$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145590.roa File: AS145590.roa (raw, json) Hash identifier: kg5PZKp5eAYmH5GKA75IwkOCyyHVIxukGEtdPW8C/gU= Subject key identifier: DD:17:DB:5F:E9:52:EC:90:F3:5C:EC:E7:6B:22:BC:FF:F8:31:11:A7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5C355F39B12EA1FD5791F1E2B0A9B507C77E00D0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145590.roa Signing time: Wed 04 Mar 2026 06:30:17 +0000 ROA not before: Wed 04 Mar 2026 06:25:17 +0000 ROA not after: Wed 03 Mar 2027 06:30:17 +0000 asID: 145590 IP address blocks: 240a:ab7c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:35:5f:39:b1:2e:a1:fd:57:91:f1:e2:b0:a9:b5:07:c7:7e:00:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:17 2026 GMT Not After : Mar 3 06:30:17 2027 GMT Subject: CN=DD17DB5FE952EC90F35CECE76B22BCFFF83111A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:28:d5:2f:06:7e:96:e7:36:2d:d4:27:55:46: 3e:e1:f7:b9:4f:04:fc:b9:49:a9:8b:1e:93:02:95: c4:dc:2d:c5:91:8e:8a:ed:00:08:58:13:45:f7:ae: 4c:3d:6f:10:2a:25:68:f2:9c:0d:54:ca:b8:ee:5c: 69:1e:63:bf:b0:b2:85:b8:69:89:04:c3:66:95:74: 1d:f8:cd:d8:59:7c:a3:93:f4:de:6d:ce:20:ee:da: 44:61:42:87:9a:ba:37:7b:56:71:72:a4:e2:37:48: 59:68:0f:ab:e2:d4:fa:08:96:95:55:82:ba:84:1d: 5e:da:6d:fb:74:fe:83:56:fd:e6:e7:cb:68:37:68: 9e:7d:1c:1f:6d:e5:ea:be:f9:a8:5d:87:ff:d4:37: 7f:29:2d:fd:5b:2a:3e:7c:b5:b0:97:27:22:4b:e7: a8:ca:8c:c1:41:02:6b:45:13:e9:0f:98:2d:55:8c: 28:a8:b2:db:f3:15:07:b8:92:77:b8:4e:51:e2:7c: 61:98:2e:f4:65:c7:03:c2:68:81:e9:d5:4e:4c:c9: 2e:a1:aa:b7:e8:9b:02:f6:ea:ef:0a:71:15:0d:62: c7:f4:a4:90:7a:cd:f5:32:fb:70:a0:f5:25:cd:a2: 2e:53:1f:b1:6b:f1:0d:71:4b:42:c1:ef:e6:fd:bf: a1:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:17:DB:5F:E9:52:EC:90:F3:5C:EC:E7:6B:22:BC:FF:F8:31:11:A7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145590.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab7c::/32 Signature Algorithm: sha256WithRSAEncryption 5b:e0:15:0e:d7:5a:04:bf:cc:93:ae:2c:a7:6b:06:d6:64:bd: 8c:31:04:07:ff:c1:4b:ea:d9:4d:cd:7a:4f:d7:87:01:c2:18: ea:1e:a8:05:99:86:22:0c:70:5a:fa:5c:0d:5d:9b:ff:8d:c0: e7:a6:ca:de:75:f9:ef:93:d6:f0:65:d9:5d:05:6e:02:6e:b5: 44:e4:c6:b8:4c:e4:6a:59:47:f1:70:3d:49:d6:3d:25:6f:d1: b9:5a:77:34:d2:08:e2:3c:e4:43:3a:9a:55:c0:50:f5:8d:b3: 33:f6:0e:46:16:97:8c:1b:0b:f1:1a:f3:76:4a:38:a8:90:3c: 9b:76:86:3b:fb:ad:36:b5:33:23:35:9b:e5:9a:8b:17:e3:f7: 1b:c3:f1:77:a1:39:7a:69:40:b5:3d:56:bc:c4:63:ae:c7:dd: f0:e0:6a:cd:bd:a0:43:e2:0e:f7:26:6e:78:61:8f:16:d7:74: 97:7c:28:1d:7d:a7:f9:23:cc:3c:93:99:6e:59:5e:6f:27:d2: 7a:50:65:fd:aa:da:d4:3e:38:2a:ab:77:59:4d:54:61:59:e0: 1d:89:6b:08:f0:59:96:03:61:85:ff:75:0a:06:c4:dd:3b:f2: 1a:a8:8d:4e:e5:60:3d:c1:bd:58:5a:9b:a0:7c:88:5a:81:2f: 01:83:40:68 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXDVfObEuof1XkfHisKm1B8d+ANAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxN1oX DTI3MDMwMzA2MzAxN1owMzExMC8GA1UEAxMoREQxN0RCNUZFOTUyRUM5MEYzNUNF Q0U3NkIyMkJDRkZGODMxMTFBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ0o1S8GfpbnNi3UJ1VGPuH3uU8E/LlJqYsekwKVxNwtxZGOiu0ACFgTRfeu TD1vEColaPKcDVTKuO5caR5jv7CyhbhpiQTDZpV0HfjN2Fl8o5P03m3OIO7aRGFC h5q6N3tWcXKk4jdIWWgPq+LU+giWlVWCuoQdXtpt+3T+g1b95ufLaDdonn0cH23l 6r75qF2H/9Q3fykt/VsqPny1sJcnIkvnqMqMwUECa0UT6Q+YLVWMKKiy2/MVB7iS d7hOUeJ8YZgu9GXHA8JogenVTkzJLqGqt+ibAvbq7wpxFQ1ix/SkkHrN9TL7cKD1 Jc2iLlMfsWvxDXFLQsHv5v2/oWMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTdF9tf 6VLskPNc7OdrIrz/+DERpzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU5MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q3wwDQYJKoZIhvcNAQELBQADggEBAFvgFQ7XWgS/zJOuLKdrBtZkvYwxBAf/wUvq 2U3Nek/XhwHCGOoeqAWZhiIMcFr6XA1dm/+NwOemyt51+e+T1vBl2V0FbgJutUTk xrhM5GpZR/FwPUnWPSVv0bladzTSCOI85EM6mlXAUPWNszP2DkYWl4wbC/Ea83ZK OKiQPJt2hjv7rTa1MyM1m+Waixfj9xvD8XehOXppQLU9VrzEY67H3fDgas29oEPi DvcmbnhhjxbXdJd8KB19p/kjzDyTmW5ZXm8n0npQZf2q2tQ+OCqrd1lNVGFZ4B2J awjwWZYDYYX/dQoGxN078hqojU7lYD3BvVham6B8iFqBLwGDQGg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:24 2026 by rpki-client