$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145559.roa File: AS145559.roa (raw, json) Hash identifier: Bi2oGhjwZrOcz3Ok0xjx4E8CwYp1j6a8nNGqIHV9RCw= Subject key identifier: B3:B4:01:F3:E8:14:B2:21:4F:AA:F6:6A:73:09:EC:CB:81:97:A9:63 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0F17651028245EF686348B27697283D3BF434887 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145559.roa Signing time: Wed 04 Mar 2026 06:30:35 +0000 ROA not before: Wed 04 Mar 2026 06:25:35 +0000 ROA not after: Wed 03 Mar 2027 06:30:35 +0000 asID: 145559 IP address blocks: 240a:ab5d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:17:65:10:28:24:5e:f6:86:34:8b:27:69:72:83:d3:bf:43:48:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:35 2026 GMT Not After : Mar 3 06:30:35 2027 GMT Subject: CN=B3B401F3E814B2214FAAF66A7309ECCB8197A963 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:ca:a1:cd:9c:5a:3f:60:0f:1d:b4:a9:71:75: b2:34:36:0c:86:35:fa:23:be:61:59:cf:cf:2c:c5: e3:0d:35:3e:99:52:4a:d9:46:54:88:05:04:85:8b: d6:f9:a1:e5:68:51:b2:01:79:44:77:1f:57:f4:f2: fc:ac:d7:59:55:20:17:97:0c:a9:ef:9a:af:96:58: 31:26:75:60:66:4e:30:70:c7:26:84:e9:20:74:fd: 60:59:e8:e9:e5:bc:13:e1:2c:39:4b:59:15:b8:9a: bf:e6:4b:1a:dd:45:89:1a:2a:94:0b:ac:8b:8c:52: f1:77:1f:34:05:a9:10:03:30:f9:02:59:bb:2c:39: 2f:e0:4e:3c:e2:39:27:9c:eb:30:e3:de:91:2f:8f: 46:a9:eb:c3:14:87:ee:60:3f:14:30:26:fe:9c:94: 42:20:fb:22:76:24:b0:e9:fc:74:ea:3f:d0:9d:a6: ef:71:ed:6e:f6:61:dc:11:90:df:db:42:a9:f8:ea: b8:fb:52:f8:ba:4f:6f:c9:b6:c3:d0:e9:71:11:5a: 77:45:50:a6:86:fe:59:4e:9b:1d:d6:03:d7:43:ab: 59:0b:5f:7d:fa:bb:43:61:e3:b2:43:11:a9:e5:b0: a0:40:a2:c0:38:12:c7:23:6e:1b:3a:76:51:80:fb: 80:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:B4:01:F3:E8:14:B2:21:4F:AA:F6:6A:73:09:EC:CB:81:97:A9:63 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145559.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab5d::/32 Signature Algorithm: sha256WithRSAEncryption 75:a7:1a:d9:54:52:ae:0a:ef:4b:d6:39:55:b7:bf:fe:4b:43: 91:0a:29:97:9e:06:df:ae:ad:e6:9c:a4:85:fb:af:f3:20:92: eb:f5:21:37:82:4b:b0:5e:66:66:18:06:4f:12:fd:4a:5a:0b: ba:c6:cb:03:a5:13:57:51:65:b0:ff:66:e8:7a:25:16:b1:e9: f3:8c:26:0a:bf:66:65:6e:63:9c:b7:a0:c4:0c:1f:dd:8c:5d: c8:78:7c:12:fc:d3:ac:bf:57:02:53:07:81:e8:ca:d4:67:c3: 10:6d:92:c0:66:7d:24:ac:d6:b1:14:54:fd:a8:7a:d2:58:5a: 56:10:95:56:71:17:bb:1f:0b:d1:b4:f2:d7:d4:b4:47:8d:cb: 16:90:c8:40:70:83:fc:8d:bf:64:a8:87:9a:d0:b8:94:15:c3: 4b:87:9e:aa:71:d9:e3:f3:3e:4c:d3:45:62:b6:94:8b:9d:77: bf:c5:e9:31:23:40:27:f5:27:40:cf:06:df:a4:74:5e:1f:81: a6:87:4a:6b:61:d5:4e:20:cd:3c:61:fc:d0:9b:75:30:9e:af: fd:c7:e6:a5:d0:f9:bc:0f:32:a6:b7:be:74:47:a6:ce:e6:13: 5f:ed:39:b4:4a:89:e3:ad:a5:bc:84:a3:91:32:b4:91:19:73: e3:75:ae:7b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDxdlECgkXvaGNIsnaXKD079DSIcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzNVoX DTI3MDMwMzA2MzAzNVowMzExMC8GA1UEAxMoQjNCNDAxRjNFODE0QjIyMTRGQUFG NjZBNzMwOUVDQ0I4MTk3QTk2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAODKoc2cWj9gDx20qXF1sjQ2DIY1+iO+YVnPzyzF4w01PplSStlGVIgFBIWL 1vmh5WhRsgF5RHcfV/Ty/KzXWVUgF5cMqe+ar5ZYMSZ1YGZOMHDHJoTpIHT9YFno 6eW8E+EsOUtZFbiav+ZLGt1FiRoqlAusi4xS8XcfNAWpEAMw+QJZuyw5L+BOPOI5 J5zrMOPekS+PRqnrwxSH7mA/FDAm/pyUQiD7InYksOn8dOo/0J2m73HtbvZh3BGQ 39tCqfjquPtS+LpPb8m2w9DpcRFad0VQpob+WU6bHdYD10OrWQtfffq7Q2HjskMR qeWwoECiwDgSxyNuGzp2UYD7gGECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSztAHz 6BSyIU+q9mpzCezLgZepYzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q10wDQYJKoZIhvcNAQELBQADggEBAHWnGtlUUq4K70vWOVW3v/5LQ5EKKZeeBt+u reacpIX7r/Mgkuv1ITeCS7BeZmYYBk8S/UpaC7rGywOlE1dRZbD/Zuh6JRax6fOM Jgq/ZmVuY5y3oMQMH92MXch4fBL806y/VwJTB4HoytRnwxBtksBmfSSs1rEUVP2o etJYWlYQlVZxF7sfC9G08tfUtEeNyxaQyEBwg/yNv2Soh5rQuJQVw0uHnqpx2ePz PkzTRWK2lIudd7/F6TEjQCf1J0DPBt+kdF4fgaaHSmth1U4gzTxh/NCbdTCer/3H 5qXQ+bwPMqa3vnRHps7mE1/tObRKieOtpbyEo5EytJEZc+N1rns= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:34 2026 by rpki-client