$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145007.roa File: AS145007.roa (raw, json) Hash identifier: e6qM0XOt7arlT5+KRrQpdCAxwHI4lIGsUPkhHBk+PQ8= Subject key identifier: A0:3F:39:D3:42:A9:68:FC:96:8D:5C:EB:00:F6:7B:FB:C8:7F:46:00 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3591876C7B39979FDC5A638BC6A673788E21F166 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145007.roa Signing time: Wed 04 Mar 2026 06:21:45 +0000 ROA not before: Wed 04 Mar 2026 06:16:45 +0000 ROA not after: Wed 03 Mar 2027 06:21:45 +0000 asID: 145007 IP address blocks: 240a:a935::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:91:87:6c:7b:39:97:9f:dc:5a:63:8b:c6:a6:73:78:8e:21:f1:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:45 2026 GMT Not After : Mar 3 06:21:45 2027 GMT Subject: CN=A03F39D342A968FC968D5CEB00F67BFBC87F4600 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b9:ef:f7:7f:fe:9e:1c:01:68:3b:c3:35:8a: 40:ba:08:91:9b:bb:fc:8a:c4:0b:a6:5e:17:d2:45: 54:e8:94:e4:34:e4:03:11:09:d7:96:d7:fc:01:80: 34:b7:00:ea:66:c6:78:98:7c:f2:4f:eb:60:b7:62: ed:81:a1:56:ee:16:fc:2e:0d:51:ae:1b:ec:57:68: 98:14:c7:51:ef:25:b8:84:f7:b2:93:72:b4:bb:d7: d3:f0:5f:67:6d:79:af:33:06:e5:f7:e9:b2:e4:31: 7d:16:ce:ae:b5:d2:89:d7:f4:9a:af:11:3b:bb:81: a9:0a:7a:4b:0c:ca:d7:30:52:85:f1:9b:f6:c5:d7: c2:df:71:4d:88:6b:0d:c0:fe:64:97:71:1a:6c:d3: 74:8f:cd:98:df:5a:8d:d2:d6:66:0c:ba:78:a2:18: a2:07:4f:1e:88:18:81:c7:21:7e:a1:a7:08:05:07: 96:9f:7e:d6:71:d6:1a:66:3c:de:c5:98:10:ef:68: 36:02:47:c8:4f:67:71:47:f1:43:4a:4c:cf:b8:43: c3:5a:76:f2:c4:d3:2f:a6:37:14:df:07:0c:aa:89: e3:45:b1:5c:d3:e3:4a:1e:eb:f6:ac:1d:f1:05:5c: 62:4a:cc:0b:b4:f6:04:ed:1a:e8:1c:41:97:8e:66: 10:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:3F:39:D3:42:A9:68:FC:96:8D:5C:EB:00:F6:7B:FB:C8:7F:46:00 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145007.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a935::/32 Signature Algorithm: sha256WithRSAEncryption 31:b5:e8:6e:3c:0a:ab:0d:bc:e9:af:43:d5:f2:8e:7e:44:5d: 97:dd:5b:7e:8c:61:ee:f0:5d:7d:b3:ad:40:96:ad:31:7f:56: e2:9f:0a:bc:f8:f8:8a:93:2a:b4:e8:44:af:6f:48:13:e2:3b: 5f:7d:c7:d9:93:b3:6e:bc:09:82:cf:94:77:79:92:7f:4f:a9: d6:e2:2a:48:68:b2:37:fe:d2:58:f6:91:21:78:43:16:11:df: 61:23:98:24:f2:a7:27:59:66:c9:d7:09:88:ae:17:9a:e3:8a: 6f:2e:b5:6b:87:fb:91:57:38:fc:a7:ff:da:5d:8b:fb:2b:b2: 81:76:cf:35:9a:00:07:ab:be:f0:28:20:df:fc:be:f7:6b:9c: 96:b0:9b:23:83:f4:73:82:11:8a:5d:78:91:2d:fc:4e:6e:6b: 20:fd:30:7c:1d:80:51:78:14:e5:5d:65:1c:8e:61:9a:25:a0: 25:e2:38:c4:43:9f:89:af:7a:43:af:67:5f:65:39:71:c4:11: 9f:c0:5e:80:19:57:f5:76:b8:22:e0:b4:8d:04:34:91:2c:6c: 91:ef:ed:9a:b1:31:a0:83:ff:ad:c3:1f:d6:47:12:76:be:43: 64:1f:86:04:18:cd:c5:90:7e:f7:6b:51:f8:e8:a5:c0:01:39: 07:9f:83:66 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNZGHbHs5l5/cWmOLxqZzeI4h8WYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY0NVoX DTI3MDMwMzA2MjE0NVowMzExMC8GA1UEAxMoQTAzRjM5RDM0MkE5NjhGQzk2OEQ1 Q0VCMDBGNjdCRkJDODdGNDYwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO57/d//p4cAWg7wzWKQLoIkZu7/IrEC6ZeF9JFVOiU5DTkAxEJ15bX/AGA NLcA6mbGeJh88k/rYLdi7YGhVu4W/C4NUa4b7FdomBTHUe8luIT3spNytLvX0/Bf Z215rzMG5ffpsuQxfRbOrrXSidf0mq8RO7uBqQp6SwzK1zBShfGb9sXXwt9xTYhr DcD+ZJdxGmzTdI/NmN9ajdLWZgy6eKIYogdPHogYgcchfqGnCAUHlp9+1nHWGmY8 3sWYEO9oNgJHyE9ncUfxQ0pMz7hDw1p28sTTL6Y3FN8HDKqJ40WxXNPjSh7r9qwd 8QVcYkrMC7T2BO0a6BxBl45mEJECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSgPznT Qqlo/JaNXOsA9nv7yH9GADAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAwNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qTUwDQYJKoZIhvcNAQELBQADggEBADG16G48CqsNvOmvQ9Xyjn5EXZfdW36MYe7w XX2zrUCWrTF/VuKfCrz4+IqTKrToRK9vSBPiO199x9mTs268CYLPlHd5kn9Pqdbi Kkhosjf+0lj2kSF4QxYR32EjmCTypydZZsnXCYiuF5rjim8utWuH+5FXOPyn/9pd i/srsoF2zzWaAAervvAoIN/8vvdrnJawmyOD9HOCEYpdeJEt/E5uayD9MHwdgFF4 FOVdZRyOYZoloCXiOMRDn4mvekOvZ19lOXHEEZ/AXoAZV/V2uCLgtI0ENJEsbJHv 7ZqxMaCD/63DH9ZHEna+Q2QfhgQYzcWQfvdrUfjopcABOQefg2Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:02 2026 by rpki-client