$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145561.roa File: AS145561.roa (raw, json) Hash identifier: gqRMSPiQVM8Aeof2jSFuMjVu4clb2Q2H0V2qWw4Rjuo= Subject key identifier: FA:0E:B0:D0:CD:D7:D9:92:36:73:F5:75:43:0A:3E:C1:9D:C9:FC:05 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5CBC6C4494B05C3C6C76EC0EA6027CF8E61C966F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145561.roa Signing time: Wed 04 Mar 2026 06:31:01 +0000 ROA not before: Wed 04 Mar 2026 06:26:01 +0000 ROA not after: Wed 03 Mar 2027 06:31:01 +0000 asID: 145561 IP address blocks: 240a:ab5f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:bc:6c:44:94:b0:5c:3c:6c:76:ec:0e:a6:02:7c:f8:e6:1c:96:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:01 2026 GMT Not After : Mar 3 06:31:01 2027 GMT Subject: CN=FA0EB0D0CDD7D9923673F575430A3EC19DC9FC05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f1:14:64:15:35:e1:d4:e7:f0:ab:02:4d:63: 33:7f:73:58:4c:ba:69:c5:ab:5a:54:f3:ac:18:4a: 5d:21:d0:ae:ca:45:ea:d8:ce:e8:85:9f:df:64:52: 0c:6d:25:f1:c6:f6:94:27:dd:89:23:da:de:db:b1: 7f:2e:81:d3:25:22:e6:89:27:76:8f:de:9f:f9:f3: 00:9f:7f:42:0e:95:a3:f0:63:62:e5:9d:d1:f4:20: 4e:fc:c9:ec:41:ac:33:22:e0:1c:e9:25:8d:bb:67: 80:76:86:9b:f4:53:da:ab:b4:85:1b:49:c1:c2:18: 5f:66:e5:51:d9:e8:d2:9e:c5:98:8b:f3:4e:9c:40: 1c:0c:ef:08:9f:59:00:11:93:dc:f6:b9:4e:ee:8b: 93:4b:7a:af:58:54:61:12:c5:de:aa:f0:ff:fe:04: 91:a9:2c:a7:a1:f5:cd:eb:66:49:fa:16:7a:a6:03: 1b:cb:43:3c:c7:de:95:a3:1f:70:ea:58:85:f7:9e: 7d:a1:0b:8e:d7:0d:e6:db:2e:0c:36:7c:6f:70:69: 1f:3a:55:d6:82:73:4c:b6:e0:05:64:fd:7d:21:40: a3:ca:79:1d:ed:85:3b:82:04:30:20:4a:93:d2:9a: a2:c1:a5:19:9d:cb:15:fd:8f:82:23:bc:12:73:1b: 46:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:0E:B0:D0:CD:D7:D9:92:36:73:F5:75:43:0A:3E:C1:9D:C9:FC:05 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145561.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab5f::/32 Signature Algorithm: sha256WithRSAEncryption 8d:2e:4d:c9:47:7f:f9:b0:46:de:71:8f:31:6e:6d:3a:7c:19: c4:9b:8f:29:1d:d8:6f:9e:4e:ac:a9:c0:eb:40:13:6f:0f:2e: e9:34:cf:84:03:1a:a6:18:1d:4c:e9:54:f1:cc:ed:95:9b:d2: 9e:18:de:ef:0f:20:8e:67:05:46:67:f0:31:ac:0a:75:f5:53: 5c:23:f6:fb:28:37:b4:19:a4:8c:82:49:12:e1:63:72:c5:61: c4:6c:0e:2f:d8:2c:f3:13:a2:8d:1b:b4:8c:8c:50:b2:46:e7: ed:e7:b6:58:86:e8:ed:59:a9:e0:3a:d6:d2:dc:f1:5a:17:46: 65:50:4e:c1:72:44:7e:92:7f:80:8b:c3:36:a2:7c:05:a1:51: 94:1a:fa:95:28:d3:2c:7d:38:a9:f4:81:9c:75:1f:99:28:46: 8a:c4:82:ef:3e:16:64:bb:38:75:fa:0b:45:bd:81:40:46:1b: 3b:cb:7d:12:5e:8b:1d:70:bd:0c:4d:8f:e5:f2:66:71:07:54: 64:e8:b2:6d:6a:76:11:49:e7:1c:5f:23:5e:b1:81:b2:ef:22: 0d:10:2b:5c:b3:6d:80:cc:a6:51:74:3a:0a:77:cc:b0:be:8c: 8c:12:9f:63:95:d3:e0:33:99:a5:9d:fa:1c:6a:55:69:5b:38: ee:ca:a6:50 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXLxsRJSwXDxsduwOpgJ8+OYclm8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwMVoX DTI3MDMwMzA2MzEwMVowMzExMC8GA1UEAxMoRkEwRUIwRDBDREQ3RDk5MjM2NzNG NTc1NDMwQTNFQzE5REM5RkMwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnxFGQVNeHU5/CrAk1jM39zWEy6acWrWlTzrBhKXSHQrspF6tjO6IWf32RS DG0l8cb2lCfdiSPa3tuxfy6B0yUi5okndo/en/nzAJ9/Qg6Vo/BjYuWd0fQgTvzJ 7EGsMyLgHOkljbtngHaGm/RT2qu0hRtJwcIYX2blUdno0p7FmIvzTpxAHAzvCJ9Z ABGT3Pa5Tu6Lk0t6r1hUYRLF3qrw//4Ekaksp6H1zetmSfoWeqYDG8tDPMfelaMf cOpYhfeefaELjtcN5tsuDDZ8b3BpHzpV1oJzTLbgBWT9fSFAo8p5He2FO4IEMCBK k9KaosGlGZ3LFf2PgiO8EnMbRtsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT6DrDQ zdfZkjZz9XVDCj7Bncn8BTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q18wDQYJKoZIhvcNAQELBQADggEBAI0uTclHf/mwRt5xjzFubTp8GcSbjykd2G+e TqypwOtAE28PLuk0z4QDGqYYHUzpVPHM7ZWb0p4Y3u8PII5nBUZn8DGsCnX1U1wj 9vsoN7QZpIyCSRLhY3LFYcRsDi/YLPMToo0btIyMULJG5+3ntliG6O1ZqeA61tLc 8VoXRmVQTsFyRH6Sf4CLwzaifAWhUZQa+pUo0yx9OKn0gZx1H5koRorEgu8+FmS7 OHX6C0W9gUBGGzvLfRJeix1wvQxNj+XyZnEHVGTosm1qdhFJ5xxfI16xgbLvIg0Q K1yzbYDMplF0Ogp3zLC+jIwSn2OV0+AzmaWd+hxqVWlbOO7KplA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:03 2026 by rpki-client