$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145488.roa File: AS145488.roa (raw, json) Hash identifier: 8z0dtojXq8E6a9dbIa7cwEJ7+3H4iLTABUYd+nGBkLo= Subject key identifier: 35:98:A3:46:B4:E9:B7:D9:98:FB:AE:04:EE:B0:01:FA:9E:AB:F5:A0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0595776CACE554B1F5E0F5FE9AD3F1BA4BBA6D02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145488.roa Signing time: Wed 04 Mar 2026 06:21:55 +0000 ROA not before: Wed 04 Mar 2026 06:16:55 +0000 ROA not after: Wed 03 Mar 2027 06:21:55 +0000 asID: 145488 IP address blocks: 240a:ab16::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:95:77:6c:ac:e5:54:b1:f5:e0:f5:fe:9a:d3:f1:ba:4b:ba:6d:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:55 2026 GMT Not After : Mar 3 06:21:55 2027 GMT Subject: CN=3598A346B4E9B7D998FBAE04EEB001FA9EABF5A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:48:d1:12:5c:02:d3:a1:94:b0:da:12:44:8a: 44:0a:72:bb:e2:b7:dc:bc:2f:75:f3:de:ed:ee:40: ee:55:8a:cd:7d:5b:4a:e0:ac:e0:26:49:33:e7:02: 04:ad:8f:d2:85:b5:1c:37:af:fb:e8:df:47:fb:b2: 49:35:49:a0:f8:c1:45:ab:11:82:c8:9d:3e:e5:7c: 77:d4:c1:9e:07:a6:a6:ee:3e:e0:53:ac:d7:09:ce: c1:8d:2d:ae:89:95:45:b8:ca:65:b9:a8:29:52:c3: 22:23:48:da:33:e6:5a:d3:80:a1:7b:a1:fc:5b:dd: 0c:df:df:6d:48:23:ee:67:dd:80:47:1c:34:82:41: 8d:cf:44:cb:10:02:b9:89:eb:9c:ca:c5:22:0e:f8: 9b:a7:2c:5d:12:df:72:1f:43:e6:dd:65:90:17:32: 89:62:3a:b6:2a:f8:92:f7:26:a3:63:de:c4:3f:4d: 3b:ff:8b:dd:5b:ce:a9:bc:c7:6a:fe:73:0d:37:3e: e9:84:a6:27:8f:9d:9f:36:16:b8:38:63:8d:56:f9: 4a:c0:5c:ca:3d:b8:f6:23:2d:8c:77:92:91:ee:7c: c6:16:f3:9f:7d:f6:6b:d5:ef:a5:78:1b:1a:14:58: 67:70:8f:c1:d8:54:d0:30:00:1e:e4:ec:47:63:45: 9f:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:98:A3:46:B4:E9:B7:D9:98:FB:AE:04:EE:B0:01:FA:9E:AB:F5:A0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145488.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab16::/32 Signature Algorithm: sha256WithRSAEncryption cb:62:ad:7f:a7:a9:62:9c:4c:88:7e:09:e0:e6:49:88:b9:e6: 90:6a:cb:d8:61:e8:8d:e2:74:c2:0f:24:27:8e:a7:56:0c:74: ce:98:93:fd:5b:ae:2b:c9:d1:a1:eb:34:54:1a:90:ad:db:bf: c2:a1:a4:41:02:d6:1e:10:f0:33:01:d1:b7:f2:9e:85:42:2b: e6:be:f2:a9:8e:47:cb:f5:bd:c8:37:3f:a9:05:a4:44:e4:63: 3c:c4:07:e1:ce:ea:e8:26:b7:98:4f:c5:32:bd:4f:10:0e:6e: ac:ee:87:90:15:7c:df:45:2a:26:36:0a:8e:5f:14:3b:bc:62: 89:b2:ab:97:a3:af:ff:a1:de:51:76:68:23:7f:43:78:b1:ea: 81:f7:b4:f2:0f:01:2f:bf:a0:48:a1:67:e1:76:16:7c:7e:2e: 36:6d:b5:49:84:03:b2:d7:eb:5e:0a:a1:a5:bf:69:3d:b0:24: 2b:48:0c:42:d1:0f:d7:8c:13:94:8a:9d:19:a6:df:d7:25:d1: 54:7f:9a:6e:a6:7e:5d:3c:98:52:50:b6:6b:47:84:41:0f:b2: cd:d6:31:66:45:36:50:3e:78:c9:b7:d3:40:be:05:a6:ff:46: d8:31:40:51:00:08:c5:cb:eb:69:fb:d9:12:a8:7a:3f:10:29: a7:0d:7d:0c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBZV3bKzlVLH14PX+mtPxuku6bQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTY1NVoX DTI3MDMwMzA2MjE1NVowMzExMC8GA1UEAxMoMzU5OEEzNDZCNEU5QjdEOTk4RkJB RTA0RUVCMDAxRkE5RUFCRjVBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPRI0RJcAtOhlLDaEkSKRApyu+K33LwvdfPe7e5A7lWKzX1bSuCs4CZJM+cC BK2P0oW1HDev++jfR/uySTVJoPjBRasRgsidPuV8d9TBngempu4+4FOs1wnOwY0t romVRbjKZbmoKVLDIiNI2jPmWtOAoXuh/FvdDN/fbUgj7mfdgEccNIJBjc9EyxAC uYnrnMrFIg74m6csXRLfch9D5t1lkBcyiWI6tir4kvcmo2PexD9NO/+L3VvOqbzH av5zDTc+6YSmJ4+dnzYWuDhjjVb5SsBcyj249iMtjHeSke58xhbzn332a9XvpXgb GhRYZ3CPwdhU0DAAHuTsR2NFnzUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1mKNG tOm32Zj7rgTusAH6nqv1oDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qxYwDQYJKoZIhvcNAQELBQADggEBAMtirX+nqWKcTIh+CeDmSYi55pBqy9hh6I3i dMIPJCeOp1YMdM6Yk/1brivJ0aHrNFQakK3bv8KhpEEC1h4Q8DMB0bfynoVCK+a+ 8qmOR8v1vcg3P6kFpETkYzzEB+HO6ugmt5hPxTK9TxAObqzuh5AVfN9FKiY2Co5f FDu8Yomyq5ejr/+h3lF2aCN/Q3ix6oH3tPIPAS+/oEihZ+F2Fnx+LjZttUmEA7LX 614KoaW/aT2wJCtIDELRD9eME5SKnRmm39cl0VR/mm6mfl08mFJQtmtHhEEPss3W MWZFNlA+eMm300C+Bab/RtgxQFEACMXL62n72RKoej8QKacNfQw= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:35 2026 by rpki-client