$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145542.roa File: AS145542.roa (raw, json) Hash identifier: en/NXLKse7iuaBAYmzBrX45vF2eKczItU0hdaDaqF4g= Subject key identifier: ED:48:CA:AE:51:48:80:D4:E0:0C:1E:93:EA:B0:49:95:E6:F6:51:4E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 24B876B0F4F774761E08B10B4BCE785FD59A8E1B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145542.roa Signing time: Wed 04 Mar 2026 06:31:01 +0000 ROA not before: Wed 04 Mar 2026 06:26:01 +0000 ROA not after: Wed 03 Mar 2027 06:31:01 +0000 asID: 145542 IP address blocks: 240a:ab4c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:b8:76:b0:f4:f7:74:76:1e:08:b1:0b:4b:ce:78:5f:d5:9a:8e:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:01 2026 GMT Not After : Mar 3 06:31:01 2027 GMT Subject: CN=ED48CAAE514880D4E00C1E93EAB04995E6F6514E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f9:be:de:a2:a4:70:73:06:66:2d:4e:f1:12: 7f:5f:a9:e4:83:1b:db:38:cd:a2:c3:e5:e1:42:1c: a2:4b:4e:b8:0a:32:14:03:3c:09:01:bc:ad:10:73: f7:94:48:9c:76:de:6b:b0:56:a0:9e:f1:b3:04:5f: ab:f7:f5:34:29:33:ec:a9:25:1f:45:8c:33:c8:30: b5:3f:25:a1:bd:d3:07:35:8f:66:c5:81:ec:2f:ea: e7:2c:81:5f:15:81:5c:7f:8c:f9:a7:4f:e2:9d:3f: eb:0a:1e:67:37:a1:27:57:1f:90:fd:c7:a7:f0:48: 00:d1:8d:70:fb:bb:0e:86:a3:f6:7e:15:76:8b:91: 82:65:a8:72:cd:57:b3:27:fe:88:ff:0d:c8:60:a3: f4:69:87:d0:aa:d6:c6:0f:0b:c3:10:bd:6d:d6:b1: b4:a7:69:1a:70:36:90:fd:85:58:a9:51:c7:20:ee: ef:59:0c:e9:c5:94:9d:7c:a2:84:7a:41:ad:f8:91: 97:7e:9d:ba:6b:24:61:34:23:5c:98:bb:41:13:db: 61:92:33:88:bd:6e:67:92:d7:90:a8:e5:aa:92:79: 3d:4f:5b:a0:c4:b3:d4:b1:82:86:1d:51:df:02:12: d6:0f:82:78:bf:2b:f4:cb:c7:6c:89:04:31:45:1b: ad:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:48:CA:AE:51:48:80:D4:E0:0C:1E:93:EA:B0:49:95:E6:F6:51:4E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145542.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab4c::/32 Signature Algorithm: sha256WithRSAEncryption 09:7b:fa:8a:21:c9:fe:d9:c1:01:05:d2:25:87:c8:77:1e:9f: 2d:16:4f:70:36:46:53:bc:78:1c:5e:7e:62:08:1b:1b:37:9b: a2:29:b6:b2:79:65:22:12:42:88:3d:dc:a4:6c:6b:f8:18:cf: 36:2e:4c:4f:f0:e0:6c:38:26:1a:f6:6f:b5:fb:f3:b2:87:9b: 7b:6c:b3:31:d7:63:c9:5a:41:42:98:de:e3:56:df:3e:3f:9f: fe:28:fa:d4:1d:b8:16:42:7b:05:aa:55:55:4e:94:80:0b:d8: dc:94:2a:9d:94:9b:91:a5:7a:57:0d:86:d8:a8:75:44:10:26: 03:47:60:5c:c2:9c:8b:51:fe:d8:2a:eb:1b:73:f8:19:b7:08: 57:56:07:8c:28:53:fc:d1:d9:ec:02:87:31:4e:9b:0c:92:46: 33:18:48:8d:3f:60:d6:28:9d:9d:56:46:1b:5e:43:f2:cf:54: e1:52:d1:e7:29:87:14:a7:0d:28:85:07:61:09:75:66:45:6f: bf:3d:8a:cb:d8:8f:99:36:ec:ec:96:06:e6:41:8d:5b:06:ce: 1f:23:01:12:5c:aa:1b:54:f5:01:16:64:e6:c6:3d:f3:f6:12: b4:0d:3b:b7:e1:a3:9e:49:4f:2e:80:63:f6:91:32:a4:9f:c5: 71:d0:f6:40 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJLh2sPT3dHYeCLELS854X9WajhswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwMVoX DTI3MDMwMzA2MzEwMVowMzExMC8GA1UEAxMoRUQ0OENBQUU1MTQ4ODBENEUwMEMx RTkzRUFCMDQ5OTVFNkY2NTE0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK75vt6ipHBzBmYtTvESf1+p5IMb2zjNosPl4UIcoktOuAoyFAM8CQG8rRBz 95RInHbea7BWoJ7xswRfq/f1NCkz7KklH0WMM8gwtT8lob3TBzWPZsWB7C/q5yyB XxWBXH+M+adP4p0/6woeZzehJ1cfkP3Hp/BIANGNcPu7Doaj9n4VdouRgmWocs1X syf+iP8NyGCj9GmH0KrWxg8LwxC9bdaxtKdpGnA2kP2FWKlRxyDu71kM6cWUnXyi hHpBrfiRl36dumskYTQjXJi7QRPbYZIziL1uZ5LXkKjlqpJ5PU9boMSz1LGChh1R 3wIS1g+CeL8r9MvHbIkEMUUbrRsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTtSMqu UUiA1OAMHpPqsEmV5vZRTjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q0wwDQYJKoZIhvcNAQELBQADggEBAAl7+oohyf7ZwQEF0iWHyHceny0WT3A2RlO8 eBxefmIIGxs3m6IptrJ5ZSISQog93KRsa/gYzzYuTE/w4Gw4Jhr2b7X787KHm3ts szHXY8laQUKY3uNW3z4/n/4o+tQduBZCewWqVVVOlIAL2NyUKp2Um5GlelcNhtio dUQQJgNHYFzCnItR/tgq6xtz+Bm3CFdWB4woU/zR2ewChzFOmwySRjMYSI0/YNYo nZ1WRhteQ/LPVOFS0ecphxSnDSiFB2EJdWZFb789isvYj5k27OyWBuZBjVsGzh8j ARJcqhtU9QEWZObGPfP2ErQNO7fho55JTy6AY/aRMqSfxXHQ9kA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:51 2026 by rpki-client