$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145335.roa File: AS145335.roa (raw, json) Hash identifier: 5mCgCVIJKQ3p93GoSlgg6fzIhYHMg4Q66UKKP+C1x7M= Subject key identifier: A1:94:61:55:E1:09:55:B2:C9:1F:6D:9D:BE:67:D2:56:20:5D:58:84 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 32D301B15322CA724850920B18B7466C48525300 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145335.roa Signing time: Wed 04 Mar 2026 06:20:55 +0000 ROA not before: Wed 04 Mar 2026 06:15:55 +0000 ROA not after: Wed 03 Mar 2027 06:20:55 +0000 asID: 145335 IP address blocks: 240a:aa7d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:d3:01:b1:53:22:ca:72:48:50:92:0b:18:b7:46:6c:48:52:53:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:55 2026 GMT Not After : Mar 3 06:20:55 2027 GMT Subject: CN=A1946155E10955B2C91F6D9DBE67D256205D5884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:c1:2c:5b:30:48:0c:27:53:70:c9:d1:9a:6f: cc:a0:12:c9:75:65:50:dd:1f:d2:f5:24:0c:be:1e: 8f:ef:9b:4a:e4:8d:63:7a:14:b5:e3:94:54:6b:da: 88:0c:86:fb:9b:a6:51:8a:0c:f3:33:cf:00:6c:8b: 1d:65:6f:dc:f0:48:29:fd:18:ca:4f:2b:ef:82:b9: dd:06:c3:2d:2f:1b:46:31:e2:e5:cb:ad:6e:fb:53: 48:64:3a:52:a6:c5:3b:b6:95:5f:07:12:4e:c9:a4: ea:0b:12:39:ed:4c:15:7a:d0:d2:8d:e4:c6:4a:93: 18:d2:24:3c:30:bf:7e:d6:9b:96:bb:54:64:13:fa: 55:04:f8:41:ef:1e:c9:1d:db:79:9c:98:55:fb:ac: e2:fa:2c:8f:64:bd:e7:79:fe:71:cb:7f:6c:6e:b1: dd:c9:f1:bd:f8:da:8b:18:14:84:20:a8:f2:26:88: cd:3b:4a:34:82:de:e3:88:ec:8c:0f:13:f8:a8:dc: da:33:e6:7b:c9:20:ad:56:9a:74:03:12:db:a1:03: 4e:3c:54:20:69:3a:45:dd:27:57:33:c0:5c:94:36: 03:94:93:5a:9d:e4:68:76:c8:a8:b4:3c:58:a5:7b: 4c:ae:bc:b9:3c:ff:5b:80:d4:39:57:ae:d2:83:4c: b5:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:94:61:55:E1:09:55:B2:C9:1F:6D:9D:BE:67:D2:56:20:5D:58:84 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa7d::/32 Signature Algorithm: sha256WithRSAEncryption 63:10:55:97:a1:a2:74:01:7c:c8:e1:b7:55:ea:29:f4:eb:cc: 77:bd:87:07:e1:89:3d:49:ca:81:50:cd:b6:14:19:d7:9a:f9: e6:2c:a8:56:7c:88:cd:1c:c0:ec:20:0a:0f:50:59:06:89:b2: 22:fb:68:93:11:77:04:fe:94:85:12:a1:b7:4b:5a:00:35:43: ca:64:86:68:5a:88:94:e2:00:9c:35:3b:83:f5:92:14:c7:e5: c7:63:89:3f:57:0c:d1:28:8f:d0:8d:c7:3f:9e:93:e7:bf:b7: dd:28:c8:f3:72:b5:5b:6b:90:59:c8:96:f9:45:58:57:b9:26: 32:c5:c0:6b:f4:92:40:a7:4a:02:9d:6f:30:fa:52:8f:ca:35: 19:4f:e8:67:58:80:3a:08:8e:03:b4:f7:e3:27:37:92:81:8b: 23:5d:9e:d0:90:d9:2d:7d:27:45:ac:70:76:34:b7:6b:e0:e2: 54:87:1d:64:3c:5e:fd:64:82:66:50:39:4f:f5:b1:ad:6f:57: ca:d0:a6:16:25:f2:c9:37:1b:50:61:2e:41:69:63:dd:2c:64: f4:d4:3d:2e:c0:ff:60:61:6e:7e:66:f4:a9:90:1d:56:0a:29: 78:7c:cd:4a:07:3e:a2:50:bf:41:1b:7c:80:10:62:63:b6:aa: 0f:fb:f2:ca -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMtMBsVMiynJIUJILGLdGbEhSUwAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1NVoX DTI3MDMwMzA2MjA1NVowMzExMC8GA1UEAxMoQTE5NDYxNTVFMTA5NTVCMkM5MUY2 RDlEQkU2N0QyNTYyMDVENTg4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANzBLFswSAwnU3DJ0ZpvzKASyXVlUN0f0vUkDL4ej++bSuSNY3oUteOUVGva iAyG+5umUYoM8zPPAGyLHWVv3PBIKf0Yyk8r74K53QbDLS8bRjHi5cutbvtTSGQ6 UqbFO7aVXwcSTsmk6gsSOe1MFXrQ0o3kxkqTGNIkPDC/ftablrtUZBP6VQT4Qe8e yR3beZyYVfus4vosj2S953n+cct/bG6x3cnxvfjaixgUhCCo8iaIzTtKNILe44js jA8T+Kjc2jPme8kgrVaadAMS26EDTjxUIGk6Rd0nVzPAXJQ2A5STWp3kaHbIqLQ8 WKV7TK68uTz/W4DUOVeu0oNMtUUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBShlGFV 4QlVsskfbZ2+Z9JWIF1YhDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMzNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qn0wDQYJKoZIhvcNAQELBQADggEBAGMQVZehonQBfMjht1XqKfTrzHe9hwfhiT1J yoFQzbYUGdea+eYsqFZ8iM0cwOwgCg9QWQaJsiL7aJMRdwT+lIUSobdLWgA1Q8pk hmhaiJTiAJw1O4P1khTH5cdjiT9XDNEoj9CNxz+ek+e/t90oyPNytVtrkFnIlvlF WFe5JjLFwGv0kkCnSgKdbzD6Uo/KNRlP6GdYgDoIjgO09+MnN5KBiyNdntCQ2S19 J0WscHY0t2vg4lSHHWQ8Xv1kgmZQOU/1sa1vV8rQphYl8sk3G1BhLkFpY90sZPTU PS7A/2Bhbn5m9KmQHVYKKXh8zUoHPqJQv0EbfIAQYmO2qg/78so= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:42 2026 by rpki-client