$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145976.roa File: AS145976.roa (raw, json) Hash identifier: T+00nKvPGkVPALONuMaF4grigqwEAJp7SQ96pKxhNJI= Subject key identifier: C7:2D:DF:FD:24:85:F0:0A:52:52:44:46:59:1F:7D:BC:9C:29:5F:31 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 33305267661780343E99DDD22FED4678D58884FA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145976.roa Signing time: Wed 04 Mar 2026 06:30:39 +0000 ROA not before: Wed 04 Mar 2026 06:25:39 +0000 ROA not after: Wed 03 Mar 2027 06:30:39 +0000 asID: 145976 IP address blocks: 240a:acfe::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:30:52:67:66:17:80:34:3e:99:dd:d2:2f:ed:46:78:d5:88:84:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:39 2026 GMT Not After : Mar 3 06:30:39 2027 GMT Subject: CN=C72DDFFD2485F00A52524446591F7DBC9C295F31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d4:e1:26:fd:b8:30:57:b5:ac:7c:d1:79:18: 8a:e4:20:d1:c5:85:08:97:41:1f:10:a1:c5:85:e3: 5a:0f:d6:bc:79:4d:38:b0:a5:06:2b:5e:c9:15:f1: ee:cd:22:ad:3a:22:84:b0:b8:db:77:a7:f9:b0:5b: 4f:81:a8:0a:f6:44:49:c5:5e:b1:e0:52:8f:cc:e9: fd:4b:39:26:30:62:63:06:af:fe:e1:72:dd:05:8b: ba:92:ce:df:e4:bf:91:fb:4a:90:9a:54:c8:a1:c9: 28:c8:cd:c4:87:90:ac:de:99:ec:d7:94:76:f3:27: a6:87:4f:5a:e2:94:c7:cf:a8:8d:9e:5f:60:7e:95: 87:ab:9a:18:5d:9d:6e:1b:a0:28:ae:c2:07:d7:19: d0:ab:31:f0:7a:7c:2b:f4:aa:44:a6:46:97:e0:7b: 98:66:b9:b5:3f:cb:73:f9:bd:5b:36:df:45:10:c2: 3c:fa:b6:94:57:b9:01:b5:97:76:ec:d4:d3:08:8b: 47:5a:72:1d:bd:02:24:ca:f6:57:b2:47:73:e9:26: 39:2d:4c:8c:60:51:54:27:d5:75:7e:cb:ab:5c:cc: f7:b1:1a:4f:47:00:82:17:d6:0e:6c:8f:b1:90:49: d5:53:e4:1b:2f:ee:4c:c5:6c:9c:c4:66:83:93:89: a2:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:2D:DF:FD:24:85:F0:0A:52:52:44:46:59:1F:7D:BC:9C:29:5F:31 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145976.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:acfe::/32 Signature Algorithm: sha256WithRSAEncryption 0f:ec:51:38:aa:91:9e:c4:32:c5:94:30:16:79:1b:ee:42:ec: 5b:e0:fe:13:62:8b:9f:4f:f4:c7:ca:5d:57:db:10:f4:fe:e0: 2b:ac:e3:d9:29:7d:56:10:b0:41:64:a0:19:6d:63:5d:76:8c: 92:8c:61:79:37:c7:88:e9:26:95:00:ae:42:12:66:23:a1:53: e3:c7:a2:ef:51:f4:72:e4:39:10:c3:e1:23:67:eb:7e:44:3a: 24:45:cf:a8:53:2d:90:6d:08:e3:a7:3a:69:a5:41:1c:d7:ad: 5a:ec:58:8c:ee:91:11:84:f4:07:c7:e6:45:b5:d7:54:d7:7d: 56:21:3b:32:c8:d5:2b:f8:a3:be:6b:37:52:39:e4:5b:19:02: 0d:e7:03:70:76:e5:9b:46:73:6c:a5:9f:31:4c:6c:f4:19:1c: 91:d5:15:31:0f:94:9c:90:de:e5:78:97:b0:c1:e9:e2:af:17: 3d:24:a6:6c:85:7d:6c:c2:fe:0e:d7:f8:95:0d:3f:1e:f0:b9: 91:b4:bd:4e:95:f7:40:97:b9:6c:08:e9:50:0a:ea:a3:d4:90: d2:0e:9e:7a:0b:7f:13:6d:5c:7c:d9:f4:df:1d:ac:4d:03:82: f4:bf:02:1b:31:f0:14:ee:97:7a:9c:96:4e:63:3a:c6:b3:82: 44:bb:63:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMzBSZ2YXgDQ+md3SL+1GeNWIhPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzOVoX DTI3MDMwMzA2MzAzOVowMzExMC8GA1UEAxMoQzcyRERGRkQyNDg1RjAwQTUyNTI0 NDQ2NTkxRjdEQkM5QzI5NUYzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ/U4Sb9uDBXtax80XkYiuQg0cWFCJdBHxChxYXjWg/WvHlNOLClBiteyRXx 7s0irToihLC423en+bBbT4GoCvZEScVeseBSj8zp/Us5JjBiYwav/uFy3QWLupLO 3+S/kftKkJpUyKHJKMjNxIeQrN6Z7NeUdvMnpodPWuKUx8+ojZ5fYH6Vh6uaGF2d bhugKK7CB9cZ0Ksx8Hp8K/SqRKZGl+B7mGa5tT/Lc/m9WzbfRRDCPPq2lFe5AbWX duzU0wiLR1pyHb0CJMr2V7JHc+kmOS1MjGBRVCfVdX7Lq1zM97EaT0cAghfWDmyP sZBJ1VPkGy/uTMVsnMRmg5OJovsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHLd/9 JIXwClJSREZZH328nClfMTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rP4wDQYJKoZIhvcNAQELBQADggEBAA/sUTiqkZ7EMsWUMBZ5G+5C7Fvg/hNii59P 9MfKXVfbEPT+4Cus49kpfVYQsEFkoBltY112jJKMYXk3x4jpJpUArkISZiOhU+PH ou9R9HLkORDD4SNn635EOiRFz6hTLZBtCOOnOmmlQRzXrVrsWIzukRGE9AfH5kW1 11TXfVYhOzLI1Sv4o75rN1I55FsZAg3nA3B25ZtGc2ylnzFMbPQZHJHVFTEPlJyQ 3uV4l7DB6eKvFz0kpmyFfWzC/g7X+JUNPx7wuZG0vU6V90CXuWwI6VAK6qPUkNIO nnoLfxNtXHzZ9N8drE0DgvS/Ahsx8BTul3qclk5jOsazgkS7Yyk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:39 2026 by rpki-client