$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145938.roa File: AS145938.roa (raw, json) Hash identifier: DgDYwI/IN4LwRu7lMJNwb4Ag6ZUDGL7sdXQXPFGMDo8= Subject key identifier: 5F:68:44:51:EF:11:5B:44:C4:A6:BD:C0:FB:96:5B:08:EC:78:EB:63 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 509B14649E979162E837D54A9CDE7B02D0228B81 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145938.roa Signing time: Wed 04 Mar 2026 06:29:57 +0000 ROA not before: Wed 04 Mar 2026 06:24:57 +0000 ROA not after: Wed 03 Mar 2027 06:29:57 +0000 asID: 145938 IP address blocks: 240a:acd8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:9b:14:64:9e:97:91:62:e8:37:d5:4a:9c:de:7b:02:d0:22:8b:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:57 2026 GMT Not After : Mar 3 06:29:57 2027 GMT Subject: CN=5F684451EF115B44C4A6BDC0FB965B08EC78EB63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a0:df:d2:da:7a:aa:ce:b8:51:5c:ba:1a:7b: f1:c0:b1:0f:f9:7b:fd:6a:19:16:63:30:1e:dc:d9: 1b:5b:2e:39:2e:44:db:91:2a:db:19:fa:10:b1:db: 0d:cf:37:59:2f:be:e9:77:4b:26:be:72:18:fe:12: 23:4e:66:40:60:7e:2d:42:83:54:3b:a9:e5:0c:5f: c9:e7:bb:27:21:5c:e7:fc:46:22:1a:a9:f3:c7:14: 1e:01:86:22:b6:fa:a0:c2:81:f1:d7:01:6f:2c:80: 66:71:f4:c7:70:a8:8e:13:05:34:f1:6e:21:1f:42: 6a:62:5c:50:36:4e:64:85:1d:e8:51:8c:38:79:bf: 27:cd:8a:2a:f0:63:b7:7e:8d:57:a8:84:fe:68:7f: 1f:c9:d7:f8:88:8b:1a:62:20:ec:16:45:78:72:19: 5d:8d:bc:78:1c:ca:04:ce:25:0a:db:45:c9:3c:c5: 88:17:f9:aa:88:e6:58:1c:d7:43:98:2f:b2:af:f5: 96:09:ae:f8:81:47:79:85:4f:19:38:4f:eb:78:b8: 06:e1:4a:94:57:63:86:62:95:99:7c:f9:c2:81:c3: 0a:06:b3:2e:f3:73:cf:3b:bd:f5:ff:c8:15:5b:6d: bd:db:2c:8f:44:14:0b:c3:4e:2d:63:e5:f3:7b:76: 92:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:68:44:51:EF:11:5B:44:C4:A6:BD:C0:FB:96:5B:08:EC:78:EB:63 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acd8::/32 Signature Algorithm: sha256WithRSAEncryption 86:95:35:e8:26:3d:7c:62:ac:4f:ee:b5:04:07:49:c9:d7:8b: 10:a0:d4:b0:ac:39:f2:f0:15:82:40:f0:e3:16:31:10:48:8c: 7b:27:60:27:66:a2:65:23:9d:c3:57:b9:d7:98:80:15:2a:f8: 81:77:80:5a:d6:bb:f0:4f:5a:37:f5:15:ee:05:fc:f1:14:0b: 28:6f:4e:e0:83:eb:36:ad:af:31:3d:1e:16:43:a6:38:ad:41: 2b:70:98:2b:cf:fa:f8:8e:17:7d:73:9c:1a:59:e4:bf:0c:7d: 2c:7c:b7:d6:59:e1:00:22:0d:3c:85:09:78:23:24:30:18:b6: 0e:6e:c6:93:80:88:fc:6e:56:d5:67:15:4a:29:ba:32:16:99: a4:82:3e:3d:d6:6f:26:91:4d:b3:ee:67:b1:0e:46:41:87:40: 2e:b9:5a:92:02:84:cf:a1:f4:46:56:eb:de:95:ae:fa:b7:51: cc:67:ce:f7:8f:36:6d:79:34:91:00:0a:6a:3e:e0:b7:ea:ca: b4:a4:1e:aa:21:7c:09:62:e0:11:ed:65:03:a3:ab:d0:57:38: e6:4e:10:15:cd:0b:35:2e:e0:98:23:36:61:eb:65:1f:5d:62: b1:a9:d5:47:57:82:14:56:62:f5:64:1a:08:a5:e2:9e:41:24: 53:d1:1c:50 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUJsUZJ6XkWLoN9VKnN57AtAii4EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1N1oX DTI3MDMwMzA2Mjk1N1owMzExMC8GA1UEAxMoNUY2ODQ0NTFFRjExNUI0NEM0QTZC REMwRkI5NjVCMDhFQzc4RUI2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+g39LaeqrOuFFcuhp78cCxD/l7/WoZFmMwHtzZG1suOS5E25Eq2xn6ELHb Dc83WS++6XdLJr5yGP4SI05mQGB+LUKDVDup5Qxfyee7JyFc5/xGIhqp88cUHgGG Irb6oMKB8dcBbyyAZnH0x3CojhMFNPFuIR9CamJcUDZOZIUd6FGMOHm/J82KKvBj t36NV6iE/mh/H8nX+IiLGmIg7BZFeHIZXY28eBzKBM4lCttFyTzFiBf5qojmWBzX Q5gvsq/1lgmu+IFHeYVPGThP63i4BuFKlFdjhmKVmXz5woHDCgazLvNzzzu99f/I FVttvdssj0QUC8NOLWPl83t2klsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRfaERR 7xFbRMSmvcD7llsI7HjrYzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTkzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rNgwDQYJKoZIhvcNAQELBQADggEBAIaVNegmPXxirE/utQQHScnXixCg1LCsOfLw FYJA8OMWMRBIjHsnYCdmomUjncNXudeYgBUq+IF3gFrWu/BPWjf1Fe4F/PEUCyhv TuCD6zatrzE9HhZDpjitQStwmCvP+viOF31znBpZ5L8MfSx8t9ZZ4QAiDTyFCXgj JDAYtg5uxpOAiPxuVtVnFUopujIWmaSCPj3WbyaRTbPuZ7EORkGHQC65WpIChM+h 9EZW696Vrvq3UcxnzvePNm15NJEACmo+4LfqyrSkHqohfAli4BHtZQOjq9BXOOZO EBXNCzUu4JgjNmHrZR9dYrGp1UdXghRWYvVkGgil4p5BJFPRHFA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:44 2026 by rpki-client