$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145528.roa File: AS145528.roa (raw, json) Hash identifier: J+fvFpUCb9aCiDW9BsraZG5QlU6GRY4cZnJrsFQY+LY= Subject key identifier: 81:15:11:8B:2B:FA:2C:CF:4B:90:81:73:82:1C:66:51:DA:7E:60:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4E42743E4D7172E55AFAC0632F107FC23D0BCC88 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145528.roa Signing time: Wed 04 Mar 2026 06:31:08 +0000 ROA not before: Wed 04 Mar 2026 06:26:08 +0000 ROA not after: Wed 03 Mar 2027 06:31:08 +0000 asID: 145528 IP address blocks: 240a:ab3e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:42:74:3e:4d:71:72:e5:5a:fa:c0:63:2f:10:7f:c2:3d:0b:cc:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:08 2026 GMT Not After : Mar 3 06:31:08 2027 GMT Subject: CN=8115118B2BFA2CCF4B908173821C6651DA7E60F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cb:4b:2e:42:f6:0a:f3:79:77:70:97:ef:95: e6:1f:6f:51:b0:39:e1:a6:fc:9f:a1:fb:2b:7f:79: cd:26:e0:de:25:22:5a:ac:e4:a2:bf:ff:43:6e:c1: fa:a2:d0:c5:c8:eb:fc:cc:a0:70:7c:8e:bc:83:06: 73:51:5e:8c:96:3f:e7:68:f2:ac:8a:1f:00:6a:45: eb:00:cc:ae:d6:37:c4:9b:87:11:25:17:70:3a:79: db:49:77:17:9a:db:f8:af:24:73:cd:95:46:31:96: c5:6d:6d:de:50:14:be:e8:16:71:87:c0:19:c6:4b: 56:be:36:40:05:8a:5a:dc:0d:28:d4:b7:6d:bc:fe: f1:53:89:87:ac:a1:fc:f0:23:1f:2b:77:39:af:71: b4:b1:dd:ce:dc:61:f9:d0:50:3c:ef:e9:f4:d7:2f: 80:09:8a:1e:78:20:fe:35:8e:d5:7b:86:2a:78:f0: 5e:ad:4b:35:d6:c3:db:52:b1:7d:91:f6:cf:42:15: db:03:93:10:4b:0f:d5:06:cf:4c:c9:b3:89:09:9e: 41:55:6b:72:09:1a:7a:b2:7f:20:85:f8:7c:79:12: 4b:14:7b:bc:1e:19:d3:a1:3a:b7:78:89:fe:ff:3a: 7f:3d:67:b5:e9:f0:00:1b:14:c7:a7:bf:b0:d5:9a: c9:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:15:11:8B:2B:FA:2C:CF:4B:90:81:73:82:1C:66:51:DA:7E:60:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145528.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab3e::/32 Signature Algorithm: sha256WithRSAEncryption 20:df:2e:01:fd:44:ff:93:a9:68:46:6a:40:b1:8f:70:6b:26: b9:b9:91:cc:11:1e:92:6f:1e:dc:a1:50:33:b3:88:c0:19:6b: 77:bb:a4:b6:f3:c0:7d:4e:54:e8:6e:d9:c6:53:be:d0:3f:46: 59:77:40:51:61:4b:03:73:84:19:f4:f4:97:88:b6:57:b7:ee: 71:b7:93:7b:a9:47:64:1e:1d:dc:20:dc:b6:e6:89:9c:02:36: 1f:93:f4:7f:e2:3a:f4:87:26:51:5c:fb:82:c2:24:8a:e0:b4: 51:a2:30:24:c3:c2:bd:78:dc:c1:c7:0c:5d:0b:2e:a4:21:a8: 44:95:c9:d6:9a:85:8b:0b:da:2f:35:3a:75:cc:d2:f4:81:e4: fc:91:2b:12:95:60:89:fb:25:08:61:52:27:78:29:54:e0:d0: de:8c:b1:4e:cc:45:38:db:dd:04:a7:eb:98:25:e8:4c:6f:b4: fe:dc:b2:7e:59:b4:70:f1:3a:79:ba:dc:aa:9b:54:4f:7a:d7: a4:ec:da:65:eb:2c:10:97:32:98:91:b4:b7:08:7a:38:31:42: f0:a2:d6:9b:1c:bc:7d:40:27:af:d1:af:60:dc:8c:00:1f:52: 6d:b8:7f:51:20:c0:aa:bd:4d:f1:15:7c:ad:a0:3a:75:ab:63: 5c:18:ff:57 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTkJ0Pk1xcuVa+sBjLxB/wj0LzIgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwOFoX DTI3MDMwMzA2MzEwOFowMzExMC8GA1UEAxMoODExNTExOEIyQkZBMkNDRjRCOTA4 MTczODIxQzY2NTFEQTdFNjBGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzLSy5C9grzeXdwl++V5h9vUbA54ab8n6H7K395zSbg3iUiWqzkor//Q27B +qLQxcjr/MygcHyOvIMGc1FejJY/52jyrIofAGpF6wDMrtY3xJuHESUXcDp520l3 F5rb+K8kc82VRjGWxW1t3lAUvugWcYfAGcZLVr42QAWKWtwNKNS3bbz+8VOJh6yh /PAjHyt3Oa9xtLHdztxh+dBQPO/p9NcvgAmKHngg/jWO1XuGKnjwXq1LNdbD21Kx fZH2z0IV2wOTEEsP1QbPTMmziQmeQVVrcgkaerJ/IIX4fHkSSxR7vB4Z06E6t3iJ /v86fz1ntenwABsUx6e/sNWaySsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSBFRGL K/osz0uQgXOCHGZR2n5g9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTUyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qz4wDQYJKoZIhvcNAQELBQADggEBACDfLgH9RP+TqWhGakCxj3BrJrm5kcwRHpJv HtyhUDOziMAZa3e7pLbzwH1OVOhu2cZTvtA/Rll3QFFhSwNzhBn09JeItle37nG3 k3upR2QeHdwg3LbmiZwCNh+T9H/iOvSHJlFc+4LCJIrgtFGiMCTDwr143MHHDF0L LqQhqESVydaahYsL2i81OnXM0vSB5PyRKxKVYIn7JQhhUid4KVTg0N6MsU7MRTjb 3QSn65gl6ExvtP7csn5ZtHDxOnm63KqbVE9616Ts2mXrLBCXMpiRtLcIejgxQvCi 1pscvH1AJ6/Rr2DcjAAfUm24f1EgwKq9TfEVfK2gOnWrY1wY/1c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:32 2026 by rpki-client