$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145974.roa File: AS145974.roa (raw, json) Hash identifier: SEoutgKcmBs6WPt8AVU8rxDDoeMgBEJ1ZjTjA6XTss0= Subject key identifier: 89:55:06:09:47:1E:32:27:74:66:03:4C:7E:B6:E5:1F:98:75:DA:1F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 51706CB067809F52614BFACD7CC781F1BFF05E55 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145974.roa Signing time: Wed 04 Mar 2026 06:30:08 +0000 ROA not before: Wed 04 Mar 2026 06:25:08 +0000 ROA not after: Wed 03 Mar 2027 06:30:08 +0000 asID: 145974 IP address blocks: 240a:acfc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:70:6c:b0:67:80:9f:52:61:4b:fa:cd:7c:c7:81:f1:bf:f0:5e:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:08 2026 GMT Not After : Mar 3 06:30:08 2027 GMT Subject: CN=89550609471E32277466034C7EB6E51F9875DA1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:5a:c0:95:89:9f:8f:98:a2:40:9c:3e:fd:32: 25:2e:8f:c2:17:0a:e2:6b:23:35:9d:13:4c:c7:88: 0f:54:66:72:87:a9:63:9e:f0:d0:89:a8:54:e7:94: 2b:3a:0c:a8:c9:a4:cd:44:5d:89:f2:42:7f:a0:e5: 13:c3:26:48:47:d9:4f:87:e8:e8:bd:25:73:21:2b: 3a:15:3b:ce:ea:08:6c:f0:f5:46:db:3c:28:ce:62: c5:fb:85:d2:fe:04:46:2b:0d:d3:a6:8d:43:35:3b: 4e:e7:b7:18:97:f4:f8:16:46:79:23:c6:21:9a:98: e9:ee:d4:cb:03:83:94:19:9b:fe:82:68:40:bc:a0: cc:9f:11:8f:ed:a3:b0:a2:39:a6:40:c2:80:c9:d7: 03:ac:9b:a8:4b:ec:ad:7a:ba:74:34:55:15:1d:a4: f7:1b:c1:a7:a6:55:b4:79:fe:22:c2:2a:86:dc:43: 52:84:92:e9:a2:d9:8b:10:fc:dd:7e:a4:61:91:4c: 9f:60:40:68:ec:e9:e6:26:4d:20:c4:62:ac:2a:1b: b6:fb:4e:0b:60:78:ad:bc:19:7a:cc:d8:37:79:9e: c7:7a:95:9a:0a:10:db:9b:58:11:08:21:d3:11:c7: 60:51:03:0a:69:4b:bd:90:01:21:ee:30:e0:df:a7: 11:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:55:06:09:47:1E:32:27:74:66:03:4C:7E:B6:E5:1F:98:75:DA:1F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145974.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acfc::/32 Signature Algorithm: sha256WithRSAEncryption 0b:d5:5a:ad:f1:6c:99:50:0e:e3:44:ce:d9:9d:e0:87:66:dd: 47:1d:5f:ef:b3:ec:a1:76:70:53:c9:06:a6:31:f2:3a:66:f1: d9:b3:29:80:a5:65:3e:9c:c3:4b:75:58:fe:c6:56:4c:38:40: f8:2e:9b:bf:b5:7a:d1:8e:6e:4b:4b:b1:8e:33:37:c2:6b:f1: 33:3e:9c:ba:cc:7e:29:61:1c:31:35:7f:82:4a:b8:2a:7d:45: 79:72:fd:46:c1:ed:51:66:ca:72:b7:38:03:61:7f:22:9e:ac: 3d:8c:53:74:42:fa:40:e7:8a:ca:06:cc:d7:8a:d6:19:f6:52: 5d:3e:10:0b:a6:56:e8:3f:be:f9:94:cd:31:5d:b3:97:30:e0: f8:e4:4d:85:e4:da:05:e3:d0:93:ea:be:b6:30:bc:8f:d0:81: 53:3a:37:b2:ef:ca:bf:cc:04:64:62:e5:fe:37:8b:2f:c8:34: a6:b6:e7:11:58:fa:9b:04:43:c5:0b:f6:8d:fe:bb:4b:ce:5c: c9:54:cf:e5:ea:8e:68:c4:4e:1b:cb:bd:ae:73:44:f8:ef:39: 3e:22:b5:19:dd:36:59:75:f0:2d:21:44:56:b6:cd:2f:4a:06: 27:a1:14:73:eb:d2:e6:e9:bb:1f:b0:fd:ab:5e:2b:04:60:4a: 28:c4:ae:91 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUXBssGeAn1JhS/rNfMeB8b/wXlUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwOFoX DTI3MDMwMzA2MzAwOFowMzExMC8GA1UEAxMoODk1NTA2MDk0NzFFMzIyNzc0NjYw MzRDN0VCNkU1MUY5ODc1REExRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlawJWJn4+YokCcPv0yJS6PwhcK4msjNZ0TTMeID1RmcoepY57w0ImoVOeU KzoMqMmkzURdifJCf6DlE8MmSEfZT4fo6L0lcyErOhU7zuoIbPD1Rts8KM5ixfuF 0v4ERisN06aNQzU7Tue3GJf0+BZGeSPGIZqY6e7UywODlBmb/oJoQLygzJ8Rj+2j sKI5pkDCgMnXA6ybqEvsrXq6dDRVFR2k9xvBp6ZVtHn+IsIqhtxDUoSS6aLZixD8 3X6kYZFMn2BAaOzp5iZNIMRirCobtvtOC2B4rbwZeszYN3mex3qVmgoQ25tYEQgh 0xHHYFEDCmlLvZABIe4w4N+nEYsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSJVQYJ Rx4yJ3RmA0x+tuUfmHXaHzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk3NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rPwwDQYJKoZIhvcNAQELBQADggEBAAvVWq3xbJlQDuNEztmd4Idm3UcdX++z7KF2 cFPJBqYx8jpm8dmzKYClZT6cw0t1WP7GVkw4QPgum7+1etGObktLsY4zN8Jr8TM+ nLrMfilhHDE1f4JKuCp9RXly/UbB7VFmynK3OANhfyKerD2MU3RC+kDnisoGzNeK 1hn2Ul0+EAumVug/vvmUzTFds5cw4PjkTYXk2gXj0JPqvrYwvI/QgVM6N7Lvyr/M BGRi5f43iy/INKa25xFY+psEQ8UL9o3+u0vOXMlUz+XqjmjEThvLva5zRPjvOT4i tRndNll18C0hRFa2zS9KBiehFHPr0ubpux+w/ateKwRgSijErpE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:04 2026 by rpki-client