$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145501.roa File: AS145501.roa (raw, json) Hash identifier: eHxwLCQ8gVZOPveoNjlFzuI6iack9U0UA7Pv8z0nhXc= Subject key identifier: 99:F9:47:DA:E2:6B:17:18:25:C4:0C:71:B6:57:21:FF:A8:D0:C3:B9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 402F2F6E8CF4BEE73712313ECC15C28EC8DAD17B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145501.roa Signing time: Wed 04 Mar 2026 06:20:38 +0000 ROA not before: Wed 04 Mar 2026 06:15:38 +0000 ROA not after: Wed 03 Mar 2027 06:20:38 +0000 asID: 145501 IP address blocks: 240a:ab23::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:2f:2f:6e:8c:f4:be:e7:37:12:31:3e:cc:15:c2:8e:c8:da:d1:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:38 2026 GMT Not After : Mar 3 06:20:38 2027 GMT Subject: CN=99F947DAE26B171825C40C71B65721FFA8D0C3B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:6d:1f:4d:ab:f5:c2:07:30:ba:14:f1:03:e6: a5:64:9c:39:f5:f2:a3:b8:80:02:2f:10:e3:25:f2: 0c:8b:1a:4e:86:84:40:70:76:33:2c:a2:ca:87:50: 78:50:a6:9c:44:a4:5e:8e:2c:95:4b:4d:aa:32:88: dd:93:71:63:1f:5f:72:47:8a:86:92:d6:4f:3f:e0: 46:bf:c4:e7:4d:96:44:37:b6:a5:52:13:e1:c2:62: c1:fb:a0:af:3a:54:42:19:5e:c6:f8:fa:ad:e7:43: 09:97:d5:1d:9d:56:29:23:0a:e5:ca:e9:84:60:cd: 59:6e:5a:e1:72:86:34:c9:ac:b3:e5:98:83:ca:a3: 38:ec:bd:c6:13:f2:c2:17:a3:4e:5d:61:80:c3:96: 8b:c3:e0:6d:d3:fb:64:a5:82:34:6d:5a:4e:fc:39: d8:f4:4d:e3:56:8d:99:12:97:54:b7:9e:c6:74:57: 7a:c4:f0:27:ae:f9:c2:e1:7a:8a:ef:da:c4:d8:dc: b4:48:23:93:6d:9a:92:60:19:e7:d4:dc:eb:05:c9: d5:74:40:ad:c2:c9:5a:d2:88:e7:8a:96:ed:88:9f: 3d:32:db:1e:71:3c:45:35:5e:a2:2b:20:61:66:60: d3:bc:93:12:29:e2:6c:40:5f:0a:47:7c:ac:61:6e: 5c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:F9:47:DA:E2:6B:17:18:25:C4:0C:71:B6:57:21:FF:A8:D0:C3:B9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145501.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab23::/32 Signature Algorithm: sha256WithRSAEncryption 21:99:bf:84:9d:22:62:ab:83:02:00:25:3b:b7:21:f4:65:c3: 76:02:35:8e:ef:6d:a4:ce:7e:5a:19:c4:9a:35:8d:d7:9e:4a: 3b:17:b0:50:3f:e0:a1:c4:93:6a:bd:ed:a7:cd:fe:b2:f4:62: 4d:1b:b2:8e:7a:da:e9:29:b2:48:52:69:a5:50:1f:a5:45:f0: 8e:59:1e:1d:fa:c3:d2:6e:b8:af:4b:54:c7:32:a3:4a:43:d7: 8a:6b:78:0a:d0:4a:de:5a:0c:7b:8a:a4:6a:70:ce:42:ae:66: a2:41:1c:60:ba:6c:20:85:86:78:27:f7:43:5a:07:ab:ea:dc: 96:97:db:15:8b:65:33:a3:fc:7f:f7:9a:ab:82:e7:6c:cb:e6: 6c:37:6c:10:73:78:dd:a7:bc:9c:5a:6a:b9:cd:fc:73:6f:e8: 75:59:35:7d:66:65:2a:98:ef:36:70:97:b2:21:4c:35:1b:3a: 59:0e:f0:95:96:8c:40:a6:3b:a2:3b:b5:81:dd:aa:3f:65:3b: a7:a1:0b:53:bc:60:1f:80:aa:1e:31:9b:3c:4c:dd:db:c0:f8: ae:13:ae:59:34:09:d8:06:0b:ae:ba:0c:2b:9d:f0:69:6b:4d: b4:32:41:ee:a1:b8:6b:f6:53:7f:74:2e:40:c8:7b:fb:8d:d0: b0:c0:3b:b6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQC8vboz0vuc3EjE+zBXCjsja0XswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUzOFoX DTI3MDMwMzA2MjAzOFowMzExMC8GA1UEAxMoOTlGOTQ3REFFMjZCMTcxODI1QzQw QzcxQjY1NzIxRkZBOEQwQzNCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJptH02r9cIHMLoU8QPmpWScOfXyo7iAAi8Q4yXyDIsaToaEQHB2MyyiyodQ eFCmnESkXo4slUtNqjKI3ZNxYx9fckeKhpLWTz/gRr/E502WRDe2pVIT4cJiwfug rzpUQhlexvj6redDCZfVHZ1WKSMK5crphGDNWW5a4XKGNMmss+WYg8qjOOy9xhPy whejTl1hgMOWi8PgbdP7ZKWCNG1aTvw52PRN41aNmRKXVLeexnRXesTwJ675wuF6 iu/axNjctEgjk22akmAZ59Tc6wXJ1XRArcLJWtKI54qW7YifPTLbHnE8RTVeoisg YWZg07yTEinibEBfCkd8rGFuXJsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSZ+Ufa 4msXGCXEDHG2VyH/qNDDuTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTUwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qyMwDQYJKoZIhvcNAQELBQADggEBACGZv4SdImKrgwIAJTu3IfRlw3YCNY7vbaTO floZxJo1jdeeSjsXsFA/4KHEk2q97afN/rL0Yk0bso562ukpskhSaaVQH6VF8I5Z Hh36w9JuuK9LVMcyo0pD14preArQSt5aDHuKpGpwzkKuZqJBHGC6bCCFhngn90Na B6vq3JaX2xWLZTOj/H/3mquC52zL5mw3bBBzeN2nvJxaarnN/HNv6HVZNX1mZSqY 7zZwl7IhTDUbOlkO8JWWjECmO6I7tYHdqj9lO6ehC1O8YB+Aqh4xmzxM3dvA+K4T rlk0CdgGC666DCud8GlrTbQyQe6huGv2U390LkDIe/uN0LDAO7Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:43 2026 by rpki-client