$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145495.roa File: AS145495.roa (raw, json) Hash identifier: hrsX1izwx/oFy27FTHCsYRaRkGEVZkqtLa3+oGJQdjQ= Subject key identifier: 1C:4A:15:3D:AB:B4:DA:52:52:61:1F:55:CF:43:C4:B9:C7:90:4C:EF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7AE346EC98F31F4E70B46B5A0F42452CBAB628B8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145495.roa Signing time: Wed 04 Mar 2026 06:20:36 +0000 ROA not before: Wed 04 Mar 2026 06:15:36 +0000 ROA not after: Wed 03 Mar 2027 06:20:36 +0000 asID: 145495 IP address blocks: 240a:ab1d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:e3:46:ec:98:f3:1f:4e:70:b4:6b:5a:0f:42:45:2c:ba:b6:28:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:36 2026 GMT Not After : Mar 3 06:20:36 2027 GMT Subject: CN=1C4A153DABB4DA5252611F55CF43C4B9C7904CEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:17:e1:38:2c:50:c0:33:49:d7:27:65:5f:ce: 3b:35:cc:f2:38:a5:d9:69:51:15:31:02:fd:fb:e4: 94:2a:f1:56:76:5f:78:44:40:f1:d0:dd:a9:f1:20: 27:a9:55:ba:01:89:d6:de:ea:48:71:9b:b6:5e:35: 6a:12:ff:d1:a3:fa:a3:a8:30:5f:8b:1e:14:e7:80: d0:93:1e:67:af:a8:a1:c4:6b:11:c9:99:a6:cf:83: 91:f3:b9:c4:c6:86:b1:7d:48:e8:bf:60:a5:f6:da: 17:8e:7c:af:ac:b7:a2:ef:b7:25:70:30:09:51:83: 10:eb:9e:f1:4d:26:00:c0:17:82:33:fd:96:5b:18: 87:66:64:53:ec:6d:d4:a3:93:50:75:17:ef:e8:8e: d0:2e:5f:a2:35:a2:99:1a:36:73:0a:c6:c2:0f:ee: 69:e7:c9:63:b2:bd:a1:57:e9:c1:65:55:d1:e8:37: 9e:bf:d5:93:65:02:db:f8:63:08:43:c3:93:47:bb: 06:ef:b0:86:05:bc:c6:5d:91:b8:42:1e:7c:98:b3: 49:d2:55:07:ee:0c:16:5b:ea:d3:fd:d7:aa:78:db: d5:dd:25:e2:85:20:49:77:2a:4b:59:56:d9:24:a9: 4b:ee:e5:27:c9:67:e2:f4:88:aa:10:c8:c2:7f:e4: 36:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:4A:15:3D:AB:B4:DA:52:52:61:1F:55:CF:43:C4:B9:C7:90:4C:EF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145495.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab1d::/32 Signature Algorithm: sha256WithRSAEncryption 5d:b1:97:9f:91:33:e4:19:0e:df:08:c2:50:37:39:79:69:83: de:c0:bb:8d:0b:82:23:d4:f2:10:70:57:2a:f2:83:7a:b6:c1: 1f:0e:ae:a2:95:47:5e:b9:b9:33:b8:ac:4a:26:a2:d3:81:d0: 22:97:eb:5f:a7:1a:83:43:87:e9:f6:fb:60:c5:0a:b9:f3:9b: 89:1c:38:6e:62:cd:9c:b2:5c:e1:ac:9d:ae:9b:6c:b5:2d:f6: 9c:d4:b4:f8:b3:82:d8:a4:59:04:ba:32:b7:fe:73:e2:b1:76: b3:a5:35:20:b5:21:e5:47:da:8d:41:89:41:72:9b:72:1f:ff: 25:68:07:e3:1c:38:37:84:20:5e:77:93:e2:f8:02:4a:4b:99: 85:c6:d5:8c:89:53:53:36:ad:ed:58:90:b6:a8:84:ce:39:35: 91:46:9b:9c:40:df:a9:e1:c8:ad:5e:d7:c9:95:b1:dd:42:69: 6c:d4:98:41:eb:22:15:2f:ce:d2:e1:11:6f:74:76:41:56:e4: cb:73:ff:41:9e:05:40:25:1f:23:e5:c8:2f:98:4c:8d:3b:f3: 87:55:66:de:19:ca:b6:67:d2:0c:13:ec:02:c9:8e:8f:2a:10: 5b:47:df:13:58:46:13:78:e1:17:77:62:68:23:10:bb:04:ab: d1:9c:12:94 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeuNG7JjzH05wtGtaD0JFLLq2KLgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzNloX DTI3MDMwMzA2MjAzNlowMzExMC8GA1UEAxMoMUM0QTE1M0RBQkI0REE1MjUyNjEx RjU1Q0Y0M0M0QjlDNzkwNENFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAX4TgsUMAzSdcnZV/OOzXM8jil2WlRFTEC/fvklCrxVnZfeERA8dDdqfEg J6lVugGJ1t7qSHGbtl41ahL/0aP6o6gwX4seFOeA0JMeZ6+oocRrEcmZps+DkfO5 xMaGsX1I6L9gpfbaF458r6y3ou+3JXAwCVGDEOue8U0mAMAXgjP9llsYh2ZkU+xt 1KOTUHUX7+iO0C5fojWimRo2cwrGwg/uaefJY7K9oVfpwWVV0eg3nr/Vk2UC2/hj CEPDk0e7Bu+whgW8xl2RuEIefJizSdJVB+4MFlvq0/3Xqnjb1d0l4oUgSXcqS1lW 2SSpS+7lJ8ln4vSIqhDIwn/kNp8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQcShU9 q7TaUlJhH1XPQ8S5x5BM7zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQ5NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qx0wDQYJKoZIhvcNAQELBQADggEBAF2xl5+RM+QZDt8IwlA3OXlpg97Au40LgiPU 8hBwVyryg3q2wR8OrqKVR165uTO4rEomotOB0CKX61+nGoNDh+n2+2DFCrnzm4kc OG5izZyyXOGsna6bbLUt9pzUtPizgtikWQS6Mrf+c+KxdrOlNSC1IeVH2o1BiUFy m3If/yVoB+McODeEIF53k+L4AkpLmYXG1YyJU1M2re1YkLaohM45NZFGm5xA36nh yK1e18mVsd1CaWzUmEHrIhUvztLhEW90dkFW5Mtz/0GeBUAlHyPlyC+YTI0784dV Zt4ZyrZn0gwT7ALJjo8qEFtH3xNYRhN44Rd3YmgjELsEq9GcEpQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:07 2026 by rpki-client