$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145567.roa File: AS145567.roa (raw, json) Hash identifier: CZ12mnodiiCS3DQbmFMyxZfQ5nBQlNtgnA3HHSrYgcI= Subject key identifier: D5:91:B2:BE:F8:50:DE:EB:6B:6F:0A:97:54:79:1E:0A:05:7B:95:5D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 092B3F013556A91E586CF18E8AE5A15E58FC00EA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145567.roa Signing time: Wed 04 Mar 2026 06:30:53 +0000 ROA not before: Wed 04 Mar 2026 06:25:53 +0000 ROA not after: Wed 03 Mar 2027 06:30:53 +0000 asID: 145567 IP address blocks: 240a:ab65::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:2b:3f:01:35:56:a9:1e:58:6c:f1:8e:8a:e5:a1:5e:58:fc:00:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:53 2026 GMT Not After : Mar 3 06:30:53 2027 GMT Subject: CN=D591B2BEF850DEEB6B6F0A9754791E0A057B955D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:37:ad:d2:4d:b9:30:13:ce:62:48:92:46:2f: 7c:98:3c:e7:8c:36:6a:00:b7:41:43:df:a4:25:2f: c5:cd:47:75:cb:59:a8:33:83:3e:c9:a6:a3:19:3c: 08:d1:c8:88:97:0c:21:1a:56:33:33:4d:10:25:32: 04:be:79:cc:d7:6a:f3:91:f4:54:af:29:75:d4:23: a0:73:70:b7:b3:97:50:3d:28:1a:65:3b:58:21:29: 0e:25:94:21:98:06:35:68:0e:31:4f:60:55:11:e9: 2c:85:cf:9b:42:49:68:14:7d:8d:3a:42:70:44:6d: 06:da:e9:c8:98:18:63:44:7f:2e:76:c0:fc:a2:87: 8e:00:e3:f3:92:b4:78:f1:e0:56:0e:b1:01:e6:ff: af:5e:73:67:4e:b8:d7:cb:2b:fe:c7:88:f2:8b:12: 61:ab:e0:2f:0a:ce:31:71:6a:47:8c:95:d1:84:a5: 3a:5e:68:93:bf:63:02:28:1b:16:83:7d:c4:0e:c7: 55:bc:dc:36:63:23:dd:8f:c7:46:bc:4d:8d:71:16: dc:ac:7a:4b:87:f6:7f:01:17:12:75:79:dd:52:24: 9b:4b:cf:b7:b4:26:c4:36:c5:04:7f:61:a7:6b:34: 5f:c2:32:33:5c:74:9a:48:e7:34:9f:b2:3a:11:60: 17:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:91:B2:BE:F8:50:DE:EB:6B:6F:0A:97:54:79:1E:0A:05:7B:95:5D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145567.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab65::/32 Signature Algorithm: sha256WithRSAEncryption 8d:09:68:50:0b:6c:50:27:1e:bb:c7:8f:49:c9:3c:b1:34:04: 8c:e6:87:16:2b:1b:b2:79:cb:1d:21:21:e5:79:f3:59:2d:77: 94:3f:39:a7:a1:78:74:92:68:8a:7b:67:7e:eb:55:cf:1b:bc: 58:0e:54:c2:ca:bb:95:e7:20:e3:35:0f:3e:11:96:4d:e0:22: dd:b7:1e:be:5d:1e:1f:fa:19:83:3e:98:0a:e6:0c:69:b2:b8: eb:2f:bc:69:89:df:d0:d7:d0:d2:fd:74:f6:f0:19:06:0d:3f: b3:4b:48:03:77:36:4a:44:a3:93:3a:b1:3e:24:a0:03:7f:c9: c1:68:33:63:23:85:90:cd:1f:f3:3c:93:4a:24:4c:e5:bc:9f: 8e:69:f7:92:42:0f:e7:d2:3d:49:48:e0:29:a1:94:1f:b4:6c: 38:32:00:86:fa:3a:c8:fa:f8:db:64:d0:ad:2e:83:3a:b6:91: 03:fb:a5:47:34:44:f5:94:eb:61:60:6d:e6:c8:f3:4c:72:96: ee:8a:ac:ff:b2:e3:68:db:5e:72:66:4b:65:ee:79:d4:e6:11: 4f:34:e9:d6:62:03:88:e9:a5:c9:e0:f3:c8:c0:3b:79:1c:0c: 1e:36:76:c0:f7:11:31:01:9b:4e:b8:da:0c:71:33:0c:4c:5b: 4c:97:e5:f1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCSs/ATVWqR5YbPGOiuWhXlj8AOowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1M1oX DTI3MDMwMzA2MzA1M1owMzExMC8GA1UEAxMoRDU5MUIyQkVGODUwREVFQjZCNkYw QTk3NTQ3OTFFMEEwNTdCOTU1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMs3rdJNuTATzmJIkkYvfJg854w2agC3QUPfpCUvxc1HdctZqDODPsmmoxk8 CNHIiJcMIRpWMzNNECUyBL55zNdq85H0VK8pddQjoHNwt7OXUD0oGmU7WCEpDiWU IZgGNWgOMU9gVRHpLIXPm0JJaBR9jTpCcERtBtrpyJgYY0R/LnbA/KKHjgDj85K0 ePHgVg6xAeb/r15zZ06418sr/seI8osSYavgLwrOMXFqR4yV0YSlOl5ok79jAigb FoN9xA7HVbzcNmMj3Y/HRrxNjXEW3Kx6S4f2fwEXEnV53VIkm0vPt7QmxDbFBH9h p2s0X8IyM1x0mkjnNJ+yOhFgFxMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTVkbK+ +FDe62tvCpdUeR4KBXuVXTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q2UwDQYJKoZIhvcNAQELBQADggEBAI0JaFALbFAnHrvHj0nJPLE0BIzmhxYrG7J5 yx0hIeV581ktd5Q/OaeheHSSaIp7Z37rVc8bvFgOVMLKu5XnIOM1Dz4Rlk3gIt23 Hr5dHh/6GYM+mArmDGmyuOsvvGmJ39DX0NL9dPbwGQYNP7NLSAN3NkpEo5M6sT4k oAN/ycFoM2MjhZDNH/M8k0okTOW8n45p95JCD+fSPUlI4CmhlB+0bDgyAIb6Osj6 +Ntk0K0ugzq2kQP7pUc0RPWU62FgbebI80xylu6KrP+y42jbXnJmS2XuedTmEU80 6dZiA4jppcng88jAO3kcDB42dsD3ETEBm0642gxxMwxMW0yX5fE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:18 2026 by rpki-client