$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145332.roa File: AS145332.roa (raw, json) Hash identifier: 4YT3lG9M02bBuZ8WN7aFH8mkkiG6Pvr2wBMiF8P/m7o= Subject key identifier: 71:6C:90:A4:7B:A8:10:B2:4B:3E:1F:9E:62:FC:11:3A:E7:3D:D5:42 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 799D8ED27D9152B46E7C7B517AED012CA9C7ECA4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145332.roa Signing time: Wed 04 Mar 2026 06:19:23 +0000 ROA not before: Wed 04 Mar 2026 06:14:23 +0000 ROA not after: Wed 03 Mar 2027 06:19:23 +0000 asID: 145332 IP address blocks: 240a:aa7a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:9d:8e:d2:7d:91:52:b4:6e:7c:7b:51:7a:ed:01:2c:a9:c7:ec:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:23 2026 GMT Not After : Mar 3 06:19:23 2027 GMT Subject: CN=716C90A47BA810B24B3E1F9E62FC113AE73DD542 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f6:b4:b0:bc:f2:65:75:48:99:bf:8e:3e:6f: 8c:5c:b7:b7:62:83:0a:6c:5c:4f:c7:ec:72:95:c9: 92:d4:10:02:44:56:79:1b:98:aa:88:6a:f5:51:74: 6d:a9:a1:80:50:07:c8:9a:7d:6e:28:35:ca:bd:de: 88:c4:b7:13:c3:cb:94:28:13:df:93:7b:ea:de:10: c3:eb:74:d1:87:32:34:1f:20:66:2a:26:9b:ca:ad: 3b:65:8b:2a:d3:8f:25:10:b3:5c:82:f7:80:40:bc: 5e:b5:8d:1e:42:c0:97:55:d1:5a:fd:04:3d:5c:1e: 2b:e5:88:4f:41:af:cd:51:6f:d3:84:25:ef:d9:28: e4:e8:b6:fb:d0:82:b1:1e:08:e4:29:2c:e1:d3:6f: 2d:1d:f4:d3:b7:b8:8a:7b:5d:6d:42:fc:40:30:f8: 81:28:66:6b:76:75:38:38:50:ab:dc:a2:e9:2e:5e: 4b:c9:f2:3c:6a:8d:c8:79:d0:3d:09:a9:88:4a:e9: 73:1c:7a:84:01:6a:14:3d:7d:f3:ba:c7:73:57:55: f2:6a:4e:38:e7:4d:1e:3a:6e:60:46:ad:f5:ec:06: 0d:bc:4c:39:37:58:0a:f2:86:55:d8:4c:ef:44:08: e7:1a:56:c2:99:08:37:f8:08:e5:7a:67:74:37:78: eb:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:6C:90:A4:7B:A8:10:B2:4B:3E:1F:9E:62:FC:11:3A:E7:3D:D5:42 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145332.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa7a::/32 Signature Algorithm: sha256WithRSAEncryption 23:45:c7:8b:61:fa:05:d4:43:83:6a:04:57:59:4c:3d:77:d6: 61:61:50:f4:e0:4a:3b:77:7a:6f:2c:29:40:2f:6a:95:f7:8d: 54:6c:c3:5f:d8:44:6f:80:1c:66:7e:d8:d2:a1:53:85:78:e2: bb:e2:b0:e8:b0:4a:1c:16:3c:5a:16:2c:b6:fb:cc:e7:a3:97: 0a:8c:90:b7:a3:a5:94:8c:2a:3f:90:d9:df:bf:95:49:87:61: 0e:2d:b5:6d:4e:5a:8f:f6:f6:36:54:87:8a:4b:2f:9e:cb:32: d0:0a:a6:c0:d5:e3:88:e6:c8:20:b4:84:39:09:17:c6:6d:c9: cb:63:2f:81:93:1b:e4:cd:97:15:fc:4f:ff:e3:2c:5c:ff:44: 89:b8:67:ef:c1:7f:51:36:1a:19:c6:5d:7d:77:b1:08:20:e1: 89:ab:39:b1:31:f2:7b:70:5a:84:fc:18:6f:6b:21:d6:7a:3d: 22:28:45:3e:33:76:46:05:60:8e:19:07:a1:b1:f4:6b:42:3b: 5c:6d:55:e5:08:69:96:f4:1c:6f:5d:12:7a:8f:9d:b5:b2:4d: 88:d2:9c:fb:48:15:83:02:5a:c5:89:ad:fb:65:a7:f4:aa:77: 20:0c:26:6d:09:b0:9a:9d:30:fb:02:91:e2:34:92:48:5c:fc: af:8f:6e:4a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeZ2O0n2RUrRufHtReu0BLKnH7KQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyM1oX DTI3MDMwMzA2MTkyM1owMzExMC8GA1UEAxMoNzE2QzkwQTQ3QkE4MTBCMjRCM0Ux RjlFNjJGQzExM0FFNzNERDU0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOD2tLC88mV1SJm/jj5vjFy3t2KDCmxcT8fscpXJktQQAkRWeRuYqohq9VF0 bamhgFAHyJp9big1yr3eiMS3E8PLlCgT35N76t4Qw+t00YcyNB8gZiomm8qtO2WL KtOPJRCzXIL3gEC8XrWNHkLAl1XRWv0EPVweK+WIT0GvzVFv04Ql79ko5Oi2+9CC sR4I5Cks4dNvLR3007e4intdbUL8QDD4gShma3Z1ODhQq9yi6S5eS8nyPGqNyHnQ PQmpiErpcxx6hAFqFD1987rHc1dV8mpOOOdNHjpuYEat9ewGDbxMOTdYCvKGVdhM 70QI5xpWwpkIN/gI5XpndDd460UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRxbJCk e6gQsks+H55i/BE65z3VQjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qnowDQYJKoZIhvcNAQELBQADggEBACNFx4th+gXUQ4NqBFdZTD131mFhUPTgSjt3 em8sKUAvapX3jVRsw1/YRG+AHGZ+2NKhU4V44rvisOiwShwWPFoWLLb7zOejlwqM kLejpZSMKj+Q2d+/lUmHYQ4ttW1OWo/29jZUh4pLL57LMtAKpsDV44jmyCC0hDkJ F8ZtyctjL4GTG+TNlxX8T//jLFz/RIm4Z+/Bf1E2GhnGXX13sQgg4YmrObEx8ntw WoT8GG9rIdZ6PSIoRT4zdkYFYI4ZB6Gx9GtCO1xtVeUIaZb0HG9dEnqPnbWyTYjS nPtIFYMCWsWJrftlp/SqdyAMJm0JsJqdMPsCkeI0kkhc/K+Pbko= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:19 2026 by rpki-client