$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145391.roa File: AS145391.roa (raw, json) Hash identifier: xjU9lLaGwlLjGVTWURBFb5W7XYwdOHqBadhPzfy/taI= Subject key identifier: 64:60:80:B6:8E:91:E1:16:08:29:1D:3A:B2:46:0B:F0:7C:54:A1:3E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 49B2FD23376B5E84122B9C5EA81DD404626FB57F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145391.roa Signing time: Wed 04 Mar 2026 06:19:55 +0000 ROA not before: Wed 04 Mar 2026 06:14:55 +0000 ROA not after: Wed 03 Mar 2027 06:19:55 +0000 asID: 145391 IP address blocks: 240a:aab5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:b2:fd:23:37:6b:5e:84:12:2b:9c:5e:a8:1d:d4:04:62:6f:b5:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:55 2026 GMT Not After : Mar 3 06:19:55 2027 GMT Subject: CN=646080B68E91E11608291D3AB2460BF07C54A13E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:f0:8b:81:e0:8f:00:ef:6d:86:65:6d:94:e4: d0:ad:c3:e4:9e:ca:7c:e2:87:6c:04:c8:3f:01:b1: f9:df:04:d2:63:9e:07:82:56:33:d4:28:23:9b:b2: 98:c2:91:e6:0c:18:86:89:ef:bc:5e:4a:6e:09:52: c5:6f:12:cb:48:70:1d:f2:83:1b:94:03:53:ae:30: a2:2e:1b:c7:81:ee:c8:52:63:79:fd:34:7f:ec:04: d7:f9:a8:87:ea:44:b4:73:f3:fa:c3:3c:23:e0:2c: 86:bf:e7:b6:b3:f7:2d:27:64:6a:12:29:be:c6:99: a6:87:bc:05:a6:56:61:fc:a2:c4:52:a2:dd:2f:62: 77:4e:4c:7f:d6:a4:3e:df:0d:81:b5:77:75:0b:84: 6e:33:c7:1f:3e:d2:79:ec:47:16:7a:4b:6a:c1:99: 0a:eb:3a:00:88:a1:90:65:e4:04:1e:02:02:88:4c: 48:1d:f1:72:68:68:e6:bc:4d:4a:b6:3d:46:53:a6: 13:07:47:ed:5d:2b:33:c6:20:2a:5d:fe:d0:54:ee: b9:86:7c:e9:6c:eb:e3:ae:52:75:58:fe:4f:c6:0f: bf:e3:e6:17:d5:a6:03:eb:e5:3e:dc:a7:21:05:77: 79:c1:74:72:61:f2:4c:3d:11:5f:9f:97:52:36:df: a5:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:60:80:B6:8E:91:E1:16:08:29:1D:3A:B2:46:0B:F0:7C:54:A1:3E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145391.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aab5::/32 Signature Algorithm: sha256WithRSAEncryption 71:d9:56:d6:88:b8:de:b7:b8:a3:60:54:80:74:20:27:c2:09: 34:c8:b5:ca:89:13:06:47:62:2f:c5:aa:c4:e9:54:3f:e5:74: 76:40:ab:70:f0:ba:19:95:f6:a6:97:96:02:ea:10:47:4a:3a: b3:0f:84:d7:af:32:cb:4b:55:53:f9:6f:c1:74:51:7d:f8:00: f3:f1:16:0b:cf:43:a9:52:cb:c6:47:d3:c6:b9:50:5c:51:d5: 12:ff:47:76:bb:d6:ea:79:dc:13:30:21:c5:9c:b0:15:ef:3a: 6e:8c:d4:a5:66:7c:5e:28:f2:99:86:7f:66:43:7e:00:9e:10: 79:b9:9e:0c:2e:21:6b:f4:4c:20:69:e6:2a:38:33:88:a6:a9: b9:01:c8:1a:8d:52:a4:f8:c5:94:1b:6c:21:2d:30:18:a9:d5: cc:9a:8d:85:7e:f9:ca:3a:b8:59:dd:75:69:93:e1:94:4f:82: 83:ff:fa:c9:d2:2f:3a:fe:94:a6:30:8b:5d:09:c0:de:b2:3f: 90:38:91:9d:37:0a:5d:bf:cf:b9:6b:91:96:ba:08:a6:60:2c: 76:08:35:5e:60:d6:4c:f7:83:79:70:b5:21:1d:09:b9:cd:a1: a1:dd:7b:4d:5a:87:88:55:0f:fd:f6:ef:2d:53:84:cc:92:cf: 62:14:e3:21 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSbL9IzdrXoQSK5xeqB3UBGJvtX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1NVoX DTI3MDMwMzA2MTk1NVowMzExMC8GA1UEAxMoNjQ2MDgwQjY4RTkxRTExNjA4Mjkx RDNBQjI0NjBCRjA3QzU0QTEzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANnwi4HgjwDvbYZlbZTk0K3D5J7KfOKHbATIPwGx+d8E0mOeB4JWM9QoI5uy mMKR5gwYhonvvF5KbglSxW8Sy0hwHfKDG5QDU64woi4bx4HuyFJjef00f+wE1/mo h+pEtHPz+sM8I+Ashr/ntrP3LSdkahIpvsaZpoe8BaZWYfyixFKi3S9id05Mf9ak Pt8NgbV3dQuEbjPHHz7SeexHFnpLasGZCus6AIihkGXkBB4CAohMSB3xcmho5rxN SrY9RlOmEwdH7V0rM8YgKl3+0FTuuYZ86Wzr465SdVj+T8YPv+PmF9WmA+vlPtyn IQV3ecF0cmHyTD0RX5+XUjbfpQcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRkYIC2 jpHhFggpHTqyRgvwfFShPjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qrUwDQYJKoZIhvcNAQELBQADggEBAHHZVtaIuN63uKNgVIB0ICfCCTTItcqJEwZH Yi/FqsTpVD/ldHZAq3DwuhmV9qaXlgLqEEdKOrMPhNevMstLVVP5b8F0UX34APPx FgvPQ6lSy8ZH08a5UFxR1RL/R3a71up53BMwIcWcsBXvOm6M1KVmfF4o8pmGf2ZD fgCeEHm5ngwuIWv0TCBp5io4M4imqbkByBqNUqT4xZQbbCEtMBip1cyajYV++co6 uFnddWmT4ZRPgoP/+snSLzr+lKYwi10JwN6yP5A4kZ03Cl2/z7lrkZa6CKZgLHYI NV5g1kz3g3lwtSEdCbnNoaHde01ah4hVD/327y1ThMySz2IU4yE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:48 2026 by rpki-client