$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145328.roa File: AS145328.roa (raw, json) Hash identifier: e8qwpXqKixV2wSIqVvzaceyMDYGETHo/nnHX7e7AK9A= Subject key identifier: 7C:FE:62:58:34:7A:03:89:7A:D7:D1:16:2C:1E:E9:7D:12:8C:0D:9C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2164A90B4B2CF87BB4E6F2568079D163714BDAB6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145328.roa Signing time: Wed 04 Mar 2026 06:20:17 +0000 ROA not before: Wed 04 Mar 2026 06:15:17 +0000 ROA not after: Wed 03 Mar 2027 06:20:17 +0000 asID: 145328 IP address blocks: 240a:aa76::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:64:a9:0b:4b:2c:f8:7b:b4:e6:f2:56:80:79:d1:63:71:4b:da:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:17 2026 GMT Not After : Mar 3 06:20:17 2027 GMT Subject: CN=7CFE6258347A03897AD7D1162C1EE97D128C0D9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:2b:08:f8:02:cd:f6:ae:f7:18:44:26:02:a0: f0:83:9b:63:fe:89:a9:94:ed:55:3d:24:36:07:d7: 1f:48:c7:b3:47:19:83:bd:c7:bd:4e:12:df:0d:d6: 11:0f:0b:9c:aa:23:42:a1:3c:e0:ec:6f:90:8a:9a: 18:20:2e:8e:00:d4:43:ae:d1:79:37:59:89:e0:d3: 1b:99:83:d6:d4:a7:0e:b9:7f:e3:2b:47:79:e1:ad: b7:30:12:c8:e2:1f:c1:a1:d3:54:26:7d:84:b2:36: e6:4f:18:30:a6:31:42:4d:6e:72:4b:0c:5d:d6:00: 6b:5c:cc:ec:f2:74:af:cd:bb:58:ab:1d:eb:28:8f: 1d:d9:4a:3e:99:2c:d1:77:4f:2b:3f:9f:85:59:e8: 8d:53:7c:4f:ba:0c:9e:3a:d9:9f:dc:0a:bd:91:c5: f2:b0:5e:f0:8e:53:72:a0:d9:b8:47:c9:b6:76:81: 42:e0:a9:b4:8f:82:ee:3a:22:ca:24:df:be:a3:2d: e2:20:0d:43:47:da:ea:41:79:76:f6:d3:e8:c3:6f: 94:28:21:14:4c:d8:52:a8:5d:6f:3b:c9:0c:45:d7: 1f:16:72:86:48:0e:f3:69:98:7a:70:99:94:25:c9: e7:ca:99:56:29:ef:94:9a:e1:fe:fe:38:83:57:1a: db:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:FE:62:58:34:7A:03:89:7A:D7:D1:16:2C:1E:E9:7D:12:8C:0D:9C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145328.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa76::/32 Signature Algorithm: sha256WithRSAEncryption 4b:ec:4f:0f:86:19:1c:8f:55:ba:68:87:a7:77:d9:d4:90:b8: 80:8a:1a:34:13:59:ad:b6:a8:67:12:f3:4c:ad:57:31:b0:31: 34:92:fc:cd:8c:e5:d5:3f:bc:87:f6:77:0d:42:76:07:95:e9: e7:c8:34:de:cc:5f:a7:b7:34:c5:ca:69:de:7a:ad:aa:0f:a6: 38:18:13:82:18:fb:e5:48:8d:cd:1e:22:df:c6:32:58:cc:63: 7b:fb:06:84:57:c7:e3:bf:fe:84:b1:0a:c9:1f:c6:02:fc:de: a4:b1:b7:26:e6:63:20:12:4c:b0:c6:b0:10:0c:d7:e3:56:5c: 2f:ad:76:23:d7:ea:f1:fd:61:8f:96:d7:5e:ba:89:ef:45:34: 13:88:75:d2:54:37:7c:5d:41:1b:0e:9b:3d:87:34:f2:24:93: de:f6:df:7f:1f:46:0d:8c:ed:63:06:e5:e7:76:c7:e9:4f:a8: d2:2d:58:31:92:63:eb:7c:9d:1a:35:c0:49:8c:22:94:75:62: 05:cc:56:62:5e:9a:6d:c3:e0:81:da:32:64:32:2d:6e:5f:c3: e5:f6:f2:45:f1:bd:ac:ab:ca:5c:bc:49:91:5a:2c:f2:f4:b5: 4a:d5:96:1c:e5:2b:a4:23:4c:00:85:1e:d4:a6:4f:1c:f4:58: c0:98:5a:84 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIWSpC0ss+Hu05vJWgHnRY3FL2rYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUxN1oX DTI3MDMwMzA2MjAxN1owMzExMC8GA1UEAxMoN0NGRTYyNTgzNDdBMDM4OTdBRDdE MTE2MkMxRUU5N0QxMjhDMEQ5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOIrCPgCzfau9xhEJgKg8IObY/6JqZTtVT0kNgfXH0jHs0cZg73HvU4S3w3W EQ8LnKojQqE84OxvkIqaGCAujgDUQ67ReTdZieDTG5mD1tSnDrl/4ytHeeGttzAS yOIfwaHTVCZ9hLI25k8YMKYxQk1ucksMXdYAa1zM7PJ0r827WKsd6yiPHdlKPpks 0XdPKz+fhVnojVN8T7oMnjrZn9wKvZHF8rBe8I5TcqDZuEfJtnaBQuCptI+C7joi yiTfvqMt4iANQ0fa6kF5dvbT6MNvlCghFEzYUqhdbzvJDEXXHxZyhkgO82mYenCZ lCXJ58qZVinvlJrh/v44g1ca22kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR8/mJY NHoDiXrX0RYsHul9EowNnDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qnYwDQYJKoZIhvcNAQELBQADggEBAEvsTw+GGRyPVbpoh6d32dSQuICKGjQTWa22 qGcS80ytVzGwMTSS/M2M5dU/vIf2dw1CdgeV6efINN7MX6e3NMXKad56raoPpjgY E4IY++VIjc0eIt/GMljMY3v7BoRXx+O//oSxCskfxgL83qSxtybmYyASTLDGsBAM 1+NWXC+tdiPX6vH9YY+W1166ie9FNBOIddJUN3xdQRsOmz2HNPIkk972338fRg2M 7WMG5ed2x+lPqNItWDGSY+t8nRo1wEmMIpR1YgXMVmJemm3D4IHaMmQyLW5fw+X2 8kXxvayryly8SZFaLPL0tUrVlhzlK6QjTACFHtSmTxz0WMCYWoQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:33 2026 by rpki-client