$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145532.roa File: AS145532.roa (raw, json) Hash identifier: /QfR9x8GdjYPRsBfSNZFnbmE4PTXdVyCaDTwd7ubYgs= Subject key identifier: 6A:40:6C:0D:C9:FA:B1:41:A7:8B:91:8E:24:B2:79:B4:22:6C:C7:54 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 31CBD242CF81B87547988B4BADEECFC7EA58076D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145532.roa Signing time: Wed 04 Mar 2026 06:30:33 +0000 ROA not before: Wed 04 Mar 2026 06:25:33 +0000 ROA not after: Wed 03 Mar 2027 06:30:33 +0000 asID: 145532 IP address blocks: 240a:ab42::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:cb:d2:42:cf:81:b8:75:47:98:8b:4b:ad:ee:cf:c7:ea:58:07:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:33 2026 GMT Not After : Mar 3 06:30:33 2027 GMT Subject: CN=6A406C0DC9FAB141A78B918E24B279B4226CC754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ff:5e:f5:77:73:f7:64:86:1b:4b:33:29:fb: a0:fc:18:a4:49:18:40:6c:a3:82:eb:f6:26:9b:e3: 2a:c3:f7:21:92:96:ce:6f:9c:99:a4:2d:ad:a0:57: 50:a2:c6:fe:7f:9b:ca:b8:47:38:c4:8b:5e:98:6e: 73:41:bf:02:91:b6:0e:f9:f2:59:01:52:1c:65:55: d7:24:67:db:fa:b6:a9:ab:48:41:ef:74:0e:bb:ea: 6b:f3:34:20:d6:59:fb:00:5c:1a:d0:3e:02:f5:ba: 15:28:cd:49:43:bc:a9:c8:e1:cd:94:a0:50:5b:9c: fd:cc:ab:af:6c:b1:07:50:aa:f5:c1:bf:9b:94:45: f8:06:d7:9c:58:64:b0:0d:43:60:c1:d6:79:56:55: 52:75:13:02:d4:24:01:65:e5:c4:7f:86:e9:61:6d: f8:96:df:4e:7c:04:01:11:d3:c3:aa:c0:84:4f:34: 55:66:de:e9:d5:41:41:5d:a7:e1:1b:fc:c5:a9:30: c1:77:ca:c2:6e:68:14:9d:50:66:4b:7b:6f:ff:d6: e0:29:04:1f:bd:39:d8:2d:a9:e0:b8:d9:40:f8:90: 4f:df:e7:2e:76:c0:9f:7c:30:25:59:c2:7e:10:9b: b0:22:e4:69:b2:21:99:60:25:ea:25:0f:aa:6e:53: 5f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:40:6C:0D:C9:FA:B1:41:A7:8B:91:8E:24:B2:79:B4:22:6C:C7:54 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab42::/32 Signature Algorithm: sha256WithRSAEncryption 1b:1f:73:88:5b:1f:fc:fd:5c:d5:69:a7:73:4a:5c:3a:29:16: 11:a3:27:3d:8f:78:6d:58:c3:07:cb:a1:dd:ce:69:d3:20:4a: e1:a1:3e:72:56:33:48:c7:cc:da:1a:dc:27:87:30:e9:e3:27: ae:83:01:d4:4d:f0:94:0e:50:ab:32:50:04:0f:ee:50:ec:c4: 96:0a:2a:53:bd:4b:48:84:4a:58:79:0f:50:a6:82:cb:b8:d7: 18:07:5d:c8:04:d2:0e:e2:aa:11:f5:17:67:06:1e:00:44:a8: 30:bd:df:57:e1:50:3f:2a:ca:fe:1b:94:a5:a1:a8:ad:f2:70: 7d:c8:71:eb:5d:7e:1c:bc:18:c7:84:d9:ee:3e:7f:8b:4c:9f: 55:c6:a6:ba:59:69:22:02:1f:e9:81:fa:69:6b:de:cc:71:1c: d1:94:9c:d4:e2:59:1c:40:74:90:06:92:c4:f7:81:8a:7c:61: 77:9c:a2:01:bf:a6:4d:8a:49:45:6c:db:b5:1c:cf:59:2a:5d: 1b:e9:8d:d5:16:0c:7a:d6:55:18:e5:4d:3e:39:62:b9:76:6e: 2c:6f:50:ee:64:bd:cb:d2:8e:35:3a:53:1c:c0:b8:3f:3b:31: 93:6a:29:cd:36:90:97:f1:b2:35:29:5f:67:01:97:1c:3d:67: 27:50:15:d3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMcvSQs+BuHVHmItLre7Px+pYB20wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzM1oX DTI3MDMwMzA2MzAzM1owMzExMC8GA1UEAxMoNkE0MDZDMERDOUZBQjE0MUE3OEI5 MThFMjRCMjc5QjQyMjZDQzc1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANr/XvV3c/dkhhtLMyn7oPwYpEkYQGyjguv2JpvjKsP3IZKWzm+cmaQtraBX UKLG/n+byrhHOMSLXphuc0G/ApG2DvnyWQFSHGVV1yRn2/q2qatIQe90Drvqa/M0 INZZ+wBcGtA+AvW6FSjNSUO8qcjhzZSgUFuc/cyrr2yxB1Cq9cG/m5RF+AbXnFhk sA1DYMHWeVZVUnUTAtQkAWXlxH+G6WFt+JbfTnwEARHTw6rAhE80VWbe6dVBQV2n 4Rv8xakwwXfKwm5oFJ1QZkt7b//W4CkEH7052C2p4LjZQPiQT9/nLnbAn3wwJVnC fhCbsCLkabIhmWAl6iUPqm5TX8MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRqQGwN yfqxQaeLkY4ksnm0ImzHVDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTUzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q0IwDQYJKoZIhvcNAQELBQADggEBABsfc4hbH/z9XNVpp3NKXDopFhGjJz2PeG1Y wwfLod3OadMgSuGhPnJWM0jHzNoa3CeHMOnjJ66DAdRN8JQOUKsyUAQP7lDsxJYK KlO9S0iESlh5D1Cmgsu41xgHXcgE0g7iqhH1F2cGHgBEqDC931fhUD8qyv4blKWh qK3ycH3Icetdfhy8GMeE2e4+f4tMn1XGprpZaSICH+mB+mlr3sxxHNGUnNTiWRxA dJAGksT3gYp8YXecogG/pk2KSUVs27Ucz1kqXRvpjdUWDHrWVRjlTT45Yrl2bixv UO5kvcvSjjU6UxzAuD87MZNqKc02kJfxsjUpX2cBlxw9ZydQFdM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:28 2026 by rpki-client