$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145589.roa File: AS145589.roa (raw, json) Hash identifier: FRjV/Du9++C9QPsSE5bufKmFxxpxTX95S8XJ+Yu0Yys= Subject key identifier: 83:5E:4F:B5:08:1B:09:6B:EF:53:0A:6F:1F:71:B6:92:4D:E4:8C:B8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 48661932D2CC86EC6E3AF17BD730DD08E3D32D32 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145589.roa Signing time: Wed 04 Mar 2026 06:29:36 +0000 ROA not before: Wed 04 Mar 2026 06:24:36 +0000 ROA not after: Wed 03 Mar 2027 06:29:36 +0000 asID: 145589 IP address blocks: 240a:ab7b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:66:19:32:d2:cc:86:ec:6e:3a:f1:7b:d7:30:dd:08:e3:d3:2d:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:36 2026 GMT Not After : Mar 3 06:29:36 2027 GMT Subject: CN=835E4FB5081B096BEF530A6F1F71B6924DE48CB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:18:ec:52:d6:38:65:e2:02:1c:bd:fe:48:eb: c9:ae:13:e0:7c:42:bc:3b:d7:72:10:0d:28:1b:9c: 4d:15:01:19:c7:72:b8:e2:9a:42:bb:0b:f8:34:59: 67:c2:f5:0a:3f:fb:b2:32:b4:09:23:a9:16:a0:7d: c4:93:14:83:70:00:8a:37:43:87:30:e7:e4:c6:bb: 70:8a:05:4a:94:b5:d4:2c:49:93:26:bc:0e:c1:24: da:69:28:75:76:db:11:a2:56:66:28:79:d8:a0:d6: c3:da:1a:c5:fc:ff:1b:d2:0e:11:15:6a:49:9b:32: b4:c3:3e:45:dc:d8:b2:fa:a8:e2:12:18:3b:0f:64: 57:48:dc:cc:49:07:44:c8:27:e1:20:53:c6:59:a4: 6d:af:75:f7:a4:55:49:70:79:15:3d:2b:f6:6e:03: d6:28:e0:48:98:fe:43:6e:76:25:5e:3f:b0:49:da: 53:02:97:73:f4:bc:17:0f:9a:a0:0d:2b:9c:d6:73: 78:05:bf:3e:ae:ec:8c:2d:53:97:e9:66:93:80:d4: 44:0d:c7:f7:7d:91:fa:c0:e0:38:b6:82:63:0f:ab: 2a:94:3b:10:74:9f:8d:80:5c:d5:ee:cc:c7:9b:93: 56:94:c1:ac:11:10:8a:e0:45:86:18:50:b2:1e:bd: bc:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:5E:4F:B5:08:1B:09:6B:EF:53:0A:6F:1F:71:B6:92:4D:E4:8C:B8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145589.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab7b::/32 Signature Algorithm: sha256WithRSAEncryption a8:85:f8:c2:6b:18:1e:32:1b:9a:e3:a0:37:f2:b1:4c:04:fe: 8a:4f:e5:ee:76:bf:53:c2:83:a5:83:45:82:e3:9c:07:9e:db: 8c:4d:45:3a:2b:bc:6b:af:3f:e9:24:b2:7f:80:9f:a4:62:1d: 5a:bd:a2:35:57:c7:ab:8e:2a:4a:6b:c9:4d:81:b1:ac:77:e7: 06:ac:ff:b8:ab:77:aa:dc:7c:2d:0e:41:2e:fd:08:bc:96:66: d4:f0:de:ce:1d:87:66:59:5d:cf:09:c6:e0:99:85:e8:35:00: 38:b3:ea:66:d9:01:a9:43:4b:68:ce:25:2e:1d:3a:3a:88:db: 52:28:31:85:a7:3d:55:29:82:3c:33:d4:b3:f8:1e:ca:f1:4d: 62:1d:a5:5d:0e:cb:f2:12:53:1a:a9:d1:30:9e:59:5f:1e:c8: 8a:32:fe:e5:b7:d8:80:8b:86:29:a8:1f:13:26:ce:57:cf:84: a5:7e:b9:a8:9b:3a:2d:56:bd:7b:ac:da:e7:74:da:92:ec:2a: a8:9f:d0:a4:df:77:3d:97:74:3c:76:10:ed:56:c9:88:6e:45: 18:6e:3d:42:9b:0d:5a:1f:ee:34:7f:e8:a5:35:ee:98:09:bd: 21:90:59:58:43:c8:ab:86:88:b9:e5:3e:80:7c:d1:5d:79:f9: 67:4f:d5:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSGYZMtLMhuxuOvF71zDdCOPTLTIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzNloX DTI3MDMwMzA2MjkzNlowMzExMC8GA1UEAxMoODM1RTRGQjUwODFCMDk2QkVGNTMw QTZGMUY3MUI2OTI0REU0OENCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0Y7FLWOGXiAhy9/kjrya4T4HxCvDvXchANKBucTRUBGcdyuOKaQrsL+DRZ Z8L1Cj/7sjK0CSOpFqB9xJMUg3AAijdDhzDn5Ma7cIoFSpS11CxJkya8DsEk2mko dXbbEaJWZih52KDWw9oaxfz/G9IOERVqSZsytMM+RdzYsvqo4hIYOw9kV0jczEkH RMgn4SBTxlmkba9196RVSXB5FT0r9m4D1ijgSJj+Q252JV4/sEnaUwKXc/S8Fw+a oA0rnNZzeAW/Pq7sjC1Tl+lmk4DURA3H932R+sDgOLaCYw+rKpQ7EHSfjYBc1e7M x5uTVpTBrBEQiuBFhhhQsh69vKUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSDXk+1 CBsJa+9TCm8fcbaSTeSMuDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q3swDQYJKoZIhvcNAQELBQADggEBAKiF+MJrGB4yG5rjoDfysUwE/opP5e52v1PC g6WDRYLjnAee24xNRTorvGuvP+kksn+An6RiHVq9ojVXx6uOKkpryU2Bsax35was /7ird6rcfC0OQS79CLyWZtTw3s4dh2ZZXc8JxuCZheg1ADiz6mbZAalDS2jOJS4d OjqI21IoMYWnPVUpgjwz1LP4HsrxTWIdpV0Oy/ISUxqp0TCeWV8eyIoy/uW32ICL himoHxMmzlfPhKV+uaibOi1WvXus2ud02pLsKqif0KTfdz2XdDx2EO1WyYhuRRhu PUKbDVof7jR/6KU17pgJvSGQWVhDyKuGiLnlPoB80V15+WdP1TI= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:05 2026 by rpki-client