$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145600.roa File: AS145600.roa (raw, json) Hash identifier: 73+K2UpA0GZaXu6yhfcdv43fbCI451JbEncvZgIJLY4= Subject key identifier: 2B:02:E0:11:B3:63:98:D6:17:42:70:08:F3:A2:9B:77:85:42:85:51 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7007E7F106E6ADCFBC28ACBA5AC371AE9BF81F67 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145600.roa Signing time: Wed 04 Mar 2026 06:30:42 +0000 ROA not before: Wed 04 Mar 2026 06:25:42 +0000 ROA not after: Wed 03 Mar 2027 06:30:42 +0000 asID: 145600 IP address blocks: 240a:ab86::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:07:e7:f1:06:e6:ad:cf:bc:28:ac:ba:5a:c3:71:ae:9b:f8:1f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:42 2026 GMT Not After : Mar 3 06:30:42 2027 GMT Subject: CN=2B02E011B36398D617427008F3A29B7785428551 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:30:34:6d:ba:53:78:f2:f3:18:78:fd:e6:2b: 94:ac:84:d4:4d:37:22:da:f0:aa:aa:6b:d9:ba:b2: d7:de:91:b3:cc:5f:ad:3b:89:7e:e0:16:45:0f:70: 37:7b:fc:27:42:6d:d2:3a:6b:80:74:ed:76:82:9a: 72:12:c3:c7:a5:95:ef:96:21:24:21:8d:96:52:cd: ee:46:98:f9:14:53:78:fe:4f:88:18:92:e8:36:10: 17:c2:59:29:4e:e8:75:dc:59:f5:05:6c:d5:dd:2b: e3:3f:82:83:19:d2:12:11:22:1c:3a:b4:28:f7:cb: 54:46:59:14:a0:3b:e5:61:f5:c4:88:07:7e:da:c0: 8b:b4:b8:e9:18:8b:11:80:ea:07:d7:98:0f:61:8e: 05:a8:57:e2:9f:5b:69:0e:6b:e2:4d:43:d1:18:aa: a5:40:67:45:27:0b:0b:1b:07:74:65:ba:94:4d:0f: 2c:e3:b4:09:c8:5e:db:4e:5b:19:4b:6b:a4:3d:63: d5:76:c7:5f:33:3a:51:e1:21:f5:b6:66:03:dc:02: a5:24:b1:fc:a0:85:a8:95:b3:03:fc:9a:1e:39:3a: ec:06:b3:fe:6f:96:ad:21:5d:01:c7:18:e8:8f:b8: 7a:65:89:df:8a:11:a2:41:64:5a:f5:22:56:09:23: 8f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:02:E0:11:B3:63:98:D6:17:42:70:08:F3:A2:9B:77:85:42:85:51 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145600.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab86::/32 Signature Algorithm: sha256WithRSAEncryption 13:e6:d2:f9:b4:8d:9d:f2:86:12:c8:f3:42:eb:11:3e:58:03: 8b:bf:d7:d7:e1:57:b4:58:7a:7f:5b:be:04:75:27:16:57:84: e3:93:7e:7e:09:5d:52:fa:f9:f5:fd:3a:5e:58:42:94:d4:1d: 70:bc:d4:df:a7:bf:29:2d:01:4c:ba:3e:4c:ea:a5:f0:99:b2: 63:c5:e7:cc:37:9d:40:7d:c8:15:47:f8:40:c0:cd:13:25:32: 84:f3:44:c3:3b:e5:42:c3:3c:25:20:ab:7f:83:e9:3f:6a:c4: 0c:f4:4b:5a:ba:ea:1e:46:d5:e8:0e:40:26:50:83:e2:1c:a1: 60:3f:71:9e:f3:6d:3e:8e:ad:34:f1:a8:31:aa:b8:92:bf:a1: 87:6c:2c:e1:88:67:b4:07:b7:8d:ff:fe:92:8d:44:22:65:8d: 8f:1e:99:a2:ed:70:0e:fa:96:98:40:77:7d:31:0f:a9:fd:b3: 1a:31:2e:7c:a8:29:3f:50:ac:56:d6:58:3a:cd:d6:82:fe:79: 81:b3:f8:0e:3f:77:56:42:89:b3:43:a6:26:b8:21:4c:7a:80: 9e:ae:90:3c:3f:8d:de:8f:23:f3:0a:ff:92:66:20:21:9b:29: 19:3d:fe:d4:bc:67:4b:d3:c6:4c:a7:ed:fd:ca:86:ec:28:87: 00:cd:4b:83 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcAfn8Qbmrc+8KKy6WsNxrpv4H2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0MloX DTI3MDMwMzA2MzA0MlowMzExMC8GA1UEAxMoMkIwMkUwMTFCMzYzOThENjE3NDI3 MDA4RjNBMjlCNzc4NTQyODU1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQwNG26U3jy8xh4/eYrlKyE1E03Itrwqqpr2bqy196Rs8xfrTuJfuAWRQ9w N3v8J0Jt0jprgHTtdoKachLDx6WV75YhJCGNllLN7kaY+RRTeP5PiBiS6DYQF8JZ KU7oddxZ9QVs1d0r4z+CgxnSEhEiHDq0KPfLVEZZFKA75WH1xIgHftrAi7S46RiL EYDqB9eYD2GOBahX4p9baQ5r4k1D0RiqpUBnRScLCxsHdGW6lE0PLOO0Cche205b GUtrpD1j1XbHXzM6UeEh9bZmA9wCpSSx/KCFqJWzA/yaHjk67Aaz/m+WrSFdAccY 6I+4emWJ34oRokFkWvUiVgkjj8kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQrAuAR s2OY1hdCcAjzopt3hUKFUTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYwMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q4YwDQYJKoZIhvcNAQELBQADggEBABPm0vm0jZ3yhhLI80LrET5YA4u/19fhV7RY en9bvgR1JxZXhOOTfn4JXVL6+fX9Ol5YQpTUHXC81N+nvyktAUy6PkzqpfCZsmPF 58w3nUB9yBVH+EDAzRMlMoTzRMM75ULDPCUgq3+D6T9qxAz0S1q66h5G1egOQCZQ g+IcoWA/cZ7zbT6OrTTxqDGquJK/oYdsLOGIZ7QHt43//pKNRCJljY8emaLtcA76 lphAd30xD6n9sxoxLnyoKT9QrFbWWDrN1oL+eYGz+A4/d1ZCibNDpia4IUx6gJ6u kDw/jd6PI/MK/5JmICGbKRk9/tS8Z0vTxkyn7f3KhuwohwDNS4M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:33 2026 by rpki-client