$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145986.roa File: AS145986.roa (raw, json) Hash identifier: FTI30DdhtFK+/oG6xSP/qbuJhYZ89yeHGZZzs3BA/GM= Subject key identifier: 7E:13:80:33:CB:55:9D:CC:6A:09:29:D5:3C:7D:EE:73:FA:E7:46:0F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 53A767C91076BF15E15A32335032A246FD516289 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145986.roa Signing time: Wed 04 Mar 2026 06:29:52 +0000 ROA not before: Wed 04 Mar 2026 06:24:52 +0000 ROA not after: Wed 03 Mar 2027 06:29:52 +0000 asID: 145986 IP address blocks: 240a:ad08::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:a7:67:c9:10:76:bf:15:e1:5a:32:33:50:32:a2:46:fd:51:62:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:52 2026 GMT Not After : Mar 3 06:29:52 2027 GMT Subject: CN=7E138033CB559DCC6A0929D53C7DEE73FAE7460F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:79:a4:50:12:e7:8e:25:c2:47:88:e5:6f:3b: 86:83:16:84:e5:ec:85:bb:be:6f:d4:0c:14:85:b9: d1:2b:52:2c:cb:55:ee:12:eb:f3:c4:4d:26:e7:49: a7:3e:1d:a7:de:3c:23:69:2c:16:f2:39:87:f9:6c: e5:2c:7d:28:f7:f4:8a:71:de:f7:8a:7e:a0:bb:e2: 1e:28:cd:80:6d:12:07:2a:2d:f6:88:0a:dc:d2:c9: 4f:00:2f:b7:0a:15:40:49:28:84:2b:05:ac:c8:ca: 01:86:dc:22:6b:4d:8f:82:a4:d9:9d:91:a1:74:49: 3f:0a:26:80:4b:e6:a4:2a:27:40:0c:a5:e3:5c:79: 60:23:17:31:63:3b:32:85:e3:4f:38:a0:a7:c4:f5: 92:04:85:67:1f:4f:e0:b0:4d:4b:89:0b:f3:89:b2: d8:c8:f5:d3:cc:24:cf:5c:5b:46:af:60:a2:58:84: 9d:8c:3b:0d:50:17:f8:e6:68:34:10:37:0d:47:52: 3b:84:b6:18:95:bf:65:0f:ed:27:18:47:a5:45:c6: 59:2d:02:b0:8c:b1:30:d4:94:93:61:59:05:8b:ad: f2:11:c1:83:e6:30:b0:0f:53:c7:a8:35:b9:72:9b: 84:4d:91:8a:68:eb:57:f0:81:11:82:b3:0c:7d:fb: ed:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:13:80:33:CB:55:9D:CC:6A:09:29:D5:3C:7D:EE:73:FA:E7:46:0F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145986.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad08::/32 Signature Algorithm: sha256WithRSAEncryption 9e:a2:d6:56:fb:32:f8:7b:3e:59:95:22:c8:2b:06:76:f8:5c: c4:94:ce:c9:41:01:82:1f:6f:7a:48:55:53:bd:3a:ee:60:35: fb:a5:32:33:43:63:21:eb:f3:06:f9:0a:1d:02:7a:21:3c:46: 87:a7:da:77:a9:44:3f:21:a8:42:30:76:c0:da:93:5d:10:88: 9c:6a:4b:55:a8:21:bc:da:a3:71:40:e8:92:ca:3e:17:8b:ea: 58:8c:3b:cc:95:d0:3d:77:49:31:b0:f8:5b:49:d0:d4:f8:a1: 0b:5c:cb:a3:c3:0d:f2:18:1d:51:83:a1:ff:a4:6d:af:af:e5: e6:be:af:88:7f:75:28:f0:7b:0c:cd:37:30:11:a3:bd:36:ed: a4:d3:c7:e0:05:2e:db:ba:59:7f:b5:8f:48:c7:4f:d5:4a:44: be:7b:c1:b3:8a:a8:44:7d:19:ac:10:6d:69:39:18:73:3e:10: 85:21:05:d3:b7:93:93:82:5b:c5:2b:e7:11:b3:9e:fb:f6:1a: 4d:19:df:ce:f9:64:39:9e:29:4d:d4:23:26:63:a3:c5:3d:7d: ab:52:8f:57:8e:48:fc:39:3e:f9:0b:a8:45:4c:39:e2:55:b2: f4:7d:e3:64:76:64:fe:84:9d:af:62:41:45:c7:e2:9e:cb:c7: 86:53:aa:7a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUU6dnyRB2vxXhWjIzUDKiRv1RYokwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1MloX DTI3MDMwMzA2Mjk1MlowMzExMC8GA1UEAxMoN0UxMzgwMzNDQjU1OURDQzZBMDky OUQ1M0M3REVFNzNGQUU3NDYwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOF5pFAS544lwkeI5W87hoMWhOXshbu+b9QMFIW50StSLMtV7hLr88RNJudJ pz4dp948I2ksFvI5h/ls5Sx9KPf0inHe94p+oLviHijNgG0SByot9ogK3NLJTwAv twoVQEkohCsFrMjKAYbcImtNj4Kk2Z2RoXRJPwomgEvmpConQAyl41x5YCMXMWM7 MoXjTzigp8T1kgSFZx9P4LBNS4kL84my2Mj108wkz1xbRq9goliEnYw7DVAX+OZo NBA3DUdSO4S2GJW/ZQ/tJxhHpUXGWS0CsIyxMNSUk2FZBYut8hHBg+YwsA9Tx6g1 uXKbhE2RimjrV/CBEYKzDH377fkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR+E4Az y1WdzGoJKdU8fe5z+udGDzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rQgwDQYJKoZIhvcNAQELBQADggEBAJ6i1lb7Mvh7PlmVIsgrBnb4XMSUzslBAYIf b3pIVVO9Ou5gNfulMjNDYyHr8wb5Ch0CeiE8Roen2nepRD8hqEIwdsDak10QiJxq S1WoIbzao3FA6JLKPheL6liMO8yV0D13STGw+FtJ0NT4oQtcy6PDDfIYHVGDof+k ba+v5ea+r4h/dSjwewzNNzARo7027aTTx+AFLtu6WX+1j0jHT9VKRL57wbOKqER9 GawQbWk5GHM+EIUhBdO3k5OCW8Ur5xGznvv2Gk0Z3875ZDmeKU3UIyZjo8U9fatS j1eOSPw5PvkLqEVMOeJVsvR942R2ZP6Ena9iQUXH4p7Lx4ZTqno= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:24 2026 by rpki-client