$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145937.roa File: AS145937.roa (raw, json) Hash identifier: zN+rW0XQYSxPd/YgdEo6XHIyboif+csv7Ne6XqGclDE= Subject key identifier: E6:83:CD:74:4F:C7:2C:6C:EB:00:9D:39:13:06:1E:B8:7A:7C:DB:7C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4E490056EADF0511DE7957AB66650942ED2D0D5F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145937.roa Signing time: Wed 04 Mar 2026 06:29:34 +0000 ROA not before: Wed 04 Mar 2026 06:24:34 +0000 ROA not after: Wed 03 Mar 2027 06:29:34 +0000 asID: 145937 IP address blocks: 240a:acd7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:49:00:56:ea:df:05:11:de:79:57:ab:66:65:09:42:ed:2d:0d:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:34 2026 GMT Not After : Mar 3 06:29:34 2027 GMT Subject: CN=E683CD744FC72C6CEB009D3913061EB87A7CDB7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:38:0c:6e:11:bb:73:b1:5a:11:39:04:e1:6d: db:c2:d8:92:9d:9e:36:77:51:f9:96:6a:08:1e:07: 0d:fb:6f:56:c5:8f:0d:25:bc:31:9c:70:d8:e6:52: 09:aa:88:c5:3c:fd:44:fd:3f:c6:26:0c:22:6e:b2: 47:54:80:7a:ef:76:be:1f:2c:bc:e6:35:fc:fb:54: d6:d1:67:ef:bf:08:e4:44:d0:38:50:b3:b0:b8:c2: e8:7e:69:6d:de:b9:17:70:bf:87:b3:6d:3c:54:54: 1f:b7:a4:03:47:70:57:69:4e:2a:52:05:a3:8a:22: eb:52:37:c6:24:fb:4a:68:a3:83:48:bc:66:ca:28: e7:e9:a9:2f:6d:cd:f8:a0:f0:8c:ee:70:1c:4d:cc: 1a:d2:0a:e6:b8:2a:17:aa:7f:0e:42:fb:aa:38:33: e9:26:f1:54:2a:78:5e:81:da:0f:23:a2:84:65:4b: 11:e3:10:87:5e:19:ba:4e:a7:44:1b:4e:d1:d7:7f: f0:34:b3:1c:f4:9f:8a:46:a2:08:86:2a:31:f8:99: da:6c:35:8b:e8:b3:69:e9:93:b5:8a:d0:ee:c9:2c: 93:d1:31:80:1c:e9:13:d9:0b:27:2a:9f:ea:25:5a: b7:5e:84:82:67:22:e4:a0:c2:e0:fc:23:67:aa:2b: 16:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:83:CD:74:4F:C7:2C:6C:EB:00:9D:39:13:06:1E:B8:7A:7C:DB:7C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145937.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acd7::/32 Signature Algorithm: sha256WithRSAEncryption c1:c1:20:1d:13:a6:39:7c:f6:e3:53:ba:c1:89:64:26:57:57: 4b:cd:ef:a3:68:6f:e4:36:43:46:9e:fe:e3:34:53:55:6e:f6: 69:17:25:c7:0d:5a:7f:f3:93:e3:c5:3d:db:06:b0:d2:da:97: 52:62:18:d7:6f:99:ad:5b:54:8d:b6:d6:f2:29:49:6d:6c:ed: 1b:1b:02:ef:c3:8d:0b:70:f2:b8:d8:f0:e3:e2:fe:35:d7:47: 83:1d:01:98:d3:2f:14:9d:82:d7:04:7d:68:b3:98:21:15:58: 67:0e:55:60:b3:af:61:82:b9:23:08:b7:50:28:89:56:50:57: e2:06:d6:71:28:42:52:e8:81:66:29:89:dd:23:c7:21:70:fa: 95:1e:63:9b:38:bb:56:5d:57:43:8a:f9:1f:4c:8b:f3:b4:75: 54:26:17:d5:3d:3d:74:23:32:09:b2:1c:36:0c:b7:d6:80:41: ee:8b:12:75:28:2b:1f:4b:6f:5b:57:c1:da:0c:e1:89:c0:ec: d3:b9:37:d0:4c:e8:22:d6:d6:1b:fc:58:48:79:b2:d2:6d:94: a4:8a:d6:2c:f6:f3:10:f7:62:d5:94:34:8a:37:d9:8f:13:d0: 6f:61:dc:c2:cb:80:42:9a:85:59:ac:ba:4b:8c:8e:09:a3:2c: e7:eb:10:c0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTkkAVurfBRHeeVerZmUJQu0tDV8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzNFoX DTI3MDMwMzA2MjkzNFowMzExMC8GA1UEAxMoRTY4M0NENzQ0RkM3MkM2Q0VCMDA5 RDM5MTMwNjFFQjg3QTdDREI3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO84DG4Ru3OxWhE5BOFt28LYkp2eNndR+ZZqCB4HDftvVsWPDSW8MZxw2OZS CaqIxTz9RP0/xiYMIm6yR1SAeu92vh8svOY1/PtU1tFn778I5ETQOFCzsLjC6H5p bd65F3C/h7NtPFRUH7ekA0dwV2lOKlIFo4oi61I3xiT7Smijg0i8Zsoo5+mpL23N +KDwjO5wHE3MGtIK5rgqF6p/DkL7qjgz6SbxVCp4XoHaDyOihGVLEeMQh14Zuk6n RBtO0dd/8DSzHPSfikaiCIYqMfiZ2mw1i+izaemTtYrQ7sksk9ExgBzpE9kLJyqf 6iVat16Egmci5KDC4PwjZ6orFj8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTmg810 T8csbOsAnTkTBh64enzbfDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTkzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rNcwDQYJKoZIhvcNAQELBQADggEBAMHBIB0Tpjl89uNTusGJZCZXV0vN76Nob+Q2 Q0ae/uM0U1Vu9mkXJccNWn/zk+PFPdsGsNLal1JiGNdvma1bVI221vIpSW1s7Rsb Au/DjQtw8rjY8OPi/jXXR4MdAZjTLxSdgtcEfWizmCEVWGcOVWCzr2GCuSMIt1Ao iVZQV+IG1nEoQlLogWYpid0jxyFw+pUeY5s4u1ZdV0OK+R9Mi/O0dVQmF9U9PXQj MgmyHDYMt9aAQe6LEnUoKx9Lb1tXwdoM4YnA7NO5N9BM6CLW1hv8WEh5stJtlKSK 1iz28xD3YtWUNIo32Y8T0G9h3MLLgEKahVmsukuMjgmjLOfrEMA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:33 2026 by rpki-client