$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145597.roa File: AS145597.roa (raw, json) Hash identifier: JTyGFBkgpNboJ93EsEVenHtv6stI7SrMZYIaM/+ir5Y= Subject key identifier: 20:8E:3E:3E:82:19:7C:0D:4A:65:41:B0:31:D1:15:F1:63:0A:16:52 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 07E687C44133C177788A0872DECE8B7F54023FF8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145597.roa Signing time: Wed 04 Mar 2026 06:30:47 +0000 ROA not before: Wed 04 Mar 2026 06:25:47 +0000 ROA not after: Wed 03 Mar 2027 06:30:47 +0000 asID: 145597 IP address blocks: 240a:ab83::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:e6:87:c4:41:33:c1:77:78:8a:08:72:de:ce:8b:7f:54:02:3f:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:47 2026 GMT Not After : Mar 3 06:30:47 2027 GMT Subject: CN=208E3E3E82197C0D4A6541B031D115F1630A1652 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:11:ee:10:4f:b4:aa:19:fd:79:eb:3c:d6:37: 0c:45:89:35:53:86:82:8c:c7:13:c1:f3:95:2c:a0: dd:39:4e:a8:2d:c5:8c:e0:69:2a:21:96:5d:96:c7: df:01:90:cd:5b:77:ce:ec:5c:29:ff:49:63:5c:77: 60:4e:28:c7:b9:af:e9:e1:b1:ea:15:79:c6:8f:77: 90:dd:48:18:4d:d8:39:4b:41:cc:ba:59:d4:b0:ef: ea:cd:82:3f:98:9a:23:d1:56:2a:07:67:f4:bf:fe: 8d:53:74:10:62:a1:20:32:f4:72:40:11:74:f4:d5: ed:c9:7f:9f:dd:23:14:c0:dd:6c:91:42:22:de:af: e6:c2:75:56:b5:bc:34:7a:bc:b5:f6:d9:91:9d:ae: dc:36:81:01:31:c5:df:b5:9a:95:f3:2a:db:e0:4e: e1:60:5b:dd:ed:a0:58:06:c2:68:2f:f5:f5:c8:22: d3:ca:20:0f:d4:b1:38:7a:a6:36:3e:88:69:eb:4d: 74:20:d3:52:48:87:f3:24:87:7a:8f:fb:96:70:56: 7d:fa:3a:2b:73:98:52:52:af:53:1b:d1:fb:84:70: 63:7b:5c:e4:74:95:f5:ed:f9:0c:aa:ff:57:c6:03: 95:10:1a:6e:9f:1c:11:cd:8a:01:77:aa:54:25:5c: fd:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:8E:3E:3E:82:19:7C:0D:4A:65:41:B0:31:D1:15:F1:63:0A:16:52 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145597.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab83::/32 Signature Algorithm: sha256WithRSAEncryption 90:12:7d:13:56:f2:3b:0b:3b:69:e0:0f:8c:f1:d7:2a:f1:ad: 24:7e:26:d0:af:28:f4:2a:53:33:cd:62:70:cb:33:5d:c6:60: cb:cf:5d:8c:e6:69:c8:0f:cb:b7:45:c3:03:f1:af:6d:fe:14: 07:fc:a3:8f:37:7a:10:a4:59:9c:38:9f:3f:fe:b5:f0:82:bf: ea:9f:eb:57:4f:49:28:6f:0c:00:b4:31:d3:cc:d6:03:75:19: 13:b4:3a:df:2b:71:9c:05:78:ea:df:06:a6:03:87:71:d7:5b: de:5d:fc:f4:89:b6:11:94:ee:6f:3c:3f:5f:36:f9:c0:4d:26: 97:9e:28:ab:76:17:a1:9a:51:fc:b7:19:7d:e4:d0:cd:86:3b: 2a:e9:93:ff:bc:c5:09:f9:0c:e3:c5:04:33:7d:d0:da:cd:04: 68:b1:26:5b:36:22:d4:8e:91:4f:90:70:08:0c:d8:b2:37:90: cd:76:1d:b9:44:7a:36:2d:16:7e:c7:f9:e4:57:c8:e2:59:e0: b3:62:55:84:7f:78:ea:84:4b:2b:3a:02:11:7a:ec:47:99:4e: 2d:fc:db:63:88:60:d3:87:fe:3e:b1:83:25:02:2a:dc:f6:5c: ce:b8:35:72:53:e3:04:8b:7a:74:89:37:29:34:f7:88:18:6f: 4c:24:3d:d1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUB+aHxEEzwXd4ighy3s6Lf1QCP/gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0N1oX DTI3MDMwMzA2MzA0N1owMzExMC8GA1UEAxMoMjA4RTNFM0U4MjE5N0MwRDRBNjU0 MUIwMzFEMTE1RjE2MzBBMTY1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALMR7hBPtKoZ/XnrPNY3DEWJNVOGgozHE8HzlSyg3TlOqC3FjOBpKiGWXZbH 3wGQzVt3zuxcKf9JY1x3YE4ox7mv6eGx6hV5xo93kN1IGE3YOUtBzLpZ1LDv6s2C P5iaI9FWKgdn9L/+jVN0EGKhIDL0ckARdPTV7cl/n90jFMDdbJFCIt6v5sJ1VrW8 NHq8tfbZkZ2u3DaBATHF37WalfMq2+BO4WBb3e2gWAbCaC/19cgi08ogD9SxOHqm Nj6IaetNdCDTUkiH8ySHeo/7lnBWffo6K3OYUlKvUxvR+4RwY3tc5HSV9e35DKr/ V8YDlRAabp8cEc2KAXeqVCVc/XcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQgjj4+ ghl8DUplQbAx0RXxYwoWUjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTU5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q4MwDQYJKoZIhvcNAQELBQADggEBAJASfRNW8jsLO2ngD4zx1yrxrSR+JtCvKPQq UzPNYnDLM13GYMvPXYzmacgPy7dFwwPxr23+FAf8o483ehCkWZw4nz/+tfCCv+qf 61dPSShvDAC0MdPM1gN1GRO0Ot8rcZwFeOrfBqYDh3HXW95d/PSJthGU7m88P182 +cBNJpeeKKt2F6GaUfy3GX3k0M2GOyrpk/+8xQn5DOPFBDN90NrNBGixJls2ItSO kU+QcAgM2LI3kM12HblEejYtFn7H+eRXyOJZ4LNiVYR/eOqESys6AhF67EeZTi38 22OIYNOH/j6xgyUCKtz2XM64NXJT4wSLenSJNyk094gYb0wkPdE= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:33 2026 by rpki-client