$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145951.roa File: AS145951.roa (raw, json) Hash identifier: 45uhJYJ3hWk2ylaKw7mpVEhe39f1MqaS9BS1NwKctO8= Subject key identifier: 6A:75:BB:6E:CF:CB:7E:F8:1A:A2:BD:E8:A8:11:69:AB:0D:D1:CD:66 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4260AEF97CC5E4DC07A36DC15555636D3FD84F7F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145951.roa Signing time: Wed 04 Mar 2026 06:29:50 +0000 ROA not before: Wed 04 Mar 2026 06:24:50 +0000 ROA not after: Wed 03 Mar 2027 06:29:50 +0000 asID: 145951 IP address blocks: 240a:ace5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:60:ae:f9:7c:c5:e4:dc:07:a3:6d:c1:55:55:63:6d:3f:d8:4f:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:50 2026 GMT Not After : Mar 3 06:29:50 2027 GMT Subject: CN=6A75BB6ECFCB7EF81AA2BDE8A81169AB0DD1CD66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:42:77:c2:bd:fa:2f:24:b1:df:d6:69:37:ab: 6d:1a:35:e3:1c:c9:73:31:50:b7:b6:cc:a8:26:76: 70:fa:56:8f:1e:36:22:64:1d:ee:ce:69:6d:06:cd: 56:0c:0f:4e:a0:e2:1a:f7:70:90:01:87:6f:31:4b: 2e:17:2c:02:47:4d:cc:67:f7:3f:1d:55:3c:a8:98: b0:ed:d3:af:61:43:cf:d6:23:17:b1:d2:c7:8b:79: 3c:83:f7:ea:22:78:d5:fe:08:f3:23:22:ee:e8:84: 77:7b:dc:67:15:b4:e4:56:66:52:7e:3b:8d:9f:9c: 3a:a1:68:88:80:d8:2c:1a:9f:02:92:93:bf:09:bb: 9d:72:d8:29:a0:d6:ff:20:bb:61:d1:5c:44:c1:8c: 77:b4:3f:ca:6a:98:18:1c:d6:15:40:df:53:2d:81: e4:f2:e3:2d:cb:53:d6:38:81:9a:ca:c4:9b:dd:ac: 14:ea:1e:20:6a:5d:f1:e1:6f:88:9e:77:8c:74:75: 37:e6:e1:2d:ca:9f:1a:ea:ba:ba:0d:89:8e:01:80: fd:99:39:79:aa:50:41:b7:b5:21:b7:e4:4f:0c:4f: 82:1a:47:74:06:8b:81:65:d6:fa:7e:91:f6:ce:c4: df:bc:a1:cb:c3:67:4b:48:c3:25:ae:32:80:61:8c: da:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:75:BB:6E:CF:CB:7E:F8:1A:A2:BD:E8:A8:11:69:AB:0D:D1:CD:66 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145951.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ace5::/32 Signature Algorithm: sha256WithRSAEncryption 14:de:a3:72:21:c5:37:76:8b:6e:81:7b:df:00:3a:53:96:5c: 45:fd:d7:45:4e:30:87:ba:c4:1b:a1:ba:85:61:3e:47:90:38: 17:8a:65:79:2c:d8:b2:c4:f7:fc:2c:b2:49:c6:bc:e7:67:2a: ee:3a:ac:5f:0f:e8:8e:b1:bb:89:c9:66:50:4f:5f:26:e8:e7: cb:76:70:d8:3d:5c:a9:28:14:64:e0:a8:8b:8d:8a:9b:9e:30: 5a:f8:bf:26:3f:4b:bc:be:f0:d5:e9:af:17:8d:81:82:14:6c: 3e:6f:94:9b:57:0e:dc:da:c7:03:06:dc:bd:cf:0a:10:5f:0c: ac:0c:46:e7:1e:64:c9:9a:8c:f6:7e:5c:bc:dc:3a:37:03:66: 61:ac:26:e4:08:38:89:a3:14:32:09:66:2a:57:9e:9b:4f:87: 00:bb:70:ea:60:c5:21:b1:cd:ca:31:a0:5a:be:0b:76:6b:46: 11:dd:61:c9:e5:85:87:25:1a:31:f9:04:c0:7c:5b:33:ca:64: 1e:ca:b8:f9:80:ee:20:74:f3:bb:e0:19:99:12:d6:5e:12:dd: c4:28:b4:10:ce:89:49:fa:ef:62:03:97:65:b9:9c:75:8d:2a: 53:8f:fe:80:bb:60:c2:7e:e5:74:c7:7e:51:b2:8b:d1:f3:4b: b8:eb:88:50 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQmCu+XzF5NwHo23BVVVjbT/YT38wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1MFoX DTI3MDMwMzA2Mjk1MFowMzExMC8GA1UEAxMoNkE3NUJCNkVDRkNCN0VGODFBQTJC REU4QTgxMTY5QUIwREQxQ0Q2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZCd8K9+i8ksd/WaTerbRo14xzJczFQt7bMqCZ2cPpWjx42ImQd7s5pbQbN VgwPTqDiGvdwkAGHbzFLLhcsAkdNzGf3Px1VPKiYsO3Tr2FDz9YjF7HSx4t5PIP3 6iJ41f4I8yMi7uiEd3vcZxW05FZmUn47jZ+cOqFoiIDYLBqfApKTvwm7nXLYKaDW /yC7YdFcRMGMd7Q/ymqYGBzWFUDfUy2B5PLjLctT1jiBmsrEm92sFOoeIGpd8eFv iJ53jHR1N+bhLcqfGuq6ug2JjgGA/Zk5eapQQbe1IbfkTwxPghpHdAaLgWXW+n6R 9s7E37yhy8NnS0jDJa4ygGGM2uMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRqdbtu z8t++BqiveioEWmrDdHNZjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rOUwDQYJKoZIhvcNAQELBQADggEBABTeo3IhxTd2i26Be98AOlOWXEX910VOMIe6 xBuhuoVhPkeQOBeKZXks2LLE9/wssknGvOdnKu46rF8P6I6xu4nJZlBPXybo58t2 cNg9XKkoFGTgqIuNipueMFr4vyY/S7y+8NXprxeNgYIUbD5vlJtXDtzaxwMG3L3P ChBfDKwMRuceZMmajPZ+XLzcOjcDZmGsJuQIOImjFDIJZipXnptPhwC7cOpgxSGx zcoxoFq+C3ZrRhHdYcnlhYclGjH5BMB8WzPKZB7KuPmA7iB087vgGZkS1l4S3cQo tBDOiUn672IDl2W5nHWNKlOP/oC7YMJ+5XTHflGyi9HzS7jriFA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:28 2026 by rpki-client