$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145620.roa File: AS145620.roa (raw, json) Hash identifier: SHPXqiRSK2EXbxIpks0aB4OhAyvzyvFbNhlEosNnytM= Subject key identifier: 92:3A:41:AE:1A:B4:F0:0F:91:45:4E:4F:F7:28:6D:E6:1B:38:0E:E7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 56AFB9625402DDA7E0DA5181BC684DB8BACAA99A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145620.roa Signing time: Wed 04 Mar 2026 06:29:33 +0000 ROA not before: Wed 04 Mar 2026 06:24:33 +0000 ROA not after: Wed 03 Mar 2027 06:29:33 +0000 asID: 145620 IP address blocks: 240a:ab9a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:af:b9:62:54:02:dd:a7:e0:da:51:81:bc:68:4d:b8:ba:ca:a9:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:33 2026 GMT Not After : Mar 3 06:29:33 2027 GMT Subject: CN=923A41AE1AB4F00F91454E4FF7286DE61B380EE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ee:f1:11:4d:07:cd:62:41:f0:d1:b6:2a:94: ba:5a:b2:d3:e3:89:1c:c9:85:08:64:7a:3f:ef:16: d2:f7:d3:93:0c:97:e6:08:c5:20:bc:aa:97:cd:24: ff:6d:b7:c0:f7:91:21:06:aa:24:38:8a:6d:f1:a4: 2d:28:3a:ed:07:fd:eb:74:df:8b:eb:df:71:46:98: cc:a7:f4:7e:f3:f1:ae:22:f8:75:8f:07:b4:1b:26: fb:06:d6:cc:ed:50:36:dc:bf:5b:3a:cd:20:58:22: 4a:b9:45:47:85:32:0c:7c:34:d9:5c:74:58:95:ac: 21:df:21:e4:01:2c:a3:75:6c:20:f8:d8:e3:13:0a: 1b:e1:7e:92:bd:9d:64:ed:27:ae:f2:3a:17:65:cb: 8a:40:65:c2:e3:9a:51:53:c7:ca:5d:75:15:03:a4: 44:88:b6:42:0a:2f:8a:09:17:55:6c:32:63:73:f9: 59:f1:d7:f8:e8:c8:9f:5d:02:30:2f:5b:8f:2f:c9: 54:61:9b:4a:cf:f0:0e:3b:61:b0:82:10:48:ff:1a: 29:61:be:28:3a:05:a1:da:38:ec:ee:a9:63:a4:c7: 64:56:cc:9e:f9:ae:5c:bf:24:0e:28:de:29:ae:65: da:63:8a:33:df:a6:9d:f1:02:eb:73:ef:12:e9:df: e3:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:3A:41:AE:1A:B4:F0:0F:91:45:4E:4F:F7:28:6D:E6:1B:38:0E:E7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145620.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ab9a::/32 Signature Algorithm: sha256WithRSAEncryption 1b:fa:5d:b8:55:db:45:00:da:d9:10:dd:f0:a7:00:b9:03:4c: fd:55:de:67:5e:01:0b:75:a0:8e:c7:c2:05:c3:1e:8c:98:65: 7d:30:19:b9:78:ee:a3:3a:a2:82:5f:01:ce:e5:ea:4e:7f:e7: 91:4b:bd:c8:5c:1b:9e:97:f8:8c:00:71:15:d7:c1:1c:ac:fa: bb:c7:4f:e6:43:9d:fe:41:45:52:bf:02:4a:ae:d0:9c:82:2f: 80:5e:8d:4a:aa:2a:d1:c2:f7:f0:05:fe:bc:32:79:94:49:91: 51:fe:a7:a0:d5:57:96:e4:12:4f:6c:e9:85:16:ac:5e:bf:e8: 95:4e:dc:28:54:64:f2:cf:09:08:59:fb:ec:d5:81:3d:e0:4d: 6c:b3:ae:ef:de:1a:e0:14:e3:6d:54:17:11:8e:0f:e3:1e:e6: eb:b2:bf:8a:41:8c:fb:08:94:73:18:8b:17:19:dd:61:e4:de: 76:b3:ac:1a:82:0b:86:ee:e0:b0:aa:7d:ea:6b:72:33:94:54: b6:10:da:98:47:c3:53:98:48:4e:64:3f:31:6e:7f:6a:19:b3: 2a:96:09:88:38:c0:b9:09:90:26:77:c0:5e:ee:aa:03:12:93: 84:9f:ce:9d:f0:6a:65:f7:e1:1b:f6:38:b6:6f:41:13:0e:b4: 44:1c:f0:34 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVq+5YlQC3afg2lGBvGhNuLrKqZowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzM1oX DTI3MDMwMzA2MjkzM1owMzExMC8GA1UEAxMoOTIzQTQxQUUxQUI0RjAwRjkxNDU0 RTRGRjcyODZERTYxQjM4MEVFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7u8RFNB81iQfDRtiqUulqy0+OJHMmFCGR6P+8W0vfTkwyX5gjFILyql80k /223wPeRIQaqJDiKbfGkLSg67Qf963Tfi+vfcUaYzKf0fvPxriL4dY8HtBsm+wbW zO1QNty/WzrNIFgiSrlFR4UyDHw02Vx0WJWsId8h5AEso3VsIPjY4xMKG+F+kr2d ZO0nrvI6F2XLikBlwuOaUVPHyl11FQOkRIi2QgovigkXVWwyY3P5WfHX+OjIn10C MC9bjy/JVGGbSs/wDjthsIIQSP8aKWG+KDoFodo47O6pY6THZFbMnvmuXL8kDije Ka5l2mOKM9+mnfEC63PvEunf4yECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSSOkGu GrTwD5FFTk/3KG3mGzgO5zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q5owDQYJKoZIhvcNAQELBQADggEBABv6XbhV20UA2tkQ3fCnALkDTP1V3mdeAQt1 oI7HwgXDHoyYZX0wGbl47qM6ooJfAc7l6k5/55FLvchcG56X+IwAcRXXwRys+rvH T+ZDnf5BRVK/Akqu0JyCL4BejUqqKtHC9/AF/rwyeZRJkVH+p6DVV5bkEk9s6YUW rF6/6JVO3ChUZPLPCQhZ++zVgT3gTWyzru/eGuAU421UFxGOD+Me5uuyv4pBjPsI lHMYixcZ3WHk3nazrBqCC4bu4LCqfeprcjOUVLYQ2phHw1OYSE5kPzFuf2oZsyqW CYg4wLkJkCZ3wF7uqgMSk4Sfzp3wamX34Rv2OLZvQRMOtEQc8DQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:04 2026 by rpki-client