$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145088.roa File: AS145088.roa (raw, json) Hash identifier: 7wOTlnyAJSSid+HrtfVWBpxLmTXEbNl9HeMfI+CPmiA= Subject key identifier: 64:97:39:1D:F5:A0:CC:1E:01:C8:39:DB:7F:9B:CE:D8:89:62:EB:17 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D1340B3690B682E7DC639F23BF2299C3A30D857 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145088.roa Signing time: Wed 04 Mar 2026 06:20:25 +0000 ROA not before: Wed 04 Mar 2026 06:15:25 +0000 ROA not after: Wed 03 Mar 2027 06:20:25 +0000 asID: 145088 IP address blocks: 240a:a986::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:13:40:b3:69:0b:68:2e:7d:c6:39:f2:3b:f2:29:9c:3a:30:d8:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:25 2026 GMT Not After : Mar 3 06:20:25 2027 GMT Subject: CN=6497391DF5A0CC1E01C839DB7F9BCED88962EB17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:32:9e:d2:7a:36:40:ab:0f:3d:69:d4:3f:d1: 0d:b0:ec:f9:a7:32:89:dd:df:aa:a9:67:2b:33:dd: f8:cd:09:29:28:16:10:5a:24:50:c0:00:1e:eb:2b: 92:e9:db:6e:3c:42:52:0c:7e:29:c5:f0:52:89:61: 95:63:62:8a:db:e5:2a:55:42:88:e6:d4:cd:a0:be: a5:40:d7:b4:82:54:08:5e:82:66:cc:26:13:ae:45: 1d:b8:87:b9:ed:95:f3:d1:2b:a6:97:59:e5:1f:43: e0:f0:b7:b0:16:10:d7:fb:6a:4c:86:1f:ff:5c:b7: 2c:27:be:b3:52:df:c1:c3:a8:df:d3:54:a0:c9:d7: 5c:86:ab:49:aa:69:0f:78:d7:78:03:96:2b:c5:5f: 85:43:cb:e2:65:6c:1e:a6:54:5d:7f:ef:91:39:0b: 69:74:f5:76:53:5a:0d:65:9d:e9:70:fc:8d:3c:8a: 0c:98:41:bd:52:8a:08:13:10:84:58:58:d1:03:b9: 4c:8c:23:a2:a9:61:f1:d5:cd:6d:ac:38:b5:3d:26: e4:18:bb:fc:10:d7:1e:85:ed:72:2e:40:90:ae:ec: 13:1a:ba:18:07:31:a1:bc:50:12:65:5f:97:ed:70: 10:59:a5:c8:1e:af:bd:81:51:54:25:39:0c:73:a4: a2:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:97:39:1D:F5:A0:CC:1E:01:C8:39:DB:7F:9B:CE:D8:89:62:EB:17 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145088.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a986::/32 Signature Algorithm: sha256WithRSAEncryption 7c:f5:c1:2f:3c:69:e8:87:d0:f5:d3:fe:1e:be:e2:b6:96:fe: e9:44:21:95:f0:86:87:ae:e6:d9:5f:6c:40:cf:6d:54:8b:fd: 3e:6e:a9:9d:8e:6b:78:ec:a2:6a:3b:74:2f:e9:44:ef:d0:ba: 2c:ae:9c:ce:6f:28:6f:b7:47:e4:69:f8:2a:ea:b7:c8:06:3d: 98:af:aa:27:af:a6:2f:9f:a3:94:74:ec:d0:81:a3:8b:b8:32: 0a:84:64:6b:a6:90:e1:6f:4b:2c:59:31:c8:be:59:39:49:95: e1:64:b3:75:63:fa:0a:2d:42:01:5c:1d:f9:97:dd:b7:48:56: 40:13:46:13:cf:f6:45:6e:34:d5:e9:f2:1f:b5:d4:4b:61:08: 46:e1:eb:f5:31:66:7f:ae:67:b2:64:46:c0:d0:0e:36:78:4c: 08:6d:d1:ce:41:5b:6e:61:a7:dc:b1:46:a4:25:0d:df:fa:e7: 6c:b8:45:62:82:7c:ea:51:85:6d:80:e2:40:30:4b:c4:17:4e: b5:d3:af:26:e6:21:d5:7b:50:d1:5b:ba:2e:4a:4b:c9:40:09: 69:ee:3c:df:ae:7c:e7:9e:e9:94:e6:5b:a8:cd:41:32:66:8f: 07:39:0c:4d:37:3b:a9:f2:07:8e:4c:1d:1a:09:a0:a4:bf:ef: ca:11:57:8b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPRNAs2kLaC59xjnyO/IpnDow2FcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyNVoX DTI3MDMwMzA2MjAyNVowMzExMC8GA1UEAxMoNjQ5NzM5MURGNUEwQ0MxRTAxQzgz OURCN0Y5QkNFRDg4OTYyRUIxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsyntJ6NkCrDz1p1D/RDbDs+acyid3fqqlnKzPd+M0JKSgWEFokUMAAHusr kunbbjxCUgx+KcXwUolhlWNiitvlKlVCiObUzaC+pUDXtIJUCF6CZswmE65FHbiH ue2V89ErppdZ5R9D4PC3sBYQ1/tqTIYf/1y3LCe+s1LfwcOo39NUoMnXXIarSapp D3jXeAOWK8VfhUPL4mVsHqZUXX/vkTkLaXT1dlNaDWWd6XD8jTyKDJhBvVKKCBMQ hFhY0QO5TIwjoqlh8dXNbaw4tT0m5Bi7/BDXHoXtci5AkK7sExq6GAcxobxQEmVf l+1wEFmlyB6vvYFRVCU5DHOkohUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRklzkd 9aDMHgHIOdt/m87YiWLrFzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qYYwDQYJKoZIhvcNAQELBQADggEBAHz1wS88aeiH0PXT/h6+4raW/ulEIZXwhoeu 5tlfbEDPbVSL/T5uqZ2Oa3jsomo7dC/pRO/QuiyunM5vKG+3R+Rp+Crqt8gGPZiv qievpi+fo5R07NCBo4u4MgqEZGumkOFvSyxZMci+WTlJleFks3Vj+gotQgFcHfmX 3bdIVkATRhPP9kVuNNXp8h+11EthCEbh6/UxZn+uZ7JkRsDQDjZ4TAht0c5BW25h p9yxRqQlDd/652y4RWKCfOpRhW2A4kAwS8QXTrXTrybmIdV7UNFbui5KS8lACWnu PN+ufOee6ZTmW6jNQTJmjwc5DE03O6nyB45MHRoJoKS/78oRV4s= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:40 2026 by rpki-client