$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145256.roa File: AS145256.roa (raw, json) Hash identifier: GywygmvfHPiGuqtDd/Z/f6qiU72jfQHqgZtYbqvZLhk= Subject key identifier: 5C:FF:5B:37:41:BB:49:78:28:C3:05:60:4C:BD:5A:05:F6:0B:BE:2F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 05886F4742FECDB5A0A4ACBDAFD38C3751C429D7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145256.roa Signing time: Wed 04 Mar 2026 06:21:56 +0000 ROA not before: Wed 04 Mar 2026 06:16:56 +0000 ROA not after: Wed 03 Mar 2027 06:21:56 +0000 asID: 145256 IP address blocks: 240a:aa2e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:88:6f:47:42:fe:cd:b5:a0:a4:ac:bd:af:d3:8c:37:51:c4:29:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:56 2026 GMT Not After : Mar 3 06:21:56 2027 GMT Subject: CN=5CFF5B3741BB497828C305604CBD5A05F60BBE2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:d2:f5:a9:c1:1d:0a:29:3e:f8:89:b0:b6:e4: 05:39:9f:50:d6:72:b6:5a:cb:11:71:98:e7:93:bf: 53:29:90:a3:d6:e1:9f:3c:cc:73:d4:e7:33:2b:68: 46:09:5a:15:7a:96:71:37:8b:46:ca:f5:51:c5:30: 65:c1:58:0c:d2:4e:b7:0b:24:ce:5c:8f:ce:91:50: 1d:0a:a1:81:95:e7:47:1b:89:fa:b2:8a:f7:12:e3: 6d:28:87:33:c6:88:44:9c:b5:dc:5c:4e:f3:b1:86: 68:08:46:b0:7f:05:ca:56:84:ee:21:cd:85:04:a2: af:0c:d2:eb:a8:75:66:96:34:8d:e8:84:f0:50:9e: 78:00:a1:62:04:d0:b3:d9:47:b7:b9:f5:9d:91:43: 09:60:41:70:78:28:cd:ed:bf:4c:0d:cf:1b:33:54: d9:c1:3b:06:b7:98:80:9f:6d:bd:c2:4a:50:e4:09: 47:a1:b8:33:27:84:5d:7f:40:88:ad:4a:ca:79:2f: 46:f5:25:c6:3d:10:5f:1a:fd:91:62:64:9e:51:c2: e6:c7:9c:0b:d1:b1:9c:10:fe:55:33:c1:0a:48:62: 23:83:73:05:e1:2f:ce:14:0d:ae:75:6d:81:cf:3c: d8:fb:34:10:9b:a7:c8:cf:d8:f7:03:8d:58:45:87: 4c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:FF:5B:37:41:BB:49:78:28:C3:05:60:4C:BD:5A:05:F6:0B:BE:2F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145256.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa2e::/32 Signature Algorithm: sha256WithRSAEncryption 16:6b:40:02:89:53:41:98:f9:ed:d2:e2:2f:37:7f:e9:7c:f1: 99:2f:ed:7e:b4:c4:d0:09:cc:cc:bc:67:e9:b8:c6:9f:ec:bf: b1:51:59:a7:a7:08:07:d4:8a:ed:9e:16:78:33:95:e7:d1:df: c3:ec:c7:4a:ec:a9:57:32:c0:cb:af:60:f4:03:8e:c5:81:1a: 6a:1b:20:9a:fc:56:b2:52:61:97:43:52:21:99:c1:28:df:50: f9:6d:e7:61:37:59:f9:c4:6d:e5:e8:4c:6d:9f:7d:7c:3a:99: 5e:8b:39:a9:6f:a2:34:38:88:1b:bc:07:78:73:08:e1:c1:ce: ff:08:f1:59:a2:1c:77:04:16:5a:29:93:b8:d3:d8:93:3b:b1: 71:28:ae:4c:95:6d:cc:90:c6:14:7d:57:93:42:7d:a2:53:e4: 03:dc:4f:56:3a:49:9b:43:f6:18:0c:1b:7d:55:0f:4a:16:9a: c7:c3:58:28:56:74:5e:6f:ab:63:86:58:7e:0c:c9:75:72:88: 2c:2a:cc:4d:e7:a1:92:fd:86:ed:7b:ac:15:a7:fa:43:b6:b5: 8f:52:b5:28:35:28:fc:e3:f9:5c:29:7a:60:db:7a:72:59:af: c8:62:43:cc:99:c0:a3:b3:83:59:a3:8f:9a:fa:a0:53:85:cb: 22:2a:72:bb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBYhvR0L+zbWgpKy9r9OMN1HEKdcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1NloX DTI3MDMwMzA2MjE1NlowMzExMC8GA1UEAxMoNUNGRjVCMzc0MUJCNDk3ODI4QzMw NTYwNENCRDVBMDVGNjBCQkUyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJnS9anBHQopPviJsLbkBTmfUNZytlrLEXGY55O/UymQo9bhnzzMc9TnMyto RglaFXqWcTeLRsr1UcUwZcFYDNJOtwskzlyPzpFQHQqhgZXnRxuJ+rKK9xLjbSiH M8aIRJy13FxO87GGaAhGsH8FylaE7iHNhQSirwzS66h1ZpY0jeiE8FCeeAChYgTQ s9lHt7n1nZFDCWBBcHgoze2/TA3PGzNU2cE7BreYgJ9tvcJKUOQJR6G4MyeEXX9A iK1KynkvRvUlxj0QXxr9kWJknlHC5secC9GxnBD+VTPBCkhiI4NzBeEvzhQNrnVt gc882Ps0EJunyM/Y9wONWEWHTA8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRc/1s3 QbtJeCjDBWBMvVoF9gu+LzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qi4wDQYJKoZIhvcNAQELBQADggEBABZrQAKJU0GY+e3S4i83f+l88Zkv7X60xNAJ zMy8Z+m4xp/sv7FRWaenCAfUiu2eFngzlefR38Psx0rsqVcywMuvYPQDjsWBGmob IJr8VrJSYZdDUiGZwSjfUPlt52E3WfnEbeXoTG2ffXw6mV6LOalvojQ4iBu8B3hz COHBzv8I8VmiHHcEFlopk7jT2JM7sXEorkyVbcyQxhR9V5NCfaJT5APcT1Y6SZtD 9hgMG31VD0oWmsfDWChWdF5vq2OGWH4MyXVyiCwqzE3noZL9hu17rBWn+kO2tY9S tSg1KPzj+VwpemDbenJZr8hiQ8yZwKOzg1mjj5r6oFOFyyIqcrs= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:24 2026 by rpki-client