57:b3:81:93:7c:e0:a5:21:ad:c8:6d:fb:bb:5d:00:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:52 2026 GMT Not After : Mar 3 06:29:52 2027 GMT Subject: CN=D0B7F4BD857F7E3A7734D27B50B40431EAA1E972 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:c3:70:7e:20:bc:1a:c7:8b:f5:2b:0a:9e:be: 5d:66:aa:15:f6:3e:3b:3f:7a:ea:4c:12:72:ec:95: 1b:c7:72:e7:ec:37:0d:0f:64:05:7d:5a:84:b5:a9: b1:52:83:13:75:e6:d7:9a:ca:4c:4b:6d:41:56:94: af:f9:b5:c8:e3:b8:ea:8e:23:d6:a4:15:1a:85:22: 93:8d:fc:55:74:92:f5:08:48:5a:35:43:81:93:80: 11:d1:f2:61:fe:b0:46:80:97:40:54:aa:9f:8f:c2: 20:74:13:bb:9d:40:d5:84:11:63:3d:c7:64:11:a7: 69:fc:7a:2b:09:49:9b:fe:3b:dc:c1:8f:08:46:8d: 51:f9:fa:ef:6a:1e:b5:0c:a5:16:3d:08:69:e5:27: e7:77:ac:f6:01:5d:f1:19:f6:40:45:e8:29:53:cf: c8:2b:5b:cd:1d:d8:d3:73:52:38:83:9c:c8:c9:4c: 7e:30:50:da:1d:b6:5f:c5:a9:cd:67:cf:66:c0:60: 6c:ce:33:ce:aa:0d:c7:70:b2:b2:7b:f6:fb:31:ae: 1d:3b:ad:54:7e:4d:50:0f:01:e4:15:1b:b6:69:b1: 81:10:77:3a:08:89:dc:6f:1e:6c:0c:41:e6:44:c6: 16:13:26:cc:06:93:15:fa:77:ca:1f:83:eb:18:4f: e2:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:B7:F4:BD:85:7F:7E:3A:77:34:D2:7B:50:B4:04:31:EA:A1:E9:72 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145930.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acd0::/32 Signature Algorithm: sha256WithRSAEncryption 98:93:10:c6:1d:6e:ee:ca:a1:f5:ae:ea:49:c3:32:48:c0:7c: d7:43:69:da:8d:8d:9d:d9:47:ac:51:80:58:f9:c4:f7:f2:79: 77:b2:33:0a:02:c7:5f:08:49:5f:d8:a0:e4:34:28:b5:43:bb: 77:e0:73:2c:57:49:be:d5:66:dc:bc:dd:8b:e6:0a:7b:17:50: fa:a7:20:58:3c:c2:79:10:d9:28:99:74:9c:73:66:ed:78:8c: 51:6e:89:ad:79:49:3f:83:ee:f4:03:e5:98:cb:9f:ab:91:77: 0f:29:59:16:32:03:b5:60:b2:fb:58:7a:53:59:e9:73:49:4c: b0:53:0b:e6:51:69:d2:54:a7:6a:5c:68:b6:3e:aa:d0:43:91: 42:60:66:40:f7:e0:1c:9b:cc:4a:04:b1:22:1b:01:f7:79:40: 66:fc:bc:17:40:9d:20:b6:49:c4:cc:29:e9:ff:28:9b:f3:3e: a8:9b:62:97:21:77:fb:95:74:c3:b0:ca:9b:31:55:55:cd:3e: 56:8b:f1:08:49:d6:b4:e2:34:71:64:e8:29:3f:24:8a:78:43: 88:e2:3a:fb:c7:93:1f:54:c3:10:37:83:51:e2:4c:3e:87:b5: 5d:08:ba:28:e8:85:8e:cb:e1:64:87:69:9f:26:09:61:08:f3: ed:33:66:85 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUM9eMx1ezgZN84KUhrcht+7tdAEswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1MloX DTI3MDMwMzA2Mjk1MlowMzExMC8GA1UEAxMoRDBCN0Y0QkQ4NTdGN0UzQTc3MzRE MjdCNTBCNDA0MzFFQUExRTk3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIfDcH4gvBrHi/UrCp6+XWaqFfY+Oz966kwScuyVG8dy5+w3DQ9kBX1ahLWp sVKDE3Xm15rKTEttQVaUr/m1yOO46o4j1qQVGoUik438VXSS9QhIWjVDgZOAEdHy Yf6wRoCXQFSqn4/CIHQTu51A1YQRYz3HZBGnafx6KwlJm/473MGPCEaNUfn672oe tQylFj0IaeUn53es9gFd8Rn2QEXoKVPPyCtbzR3Y03NSOIOcyMlMfjBQ2h22X8Wp zWfPZsBgbM4zzqoNx3Cysnv2+zGuHTutVH5NUA8B5BUbtmmxgRB3OgiJ3G8ebAxB 5kTGFhMmzAaTFfp3yh+D6xhP4p0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQt/S9 hX9+Onc00ntQtAQx6qHpcjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTkzMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rNAwDQYJKoZIhvcNAQELBQADggEBAJiTEMYdbu7KofWu6knDMkjAfNdDadqNjZ3Z R6xRgFj5xPfyeXeyMwoCx18ISV/YoOQ0KLVDu3fgcyxXSb7VZty83YvmCnsXUPqn IFg8wnkQ2SiZdJxzZu14jFFuia15ST+D7vQD5ZjLn6uRdw8pWRYyA7VgsvtYelNZ 6XNJTLBTC+ZRadJUp2pcaLY+qtBDkUJgZkD34BybzEoEsSIbAfd5QGb8vBdAnSC2 ScTMKen/KJvzPqibYpchd/uVdMOwypsxVVXNPlaL8QhJ1rTiNHFk6Ck/JIp4Q4ji OvvHkx9UwxA3g1HiTD6HtV0IuijohY7L4WSHaZ8mCWEI8+0zZoU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:55 2026 by rpki-client