$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145982.roa File: AS145982.roa (raw, json) Hash identifier: nxqIF6cf633z/GGdR7pcG89kDaMkatOdLIhhNm0lX2I= Subject key identifier: EE:67:C8:8B:F3:E6:9C:7C:6A:F8:C6:68:C4:2C:4D:FD:E8:E1:EA:CD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 035824A6566D1FDEAD3A53D7DB922D819826CC52 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145982.roa Signing time: Wed 04 Mar 2026 06:29:36 +0000 ROA not before: Wed 04 Mar 2026 06:24:36 +0000 ROA not after: Wed 03 Mar 2027 06:29:36 +0000 asID: 145982 IP address blocks: 240a:ad04::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:58:24:a6:56:6d:1f:de:ad:3a:53:d7:db:92:2d:81:98:26:cc:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:36 2026 GMT Not After : Mar 3 06:29:36 2027 GMT Subject: CN=EE67C88BF3E69C7C6AF8C668C42C4DFDE8E1EACD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:de:b4:65:76:d8:30:12:c3:c8:99:33:57:26: 0a:83:6c:16:23:43:bf:00:f9:7b:cd:9f:47:78:b0: fa:24:e7:cb:b0:24:4b:f1:14:10:4a:0d:ac:95:a4: 14:78:fe:28:59:95:5c:6f:78:2f:34:2f:7d:c5:4c: dd:fa:e8:69:ba:57:d7:fd:b9:9c:32:77:66:57:8a: 9a:5c:eb:5d:2a:a0:54:85:63:59:55:9d:13:cd:4a: cf:e5:2d:0c:65:96:33:07:8d:73:e8:54:78:04:61: c1:bf:b0:98:9b:5e:4e:2e:d8:e1:73:2d:e3:a4:43: f7:c9:df:5f:a0:6b:ae:70:18:4c:41:af:0f:eb:ce: da:6f:2c:d4:89:78:6c:b7:af:c0:94:82:86:5c:f4: 56:05:86:0a:a8:4b:94:f3:27:a7:2a:53:20:b9:c1: eb:de:da:de:55:f4:0e:39:ba:8b:9b:87:39:0d:6a: 33:30:58:50:98:d2:b8:ea:20:fb:6e:c6:1b:fd:fc: 5d:c8:b9:64:9a:fe:bf:a0:2f:68:8e:a5:41:5a:73: 87:0a:dd:59:ed:31:d1:bc:d7:99:c4:f3:2c:86:3d: 62:e3:02:c7:ca:92:19:4c:10:53:ce:ad:bc:27:fb: 84:c8:0f:5d:30:77:3b:58:53:66:37:80:04:b7:0a: 96:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:67:C8:8B:F3:E6:9C:7C:6A:F8:C6:68:C4:2C:4D:FD:E8:E1:EA:CD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145982.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad04::/32 Signature Algorithm: sha256WithRSAEncryption 97:ca:c7:b5:75:a0:9d:94:12:21:50:ae:fb:fb:05:da:d0:d1: 1c:ff:70:3a:ca:f3:72:e5:0f:95:cd:fa:4a:da:15:80:26:e2: eb:26:74:90:4c:1c:ce:01:40:21:ca:18:09:00:35:b6:85:b5: bf:6b:64:94:54:29:22:5b:54:31:55:fa:e7:cb:2f:f9:27:cd: 55:87:15:c2:6a:bc:15:c9:8c:81:8a:c0:53:bc:84:87:22:53: 09:d0:3c:28:c6:94:63:86:87:aa:37:db:ae:7d:5d:9b:56:59: 6b:f2:21:76:9c:bf:5d:56:0b:a6:32:f2:93:13:ab:7b:fa:f2: 55:b6:8f:4e:f3:06:ec:19:59:ef:58:52:c9:f8:f6:4b:0c:4f: 6a:96:04:54:8a:4f:b4:76:7e:f3:70:23:2b:cc:5b:ab:51:39: 9c:74:8b:02:28:87:b4:98:ae:9d:80:ad:36:a3:04:4c:23:56: ba:21:a8:eb:57:fd:ad:ba:34:56:b1:9e:8e:5d:65:fb:ca:f5: d0:8e:63:30:7f:0e:66:a2:5c:94:ff:5c:ae:9a:ca:c8:f2:b5: f6:82:23:2d:f3:4e:3f:b4:f9:68:6d:53:3f:8e:02:38:cb:c7: ba:cf:e0:66:b1:15:41:3f:b6:b9:73:28:45:25:86:30:de:8a: cb:7f:40:0e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA1gkplZtH96tOlPX25ItgZgmzFIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzNloX DTI3MDMwMzA2MjkzNlowMzExMC8GA1UEAxMoRUU2N0M4OEJGM0U2OUM3QzZBRjhD NjY4QzQyQzRERkRFOEUxRUFDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANbetGV22DASw8iZM1cmCoNsFiNDvwD5e82fR3iw+iTny7AkS/EUEEoNrJWk FHj+KFmVXG94LzQvfcVM3froabpX1/25nDJ3ZleKmlzrXSqgVIVjWVWdE81Kz+Ut DGWWMweNc+hUeARhwb+wmJteTi7Y4XMt46RD98nfX6BrrnAYTEGvD+vO2m8s1Il4 bLevwJSChlz0VgWGCqhLlPMnpypTILnB697a3lX0Djm6i5uHOQ1qMzBYUJjSuOog +27GG/38Xci5ZJr+v6AvaI6lQVpzhwrdWe0x0bzXmcTzLIY9YuMCx8qSGUwQU86t vCf7hMgPXTB3O1hTZjeABLcKlj8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTuZ8iL 8+acfGr4xmjELE396OHqzTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk4Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rQQwDQYJKoZIhvcNAQELBQADggEBAJfKx7V1oJ2UEiFQrvv7BdrQ0Rz/cDrK83Ll D5XN+kraFYAm4usmdJBMHM4BQCHKGAkANbaFtb9rZJRUKSJbVDFV+ufLL/knzVWH FcJqvBXJjIGKwFO8hIciUwnQPCjGlGOGh6o32659XZtWWWvyIXacv11WC6Yy8pMT q3v68lW2j07zBuwZWe9YUsn49ksMT2qWBFSKT7R2fvNwIyvMW6tROZx0iwIoh7SY rp2ArTajBEwjVrohqOtX/a26NFaxno5dZfvK9dCOYzB/DmaiXJT/XK6aysjytfaC Iy3zTj+0+WhtUz+OAjjLx7rP4GaxFUE/trlzKEUlhjDeist/QA4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:09 2026 by rpki-client