$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145968.roa File: AS145968.roa (raw, json) Hash identifier: 47G38YkcG5YjXXZK2UfS4BcPxRMz1O/rvlxoEBziUkI= Subject key identifier: DC:B0:93:B3:33:CB:58:90:BA:17:95:F2:CF:4A:74:64:3A:5F:2B:0F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 36F6F70569AC47F582E7B6D19B4C5EFD59838B85 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145968.roa Signing time: Wed 04 Mar 2026 06:29:48 +0000 ROA not before: Wed 04 Mar 2026 06:24:48 +0000 ROA not after: Wed 03 Mar 2027 06:29:48 +0000 asID: 145968 IP address blocks: 240a:acf6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:f6:f7:05:69:ac:47:f5:82:e7:b6:d1:9b:4c:5e:fd:59:83:8b:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:48 2026 GMT Not After : Mar 3 06:29:48 2027 GMT Subject: CN=DCB093B333CB5890BA1795F2CF4A74643A5F2B0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:47:1f:6b:b7:09:ad:84:a4:0c:5d:7d:36:bd: 94:da:58:0d:8b:04:83:13:1b:ad:99:18:65:ab:6b: 20:3a:41:cc:f9:b6:ce:cc:e8:10:7e:b5:90:8e:3a: 35:4e:9a:ba:d1:3f:8c:e8:72:01:91:a9:0f:50:a2: 17:fe:80:6f:8f:97:a0:a6:0c:27:5d:34:e2:4d:3f: c1:2b:72:a2:62:22:91:6c:bf:ff:62:2c:21:8b:76: 50:7d:9b:1d:37:11:f6:a1:50:6d:4d:74:f9:10:ca: 1c:58:99:b3:af:e2:4e:ec:af:a8:04:11:ca:5a:ee: b7:74:78:e5:50:8d:10:47:0c:70:c2:c9:a1:ab:ce: c0:75:c7:f8:d7:d6:c6:23:11:4e:ac:67:63:12:c4: fc:9d:0b:b2:34:ba:f0:8e:7b:ca:f4:bf:61:c5:28: 92:97:16:f3:d2:a4:47:cf:78:03:5e:75:75:41:cd: 4b:a6:6b:ea:c6:02:7a:c5:4a:c9:91:2f:db:21:83: f9:10:03:24:d7:26:55:1e:59:6e:a0:ae:20:78:5e: 1c:a0:eb:7e:de:04:40:3c:d5:88:d5:9d:ef:ed:cf: ab:c1:4e:04:08:ed:0d:54:79:b0:5c:c7:7f:96:d8: cd:bf:ed:35:75:e5:40:06:49:62:1e:6a:01:df:77: 9b:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:B0:93:B3:33:CB:58:90:BA:17:95:F2:CF:4A:74:64:3A:5F:2B:0F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145968.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acf6::/32 Signature Algorithm: sha256WithRSAEncryption 33:d0:ce:3e:e6:4c:d8:fd:2e:40:4e:23:e1:bd:92:91:cb:86: e9:7c:f7:1d:1b:e5:5b:6c:c3:fb:1c:9e:a7:59:92:8d:8b:9b: c4:96:89:a5:5c:80:b8:81:e4:f8:4c:0a:b9:cf:ec:9b:fd:4f: b5:4b:0a:70:58:f4:11:84:2d:ea:74:77:e2:34:52:e2:15:67: b6:43:85:4f:46:42:2d:2d:42:1c:55:72:a2:72:4e:4c:ef:4a: f9:5b:be:bb:ce:b1:4b:c1:23:1a:66:4a:1d:a3:a4:fb:a1:25: eb:5b:76:5e:e6:97:ac:7f:5e:17:02:26:5f:68:1b:b4:04:ea: 76:ba:88:39:f0:78:61:90:c4:9e:99:9c:5c:3e:c2:6c:de:5d: 5e:55:43:98:89:ff:85:b8:00:64:64:ae:7e:f0:c0:f7:a0:fe: b7:e5:e1:0c:12:dd:a7:1d:49:20:74:26:32:43:cd:22:6d:4a: 68:fe:53:3e:26:c0:7b:1b:a1:73:31:81:fa:a3:f6:25:e1:32: e2:66:de:82:92:a7:f3:10:ff:8c:f0:7d:83:fa:43:53:7f:23: 34:1e:fb:b6:1f:95:0a:ae:b4:38:ee:1d:90:f9:b9:e4:de:a8: bf:ff:40:a5:e7:6d:c7:e3:17:1e:54:e5:5b:41:b4:2e:d8:9e: 02:33:a8:7c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNvb3BWmsR/WC57bRm0xe/VmDi4UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0OFoX DTI3MDMwMzA2Mjk0OFowMzExMC8GA1UEAxMoRENCMDkzQjMzM0NCNTg5MEJBMTc5 NUYyQ0Y0QTc0NjQzQTVGMkIwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpHH2u3Ca2EpAxdfTa9lNpYDYsEgxMbrZkYZatrIDpBzPm2zszoEH61kI46 NU6autE/jOhyAZGpD1CiF/6Ab4+XoKYMJ1004k0/wStyomIikWy//2IsIYt2UH2b HTcR9qFQbU10+RDKHFiZs6/iTuyvqAQRylrut3R45VCNEEcMcMLJoavOwHXH+NfW xiMRTqxnYxLE/J0LsjS68I57yvS/YcUokpcW89KkR894A151dUHNS6Zr6sYCesVK yZEv2yGD+RADJNcmVR5ZbqCuIHheHKDrft4EQDzViNWd7+3Pq8FOBAjtDVR5sFzH f5bYzb/tNXXlQAZJYh5qAd93m0MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTcsJOz M8tYkLoXlfLPSnRkOl8rDzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rPYwDQYJKoZIhvcNAQELBQADggEBADPQzj7mTNj9LkBOI+G9kpHLhul89x0b5Vts w/scnqdZko2Lm8SWiaVcgLiB5PhMCrnP7Jv9T7VLCnBY9BGELep0d+I0UuIVZ7ZD hU9GQi0tQhxVcqJyTkzvSvlbvrvOsUvBIxpmSh2jpPuhJetbdl7ml6x/XhcCJl9o G7QE6na6iDnweGGQxJ6ZnFw+wmzeXV5VQ5iJ/4W4AGRkrn7wwPeg/rfl4QwS3acd SSB0JjJDzSJtSmj+Uz4mwHsboXMxgfqj9iXhMuJm3oKSp/MQ/4zwfYP6Q1N/IzQe +7YflQqutDjuHZD5ueTeqL//QKXnbcfjFx5U5VtBtC7YngIzqHw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:49 2026 by rpki-client