$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145953.roa File: AS145953.roa (raw, json) Hash identifier: LpOJwjqXPppv9YuEIUrufrMYCZ0PcETltTXhEhGCF+Y= Subject key identifier: A4:28:59:52:94:69:DC:63:ED:98:8C:BF:2F:69:28:C9:ED:80:CA:2F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 20C5E5331A44FE305485AAE0BFDFA9E5B79F734C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145953.roa Signing time: Wed 04 Mar 2026 06:30:54 +0000 ROA not before: Wed 04 Mar 2026 06:25:54 +0000 ROA not after: Wed 03 Mar 2027 06:30:54 +0000 asID: 145953 IP address blocks: 240a:ace7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:c5:e5:33:1a:44:fe:30:54:85:aa:e0:bf:df:a9:e5:b7:9f:73:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:54 2026 GMT Not After : Mar 3 06:30:54 2027 GMT Subject: CN=A42859529469DC63ED988CBF2F6928C9ED80CA2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:fd:71:a7:73:4b:39:33:87:c9:07:ea:ed:8a: 0f:81:08:26:47:fd:9e:97:7b:fb:54:12:0b:8e:93: 9d:4e:9d:36:06:8b:0e:7a:eb:03:74:6f:b8:eb:46: 5a:32:98:99:23:5c:47:c8:62:a5:04:5d:21:be:fe: 47:6c:d7:50:49:e0:95:be:18:3f:33:5b:1a:54:1b: 8b:c2:a1:b1:5f:58:94:a0:2c:c5:8e:c1:1a:0a:a3: 74:69:b4:af:20:7f:da:b8:61:f7:ee:2c:99:8a:69: 45:01:ed:a0:59:50:8d:20:51:a8:64:b0:ef:1e:3d: 01:40:a2:9b:10:1a:75:f6:c7:5e:0a:88:38:03:a5: b8:ef:01:c3:64:4b:7b:97:56:6e:65:72:6e:0c:ba: d3:63:17:97:99:0b:76:5b:13:71:0e:4d:34:a2:c3: ae:32:3f:a1:e2:4b:2c:3d:44:92:bb:27:71:80:7d: bb:90:58:e6:d6:63:d1:36:9f:09:eb:5a:66:4f:f8: a5:7e:c8:ce:e2:1b:f3:e9:9d:6e:99:97:02:93:05: 75:68:ec:71:72:59:76:39:80:2e:60:60:2f:46:25: ac:20:58:fa:d9:a6:f8:b8:a5:82:0d:bb:ef:2b:af: 44:89:65:06:9e:51:ad:10:7f:be:a1:f8:09:9a:9d: e7:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:28:59:52:94:69:DC:63:ED:98:8C:BF:2F:69:28:C9:ED:80:CA:2F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145953.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ace7::/32 Signature Algorithm: sha256WithRSAEncryption 0b:ba:d8:e9:ec:c0:7b:12:67:b1:5f:36:d1:24:d5:15:93:e2: d2:20:35:e2:de:93:e3:30:81:42:84:ee:47:11:47:08:c7:ff: 82:5e:0b:3f:c4:d6:5a:50:a3:16:5f:61:f1:b3:b4:3c:d5:e7: 6a:28:5c:77:e4:02:27:77:6e:87:30:0a:c5:6d:2d:74:f2:9e: e2:35:bf:8d:a3:9c:55:ee:d9:d3:43:c6:90:a8:8a:f7:e7:be: 7f:63:ad:03:e0:95:04:37:61:cf:e0:f0:be:29:1b:c6:ed:09: 74:50:28:3d:cc:57:fa:b3:01:d8:db:15:44:c9:98:35:39:26: 2b:bc:4b:21:47:7a:0f:c8:a8:64:0b:c0:20:53:4e:a5:80:da: d4:22:14:0b:c1:a0:f5:2b:5c:c5:eb:50:9f:28:ae:35:1c:fb: 2a:6c:a5:0e:da:6a:c5:e9:98:ee:db:0b:9b:99:da:a8:98:72: 52:c1:97:b7:3b:0b:9c:18:55:d1:8d:0d:68:37:7d:fc:da:67: 66:69:b4:b6:03:26:63:85:6f:eb:d6:bd:99:12:71:02:33:ec: d3:81:23:01:c7:71:1b:c7:27:56:2a:40:61:fb:bd:f6:70:2a: 59:a8:59:46:94:e5:81:96:1d:44:fb:ba:1a:13:95:f6:27:1a: fd:1f:6e:35 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIMXlMxpE/jBUhargv9+p5befc0wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1NFoX DTI3MDMwMzA2MzA1NFowMzExMC8GA1UEAxMoQTQyODU5NTI5NDY5REM2M0VEOTg4 Q0JGMkY2OTI4QzlFRDgwQ0EyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALD9cadzSzkzh8kH6u2KD4EIJkf9npd7+1QSC46TnU6dNgaLDnrrA3RvuOtG WjKYmSNcR8hipQRdIb7+R2zXUEnglb4YPzNbGlQbi8KhsV9YlKAsxY7BGgqjdGm0 ryB/2rhh9+4smYppRQHtoFlQjSBRqGSw7x49AUCimxAadfbHXgqIOAOluO8Bw2RL e5dWbmVybgy602MXl5kLdlsTcQ5NNKLDrjI/oeJLLD1EkrsncYB9u5BY5tZj0Taf CetaZk/4pX7IzuIb8+mdbpmXApMFdWjscXJZdjmALmBgL0YlrCBY+tmm+Lilgg27 7yuvRIllBp5RrRB/vqH4CZqd530CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSkKFlS lGncY+2YjL8vaSjJ7YDKLzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rOcwDQYJKoZIhvcNAQELBQADggEBAAu62OnswHsSZ7FfNtEk1RWT4tIgNeLek+Mw gUKE7kcRRwjH/4JeCz/E1lpQoxZfYfGztDzV52ooXHfkAid3bocwCsVtLXTynuI1 v42jnFXu2dNDxpCoivfnvn9jrQPglQQ3Yc/g8L4pG8btCXRQKD3MV/qzAdjbFUTJ mDU5Jiu8SyFHeg/IqGQLwCBTTqWA2tQiFAvBoPUrXMXrUJ8orjUc+ypspQ7aasXp mO7bC5uZ2qiYclLBl7c7C5wYVdGNDWg3ffzaZ2ZptLYDJmOFb+vWvZkScQIz7NOB IwHHcRvHJ1YqQGH7vfZwKlmoWUaU5YGWHUT7uhoTlfYnGv0fbjU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:00 2026 by rpki-client