$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145591.roa File: AS145591.roa (raw, json) Hash identifier: 3zd8jb9NhFbiMSpqjG89Q+S8uVwhyiYSm0bzVIPNlnE= Subject key identifier: 31:AD:29:91:8E:C3:49:6B:9F:96:78:EC:A6:31:35:00:39:9C:27:0F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 605724059DDF3C2F39646310E295465803FE0072 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145591.roa Signing time: Wed 04 Mar 2026 06:30:51 +0000 ROA not before: Wed 04 Mar 2026 06:25:51 +0000 ROA not after: Wed 03 Mar 2027 06:30:51 +0000 asID: 145591 IP address blocks: 240a:ab7d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:57:24:05:9d:df:3c:2f:39:64:63:10:e2:95:46:58:03:fe:00:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:51 2026 GMT Not After : Mar 3 06:30:51 2027 GMT Subject: CN=31AD29918EC3496B9F9678ECA6313500399C270F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:51:85:72:0c:7c:ee:ea:00:86:41:86:3d:49: 8f:7e:56:5a:3d:74:76:59:82:4c:1b:41:5a:56:85: 2b:a8:5f:b9:f1:14:f5:d6:ee:40:d4:c3:06:1a:d2: 85:bd:0a:fb:a5:4e:ef:dd:61:10:da:37:8a:4a:95: ae:ce:cf:c6:55:bc:f5:9e:ac:76:f6:ea:f3:e6:d0: 1b:85:be:49:a9:f7:64:c3:dd:0a:85:84:c7:98:c1: 46:c4:93:52:e8:cb:e3:ea:8e:7e:f8:41:86:6b:1b: ec:eb:f7:e2:90:7d:d5:83:55:aa:f4:01:36:f7:4b: fb:8c:ad:57:69:fb:3d:8e:6a:e5:cf:af:51:97:2f: b5:03:d4:27:80:28:87:4e:b7:f5:97:f7:02:81:1f: 1c:6e:23:83:05:fa:12:c5:92:8e:6e:1c:5f:a4:9b: b2:fc:0f:2d:73:2f:02:21:ed:c0:d4:9a:1b:b1:f9: 4a:d0:c9:0e:c1:8b:5c:e9:49:5e:6b:f8:38:2f:03: 5f:12:52:1d:35:17:7b:68:60:19:24:4b:84:e8:9b: 00:c9:2f:5e:ef:c8:ec:0f:e0:28:73:53:39:d1:31: 8c:f5:73:7c:4d:69:f2:81:84:49:97:0a:5d:04:d6: 92:4e:94:57:cc:1f:6b:f1:2e:9e:f5:51:b6:aa:10: 98:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:AD:29:91:8E:C3:49:6B:9F:96:78:EC:A6:31:35:00:39:9C:27:0F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145591.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab7d::/32 Signature Algorithm: sha256WithRSAEncryption d9:9d:4d:88:fb:3f:f8:f0:fe:c1:43:e6:9a:42:ee:68:78:12: 35:0b:89:96:a2:da:c2:bd:e8:dd:a4:4d:45:2a:97:7f:93:92: 99:26:00:2b:dd:41:7d:1f:0b:5f:93:48:a3:82:71:a3:2a:11: f4:30:fc:56:03:a4:cd:46:b9:b5:2e:62:68:77:72:cc:80:bd: 7b:55:b8:90:45:0f:b4:f4:a9:b9:3d:9e:cd:d3:0d:52:b9:be: dc:fa:7e:93:d2:e1:e9:82:7c:48:f8:7e:ce:ab:70:26:84:6a: f6:56:1f:92:8a:e2:e0:45:79:ff:de:06:7e:a7:e0:69:db:2b: 2d:16:72:2c:5b:22:b7:59:bc:32:2a:a9:b4:a4:b7:e6:28:51: 5d:9d:63:87:81:cb:06:cd:a7:92:66:de:59:61:1f:49:0f:b7: d4:79:ac:bb:2e:61:f8:8a:72:e7:93:6d:51:ee:a1:a2:75:61: f0:5d:ab:29:1f:12:b0:1a:9e:d6:f3:3e:f8:ba:d7:5c:21:94: 07:41:39:ff:47:f5:aa:b6:94:f4:67:0e:d2:e3:ee:fe:45:0e: f3:42:82:f3:a1:28:e6:7a:8c:67:94:28:4c:5f:83:02:0e:05: d7:7d:94:c6:4d:64:7d:8d:f0:4e:e6:35:29:02:6c:0a:d0:8f: 2c:30:70:e9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYFckBZ3fPC85ZGMQ4pVGWAP+AHIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1MVoX DTI3MDMwMzA2MzA1MVowMzExMC8GA1UEAxMoMzFBRDI5OTE4RUMzNDk2QjlGOTY3 OEVDQTYzMTM1MDAzOTlDMjcwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALJRhXIMfO7qAIZBhj1Jj35WWj10dlmCTBtBWlaFK6hfufEU9dbuQNTDBhrS hb0K+6VO791hENo3ikqVrs7PxlW89Z6sdvbq8+bQG4W+San3ZMPdCoWEx5jBRsST UujL4+qOfvhBhmsb7Ov34pB91YNVqvQBNvdL+4ytV2n7PY5q5c+vUZcvtQPUJ4Ao h0639Zf3AoEfHG4jgwX6EsWSjm4cX6SbsvwPLXMvAiHtwNSaG7H5StDJDsGLXOlJ Xmv4OC8DXxJSHTUXe2hgGSRLhOibAMkvXu/I7A/gKHNTOdExjPVzfE1p8oGESZcK XQTWkk6UV8wfa/EunvVRtqoQmNMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQxrSmR jsNJa5+WeOymMTUAOZwnDzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q30wDQYJKoZIhvcNAQELBQADggEBANmdTYj7P/jw/sFD5ppC7mh4EjULiZai2sK9 6N2kTUUql3+TkpkmACvdQX0fC1+TSKOCcaMqEfQw/FYDpM1GubUuYmh3csyAvXtV uJBFD7T0qbk9ns3TDVK5vtz6fpPS4emCfEj4fs6rcCaEavZWH5KK4uBFef/eBn6n 4GnbKy0WcixbIrdZvDIqqbSkt+YoUV2dY4eBywbNp5Jm3llhH0kPt9R5rLsuYfiK cueTbVHuoaJ1YfBdqykfErAantbzPvi611whlAdBOf9H9aq2lPRnDtLj7v5FDvNC gvOhKOZ6jGeUKExfgwIOBdd9lMZNZH2N8E7mNSkCbArQjywwcOk= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:39 2026 by rpki-client