$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145520.roa File: AS145520.roa (raw, json) Hash identifier: UtvjTRByciwy9pluN2MT+slaeA0ial/PCfgpZ9Xfqzs= Subject key identifier: D3:41:97:95:58:2A:5F:8A:FB:3E:AE:84:29:82:12:E8:D2:F1:8E:92 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 68A477E6CB83043ABA340C5357FC4A134D20AD6A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145520.roa Signing time: Wed 04 Mar 2026 06:31:03 +0000 ROA not before: Wed 04 Mar 2026 06:26:03 +0000 ROA not after: Wed 03 Mar 2027 06:31:03 +0000 asID: 145520 IP address blocks: 240a:ab36::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:a4:77:e6:cb:83:04:3a:ba:34:0c:53:57:fc:4a:13:4d:20:ad:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:03 2026 GMT Not After : Mar 3 06:31:03 2027 GMT Subject: CN=D3419795582A5F8AFB3EAE84298212E8D2F18E92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:3d:52:dc:54:d7:59:c6:af:bb:be:04:95:de: a7:ab:d3:f8:67:69:06:41:a0:f6:ce:b9:53:c5:56: 67:75:3a:25:99:9b:ec:23:e7:47:95:6d:bc:e0:59: 6d:96:65:e6:e1:32:73:bc:d1:72:b3:91:fa:de:59: 3e:7b:54:35:8e:dd:3e:1f:33:1d:61:db:06:cc:6e: 03:e5:09:e0:d8:79:42:8f:7b:11:7c:af:de:59:f9: cb:1f:b9:bb:67:a8:49:13:0c:a2:1a:d0:68:e1:4f: 67:65:9e:47:cf:8e:4e:3a:94:87:9b:95:43:96:97: 3d:68:0a:7b:ec:43:36:cd:b3:28:8e:5c:b0:cd:53: 8c:60:72:f2:33:ca:20:0c:6b:35:4f:25:e4:91:f7: 3e:97:33:32:31:46:7c:ba:03:aa:8f:77:5a:e5:43: c4:00:00:2b:3c:67:94:b6:df:1f:fb:08:a2:37:fb: 28:34:3a:be:88:f0:a8:2f:30:8c:44:2c:85:62:64: 78:6f:51:09:10:24:6d:c2:55:4f:db:74:07:d4:b7: bb:c7:ed:56:10:8c:67:7b:74:10:0b:0b:fd:d6:32: c2:a2:8d:57:86:f3:f6:69:61:4c:0a:42:d3:73:05: e1:3c:04:bf:71:c7:4e:a8:e5:5c:e8:b1:59:71:29: 95:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:41:97:95:58:2A:5F:8A:FB:3E:AE:84:29:82:12:E8:D2:F1:8E:92 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145520.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab36::/32 Signature Algorithm: sha256WithRSAEncryption 26:7a:f8:0b:9e:16:08:50:0b:1c:25:73:86:25:4b:b2:57:4c: a7:71:4f:92:7f:c1:5a:90:e0:b6:8b:77:55:b5:03:84:cd:4d: 4c:f5:58:15:76:70:3f:a2:a4:d6:b7:3d:52:10:dd:5e:92:8c: 53:69:17:82:82:29:ae:98:8a:86:64:42:05:70:2e:ad:62:69: d7:3e:c7:6a:ba:44:f7:ec:98:49:09:3c:1d:a0:86:10:f4:e6: 60:98:54:23:6a:33:c0:02:4e:2b:20:0f:ff:ac:f9:fa:38:f8: 68:f0:8d:f0:32:ed:a7:72:17:90:04:96:9e:6a:99:0f:51:69: 6d:8c:8b:bb:cb:dc:90:b0:71:a0:6a:3d:69:f2:af:9e:35:c9: 1a:d3:1b:a8:74:72:af:d9:43:7d:a4:fe:43:1a:4e:e4:4e:33: dd:e0:f4:85:a5:7c:6d:79:dd:82:83:fe:5e:8d:09:b4:0b:db: 5d:b1:75:f9:24:a6:be:69:c8:05:8f:42:1b:bc:7f:44:5f:2b: 79:0b:06:cd:8e:3a:4a:57:6a:09:96:1f:58:26:0f:42:c1:33: 38:df:47:2b:3e:96:bb:09:30:fb:b0:d3:ff:69:03:f4:e1:b7: 3f:01:90:af:6c:bb:6e:13:f6:36:9b:76:c4:82:bc:e9:79:76: 1c:3b:40:bc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaKR35suDBDq6NAxTV/xKE00grWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwM1oX DTI3MDMwMzA2MzEwM1owMzExMC8GA1UEAxMoRDM0MTk3OTU1ODJBNUY4QUZCM0VB RTg0Mjk4MjEyRThEMkYxOEU5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAME9UtxU11nGr7u+BJXep6vT+GdpBkGg9s65U8VWZ3U6JZmb7CPnR5VtvOBZ bZZl5uEyc7zRcrOR+t5ZPntUNY7dPh8zHWHbBsxuA+UJ4Nh5Qo97EXyv3ln5yx+5 u2eoSRMMohrQaOFPZ2WeR8+OTjqUh5uVQ5aXPWgKe+xDNs2zKI5csM1TjGBy8jPK IAxrNU8l5JH3PpczMjFGfLoDqo93WuVDxAAAKzxnlLbfH/sIojf7KDQ6vojwqC8w jEQshWJkeG9RCRAkbcJVT9t0B9S3u8ftVhCMZ3t0EAsL/dYywqKNV4bz9mlhTApC 03MF4TwEv3HHTqjlXOixWXEplaECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTTQZeV WCpfivs+roQpghLo0vGOkjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTUyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qzYwDQYJKoZIhvcNAQELBQADggEBACZ6+AueFghQCxwlc4YlS7JXTKdxT5J/wVqQ 4LaLd1W1A4TNTUz1WBV2cD+ipNa3PVIQ3V6SjFNpF4KCKa6YioZkQgVwLq1iadc+ x2q6RPfsmEkJPB2ghhD05mCYVCNqM8ACTisgD/+s+fo4+GjwjfAy7adyF5AElp5q mQ9RaW2Mi7vL3JCwcaBqPWnyr541yRrTG6h0cq/ZQ32k/kMaTuROM93g9IWlfG15 3YKD/l6NCbQL212xdfkkpr5pyAWPQhu8f0RfK3kLBs2OOkpXagmWH1gmD0LBMzjf Rys+lrsJMPuw0/9pA/Thtz8BkK9su24T9jabdsSCvOl5dhw7QLw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:45 2026 by rpki-client