$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145398.roa File: AS145398.roa (raw, json) Hash identifier: byFLpq15vZk74Tdz4Q9j8SMfoSDgE0G2tNak1W806Y4= Subject key identifier: BA:14:9E:F8:BE:03:55:18:DE:E2:70:63:81:EB:5F:B5:E7:29:86:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1098EBA3EE9F2F948336545E7CF1E91C4452BA26 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145398.roa Signing time: Wed 04 Mar 2026 06:20:56 +0000 ROA not before: Wed 04 Mar 2026 06:15:56 +0000 ROA not after: Wed 03 Mar 2027 06:20:56 +0000 asID: 145398 IP address blocks: 240a:aabc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:98:eb:a3:ee:9f:2f:94:83:36:54:5e:7c:f1:e9:1c:44:52:ba:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:56 2026 GMT Not After : Mar 3 06:20:56 2027 GMT Subject: CN=BA149EF8BE035518DEE2706381EB5FB5E7298683 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:bd:04:9f:22:59:97:ec:e0:d6:6c:7f:a3:59: 94:b4:fa:4a:2c:4f:77:01:e8:7b:dd:04:4b:8b:7d: ae:72:45:e9:09:46:7a:d3:2a:50:48:3d:b2:79:63: 8e:ae:fb:9e:92:70:74:56:11:5e:ea:56:cf:ec:d5: 77:3d:9a:fd:1d:47:fe:fe:91:ab:9a:b9:9b:18:5f: 54:ba:96:30:c0:8a:2b:29:d7:88:a3:72:1b:39:79: 08:59:03:1c:96:22:c0:fa:26:f1:79:fa:5e:14:fd: e6:66:39:3c:c9:22:e7:a7:d9:4b:79:6b:b3:3c:4d: 9e:33:6d:a6:4a:ab:02:56:d4:e1:19:56:72:b8:b4: db:0c:bb:21:c7:be:ac:f7:db:e1:5f:e1:c8:50:b1: 6c:f5:94:09:ca:39:67:c0:8c:fa:fb:0e:fd:d6:ae: 1a:d7:e1:d7:cf:90:fb:5e:8c:10:b5:6a:9c:83:c3: f3:c8:e3:da:c5:9e:f6:05:58:45:c0:6e:6a:9b:a0: a2:94:25:23:ee:4e:83:f4:f9:04:49:d2:82:41:07: e8:e9:bb:e3:93:29:ad:6f:a8:09:82:43:70:e3:03: 23:81:27:de:83:63:bf:84:fb:2b:aa:7f:80:f1:41: 12:b4:dc:b2:81:7d:d3:1f:29:80:f3:a0:11:b8:04: 79:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:14:9E:F8:BE:03:55:18:DE:E2:70:63:81:EB:5F:B5:E7:29:86:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145398.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aabc::/32 Signature Algorithm: sha256WithRSAEncryption 5a:1a:19:7d:5b:8f:86:d5:38:d5:49:74:7c:a0:6d:7c:3b:99: dd:36:22:d4:43:9a:00:2b:36:da:a4:82:c7:de:cd:2b:7e:b7: 49:63:4d:7e:d0:bf:21:69:ea:85:cf:97:7b:57:80:97:2c:aa: bf:9f:00:0f:50:5e:5d:cd:81:dd:28:83:d6:fb:ed:6d:7f:64: 33:24:07:a2:0d:34:7e:26:3b:43:a5:c6:39:76:f6:c1:ae:34: 17:83:ad:e9:32:69:ca:5f:e5:8b:15:63:9b:d6:e2:23:9c:7c: 19:69:fc:44:48:00:68:30:88:fa:01:11:63:27:7a:5d:d2:3a: 34:af:62:b2:f9:c6:3f:7b:9c:db:e5:0c:4b:41:00:96:a5:91: ad:3d:e5:bc:06:25:ec:75:b9:6d:4c:e0:11:e9:f6:38:24:c5: 39:10:e0:63:06:a5:ae:c4:d4:eb:97:9f:b4:6e:d6:d9:74:ec: 99:e9:19:e8:68:7d:ca:10:97:5f:93:d1:3d:b8:15:9f:3f:85: 33:6c:06:c5:7c:c9:fc:02:1d:2d:35:c1:22:84:95:27:1b:df: c3:e4:fd:e2:c8:e9:55:30:1d:3d:f0:a2:e9:14:41:52:17:fb: 12:f8:8e:4e:e6:46:69:6b:ae:3f:36:98:fb:bb:b3:66:68:db: 83:fc:e5:38 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEJjro+6fL5SDNlRefPHpHERSuiYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1NloX DTI3MDMwMzA2MjA1NlowMzExMC8GA1UEAxMoQkExNDlFRjhCRTAzNTUxOERFRTI3 MDYzODFFQjVGQjVFNzI5ODY4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJi9BJ8iWZfs4NZsf6NZlLT6SixPdwHoe90ES4t9rnJF6QlGetMqUEg9snlj jq77npJwdFYRXupWz+zVdz2a/R1H/v6Rq5q5mxhfVLqWMMCKKynXiKNyGzl5CFkD HJYiwPom8Xn6XhT95mY5PMki56fZS3lrszxNnjNtpkqrAlbU4RlWcri02wy7Ice+ rPfb4V/hyFCxbPWUCco5Z8CM+vsO/dauGtfh18+Q+16MELVqnIPD88jj2sWe9gVY RcBuapugopQlI+5Og/T5BEnSgkEH6Om745MprW+oCYJDcOMDI4En3oNjv4T7K6p/ gPFBErTcsoF90x8pgPOgEbgEecMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS6FJ74 vgNVGN7icGOB61+15ymGgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTM5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qrwwDQYJKoZIhvcNAQELBQADggEBAFoaGX1bj4bVONVJdHygbXw7md02ItRDmgAr NtqkgsfezSt+t0ljTX7QvyFp6oXPl3tXgJcsqr+fAA9QXl3Ngd0og9b77W1/ZDMk B6INNH4mO0Olxjl29sGuNBeDrekyacpf5YsVY5vW4iOcfBlp/ERIAGgwiPoBEWMn el3SOjSvYrL5xj97nNvlDEtBAJalka095bwGJex1uW1M4BHp9jgkxTkQ4GMGpa7E 1OuXn7Ru1tl07JnpGehofcoQl1+T0T24FZ8/hTNsBsV8yfwCHS01wSKElScb38Pk /eLI6VUwHT3woukUQVIX+xL4jk7mRmlrrj82mPu7s2Zo24P85Tg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:08 2026 by rpki-client