$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145389.roa File: AS145389.roa (raw, json) Hash identifier: k2ZZt6KSxC599PrWrJhCu7qQ/4fSDOeFOntjZfl4z2M= Subject key identifier: 83:20:BF:62:E6:93:BA:80:CD:15:F4:EC:DB:8A:10:B1:DF:C4:63:8D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 161465C2189E7AC748B57AB9DCE6E45B30E496D1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145389.roa Signing time: Wed 04 Mar 2026 06:19:56 +0000 ROA not before: Wed 04 Mar 2026 06:14:56 +0000 ROA not after: Wed 03 Mar 2027 06:19:56 +0000 asID: 145389 IP address blocks: 240a:aab3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:14:65:c2:18:9e:7a:c7:48:b5:7a:b9:dc:e6:e4:5b:30:e4:96:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:56 2026 GMT Not After : Mar 3 06:19:56 2027 GMT Subject: CN=8320BF62E693BA80CD15F4ECDB8A10B1DFC4638D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fd:86:e7:f0:9a:8f:fd:b3:e2:0b:97:1b:64: f2:cc:01:85:35:87:e1:b8:9f:64:de:ee:f3:3b:bf: ec:18:fb:0e:b3:09:ee:a5:5c:e8:ca:e3:87:73:d1: 3f:2f:54:f0:2a:39:81:b9:bf:09:7d:ba:e2:d4:62: ad:b3:8e:8c:f4:c4:26:06:24:29:fc:62:39:7d:08: dd:5a:80:38:6a:7e:3d:03:50:d7:c9:55:cd:c9:33: 06:2a:a1:50:45:4d:1e:75:fd:dd:66:46:49:8e:fd: 3e:e0:fb:fc:c4:41:2e:8f:a9:79:8c:83:c5:a9:d4: 16:1b:8a:5c:71:ff:d7:ba:35:66:f0:d4:ce:5f:4c: 81:19:16:46:65:58:df:b7:85:c8:45:c5:a0:0b:75: 19:fb:22:fd:dd:0e:b2:1d:e7:c4:d7:09:66:b2:cb: d0:f2:e3:06:47:18:9f:3d:c4:4c:3b:5a:a7:90:6f: c0:b5:0b:55:50:51:95:dc:21:41:ad:3f:27:22:43: b9:f9:0a:05:9f:86:a4:a6:f2:80:b1:c2:21:83:1f: b3:3b:d9:72:b6:9f:a8:b4:92:e8:84:24:70:10:a0: eb:7f:b3:94:a1:73:00:3f:6f:89:7b:2b:a1:38:3b: 33:67:79:b0:e8:8a:5a:04:d3:1c:3f:bc:f1:13:7d: 55:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:20:BF:62:E6:93:BA:80:CD:15:F4:EC:DB:8A:10:B1:DF:C4:63:8D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aab3::/32 Signature Algorithm: sha256WithRSAEncryption 16:d0:44:e2:16:75:af:5b:eb:f1:68:22:68:cb:21:d8:a9:da: c5:8f:be:10:d1:3f:c7:d8:d2:95:01:c6:49:6e:09:93:1b:4e: 14:44:20:c0:38:0c:d8:e1:49:03:c6:a2:68:7b:d8:b9:4b:26: 18:ce:a0:45:c4:c8:99:95:2a:5f:bc:23:62:d2:78:46:a6:95: fd:c4:b1:8c:af:a2:51:0b:77:c1:00:f1:b5:a8:63:83:a1:c3: 5c:a7:c3:55:b7:bb:60:47:21:c4:0a:bf:d3:3f:71:b6:93:7e: d9:9b:c2:3d:a7:c9:33:d7:dc:97:d0:3f:de:1d:5a:e9:df:bf: 97:49:2a:c1:4a:f9:eb:a9:48:2e:60:e4:05:48:17:49:99:70: 25:7c:30:bb:d8:0c:87:76:97:6f:38:e7:20:07:60:29:0a:9d: d7:72:4b:be:f4:30:1c:31:ab:e1:bd:e8:55:1a:30:f5:18:e3: 33:55:e9:f1:67:af:66:ac:37:b4:e9:77:60:e0:85:3e:13:bf: 42:37:ad:e1:25:a4:8e:40:fc:7d:a1:7f:99:d2:09:cb:17:b2: 81:e3:4f:5d:4f:b5:ad:46:76:40:29:ff:2a:eb:82:6c:f6:15: 78:6b:a4:80:64:78:76:8e:a6:eb:8a:4b:cf:3a:9c:3a:dc:32: 66:0b:67:cd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFhRlwhieesdItXq53ObkWzDkltEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1NloX DTI3MDMwMzA2MTk1NlowMzExMC8GA1UEAxMoODMyMEJGNjJFNjkzQkE4MENEMTVG NEVDREI4QTEwQjFERkM0NjM4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL39hufwmo/9s+ILlxtk8swBhTWH4bifZN7u8zu/7Bj7DrMJ7qVc6Mrjh3PR Py9U8Co5gbm/CX264tRirbOOjPTEJgYkKfxiOX0I3VqAOGp+PQNQ18lVzckzBiqh UEVNHnX93WZGSY79PuD7/MRBLo+peYyDxanUFhuKXHH/17o1ZvDUzl9MgRkWRmVY 37eFyEXFoAt1Gfsi/d0Osh3nxNcJZrLL0PLjBkcYnz3ETDtap5BvwLULVVBRldwh Qa0/JyJDufkKBZ+GpKbygLHCIYMfszvZcrafqLSS6IQkcBCg63+zlKFzAD9viXsr oTg7M2d5sOiKWgTTHD+88RN9VZMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSDIL9i 5pO6gM0V9OzbihCx38RjjTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qrMwDQYJKoZIhvcNAQELBQADggEBABbQROIWda9b6/FoImjLIdip2sWPvhDRP8fY 0pUBxkluCZMbThREIMA4DNjhSQPGomh72LlLJhjOoEXEyJmVKl+8I2LSeEamlf3E sYyvolELd8EA8bWoY4Ohw1ynw1W3u2BHIcQKv9M/cbaTftmbwj2nyTPX3JfQP94d Wunfv5dJKsFK+eupSC5g5AVIF0mZcCV8MLvYDId2l2845yAHYCkKnddyS770MBwx q+G96FUaMPUY4zNV6fFnr2asN7Tpd2DghT4Tv0I3reElpI5A/H2hf5nSCcsXsoHj T11Pta1GdkAp/yrrgmz2FXhrpIBkeHaOpuuKS886nDrcMmYLZ80= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:55 2026 by rpki-client