$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145132.roa File: AS145132.roa (raw, json) Hash identifier: GbYUBHpMbFcZY7pRZFwN8tnYwt4r4MnY1V25gaqUwt0= Subject key identifier: 31:47:2A:91:12:F7:12:5C:64:3C:32:AE:DA:39:4F:11:8A:A8:B4:54 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 495737DB4CC6EB8F5C24A263801702B6A13B5322 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145132.roa Signing time: Wed 04 Mar 2026 06:21:20 +0000 ROA not before: Wed 04 Mar 2026 06:16:20 +0000 ROA not after: Wed 03 Mar 2027 06:21:20 +0000 asID: 145132 IP address blocks: 240a:a9b2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:57:37:db:4c:c6:eb:8f:5c:24:a2:63:80:17:02:b6:a1:3b:53:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:20 2026 GMT Not After : Mar 3 06:21:20 2027 GMT Subject: CN=31472A9112F7125C643C32AEDA394F118AA8B454 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:39:50:32:c6:d2:f3:c5:0b:7c:d7:59:9b:cc: 8e:1a:f8:a0:55:5e:7f:c7:6b:d2:c8:55:0b:7c:e0: 5b:fd:6b:4c:f5:1f:19:a8:c9:23:9e:ab:5f:71:94: 56:46:d4:02:1f:f3:89:8e:ec:00:07:63:b9:bf:a0: 49:e1:09:b9:a2:88:05:1a:21:98:b1:30:28:55:41: 30:db:d9:cf:dc:91:83:96:8c:22:85:7d:07:8c:44: e1:89:57:bc:ba:48:41:0b:36:a3:ce:22:b0:35:70: b6:58:e8:a6:86:0b:e1:a6:c8:c5:a7:ba:21:3d:2a: 6e:fb:d8:1c:36:92:da:98:ba:aa:61:42:da:4d:64: cb:5c:d5:f1:24:28:e1:bf:ee:0f:dd:ae:cd:1a:c9: 2a:3d:cc:3d:1d:43:a8:61:b9:bf:17:90:ef:3f:c5: ff:e1:ce:71:ed:54:5a:2c:80:1b:a5:94:c9:e9:ca: ba:ee:97:c5:22:42:b6:98:56:0f:b3:07:e0:44:33: 14:1c:d7:78:c5:67:3a:1c:7d:4d:2e:ed:6c:39:7a: c2:19:3c:55:00:d3:3c:c6:ff:a9:96:98:e4:8f:db: 78:9f:81:68:37:bc:f3:d2:f8:b6:5a:f7:d0:e6:c5: d8:f8:b4:fc:a1:89:ab:95:a0:30:13:3c:e2:4a:8b: 36:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:47:2A:91:12:F7:12:5C:64:3C:32:AE:DA:39:4F:11:8A:A8:B4:54 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9b2::/32 Signature Algorithm: sha256WithRSAEncryption 51:19:67:1e:22:81:a5:d8:b7:c2:0c:ff:1b:f2:f7:d0:8e:fa: 41:68:aa:5a:b8:d6:c7:48:66:95:a3:26:42:0d:0f:ee:4f:ee: e7:e1:49:0f:a1:44:80:07:f5:c4:9b:e5:2b:7c:e3:53:52:81: 01:af:8a:44:77:1c:4f:b4:c1:ba:d3:37:cb:8e:a3:7e:bb:16: 56:8a:4f:58:67:a8:73:b2:fb:ca:bb:db:24:62:7b:5e:28:ce: a0:3e:3a:6e:bb:fd:85:29:92:2d:a4:99:f3:8b:9a:fb:d8:c6: 55:42:17:ae:3e:03:7d:69:2c:b1:bf:c9:94:65:87:94:28:e4: 32:01:c0:b3:73:9e:31:cd:fb:01:43:ac:e4:44:be:58:dd:f8: ee:d5:4e:09:82:3c:37:e5:45:58:99:dd:cc:98:66:4f:b3:cc: 82:c1:6e:12:ed:50:59:02:55:6a:94:04:9f:e9:3d:26:c5:3c: 9b:61:82:0c:80:91:42:df:27:22:24:b6:8b:4c:6a:06:fd:ba: d7:b2:38:95:c0:95:e1:db:ca:f2:e9:8c:e0:33:42:1d:01:87: e8:7f:de:6c:ec:5b:81:6b:d8:58:c4:5a:1b:56:20:5d:50:a5: 1d:20:00:bc:30:ad:9c:8e:37:56:e9:14:10:1c:68:81:4d:4a: 77:49:f2:4f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSVc320zG649cJKJjgBcCtqE7UyIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyMFoX DTI3MDMwMzA2MjEyMFowMzExMC8GA1UEAxMoMzE0NzJBOTExMkY3MTI1QzY0M0Mz MkFFREEzOTRGMTE4QUE4QjQ1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMI5UDLG0vPFC3zXWZvMjhr4oFVef8dr0shVC3zgW/1rTPUfGajJI56rX3GU VkbUAh/ziY7sAAdjub+gSeEJuaKIBRohmLEwKFVBMNvZz9yRg5aMIoV9B4xE4YlX vLpIQQs2o84isDVwtljopoYL4abIxae6IT0qbvvYHDaS2pi6qmFC2k1ky1zV8SQo 4b/uD92uzRrJKj3MPR1DqGG5vxeQ7z/F/+HOce1UWiyAG6WUyenKuu6XxSJCtphW D7MH4EQzFBzXeMVnOhx9TS7tbDl6whk8VQDTPMb/qZaY5I/beJ+BaDe889L4tlr3 0ObF2Pi0/KGJq5WgMBM84kqLNqkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQxRyqR EvcSXGQ8Mq7aOU8Riqi0VDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qbIwDQYJKoZIhvcNAQELBQADggEBAFEZZx4igaXYt8IM/xvy99CO+kFoqlq41sdI ZpWjJkIND+5P7ufhSQ+hRIAH9cSb5St841NSgQGvikR3HE+0wbrTN8uOo367FlaK T1hnqHOy+8q72yRie14ozqA+Om67/YUpki2kmfOLmvvYxlVCF64+A31pLLG/yZRl h5Qo5DIBwLNznjHN+wFDrOREvljd+O7VTgmCPDflRViZ3cyYZk+zzILBbhLtUFkC VWqUBJ/pPSbFPJthggyAkULfJyIktotMagb9uteyOJXAleHbyvLpjOAzQh0Bh+h/ 3mzsW4Fr2FjEWhtWIF1QpR0gALwwrZyON1bpFBAcaIFNSndJ8k8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:58 2026 by rpki-client