$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145629.roa File: AS145629.roa (raw, json) Hash identifier: grivd9NBt7iPpquGfZXoFmU+9msJBH+LDaKhGFxjhn0= Subject key identifier: 58:32:54:E6:E5:DE:51:C2:3E:DB:9D:81:2E:09:7F:24:5D:F2:92:6B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F9486B9D6837BE9B9BF68908B9170AE0C42E2D2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145629.roa Signing time: Wed 04 Mar 2026 06:30:30 +0000 ROA not before: Wed 04 Mar 2026 06:25:30 +0000 ROA not after: Wed 03 Mar 2027 06:30:30 +0000 asID: 145629 IP address blocks: 240a:aba3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:94:86:b9:d6:83:7b:e9:b9:bf:68:90:8b:91:70:ae:0c:42:e2:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:30 2026 GMT Not After : Mar 3 06:30:30 2027 GMT Subject: CN=583254E6E5DE51C23EDB9D812E097F245DF2926B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e6:68:02:46:e2:04:0d:0d:35:1e:88:56:ed: 5f:86:d5:46:8a:b1:1b:0a:91:92:bb:e2:6b:24:17: 26:b1:ee:43:f6:a9:d4:53:c8:cd:22:a2:e2:a1:d9: cd:89:ff:36:8b:b3:49:e7:03:9b:28:e4:06:4e:55: 1f:18:1f:58:c3:d5:06:f1:82:7f:fa:65:8d:cb:4f: 92:ee:04:95:40:04:65:f2:6a:b2:e0:d1:85:3c:18: 2f:98:75:d4:dc:4a:7d:59:09:7a:79:de:3f:7f:0f: 65:59:d3:a1:d9:7e:29:49:76:15:4d:b3:df:1d:45: 3e:39:3f:bf:e7:ad:24:71:c8:3b:e1:74:c1:35:55: 05:19:6e:27:f7:c8:11:59:bf:d5:cc:eb:99:4f:01: 90:91:5d:77:19:2b:01:48:8d:f2:a1:ef:b6:52:af: c5:56:78:48:28:d1:ff:2d:5d:5c:cc:46:f6:a1:95: 9d:00:9a:d9:c7:ad:bb:54:95:9e:d6:35:72:5a:34: 1b:d3:20:92:a7:12:2a:9e:99:9f:da:8b:ce:64:fb: a4:33:49:ed:ff:0f:ce:9f:2d:cd:03:3e:d0:69:29: 42:cb:51:67:32:9d:c8:58:51:9a:48:b3:a5:a5:74: 09:be:d9:9f:aa:e4:82:59:26:e9:48:02:b0:a6:a1: ac:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:32:54:E6:E5:DE:51:C2:3E:DB:9D:81:2E:09:7F:24:5D:F2:92:6B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145629.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aba3::/32 Signature Algorithm: sha256WithRSAEncryption 57:e8:da:c1:07:b8:7f:01:b5:2e:8f:cc:0f:7b:5b:81:fd:f5: 55:a0:f8:22:b7:cb:01:38:17:a0:92:ce:2f:f4:0f:ff:d4:5d: 38:e6:9a:0b:51:7b:d2:ce:87:eb:8d:f5:a6:ff:c4:68:ec:0c: 13:32:10:78:8d:c1:a9:5b:47:e2:fd:62:67:5a:5a:41:53:62: ac:5d:09:b0:77:0b:20:06:d3:2f:ec:32:aa:51:42:8a:ff:11: 37:9f:69:a9:ae:3b:5e:73:c3:46:a5:e0:fa:09:38:56:b5:44: c0:e7:ea:ba:2e:c3:74:ba:1e:e6:6b:10:e8:98:7f:fe:02:74: ec:1c:d4:69:47:c4:df:93:ce:0c:97:40:67:70:eb:28:b6:56: df:3c:21:22:8f:e3:f0:4e:75:c1:7b:c6:21:a1:93:24:1c:73: a4:d8:a9:e1:df:59:be:73:b3:64:1f:93:22:f1:20:82:fa:4e: a0:c9:5f:ad:c7:b9:14:ee:fb:61:d4:ec:91:0d:73:37:49:53: 86:67:a9:d0:e6:55:4f:5a:fd:51:7f:2c:f2:ea:6f:87:7f:36: 29:0d:37:e1:d7:68:e1:a6:74:a6:3b:5a:84:97:45:22:9b:87: f1:81:97:e3:17:2d:5f:2c:d1:11:17:28:c5:c1:fc:33:b4:83: d4:a1:66:d1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL5SGudaDe+m5v2iQi5FwrgxC4tIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzMFoX DTI3MDMwMzA2MzAzMFowMzExMC8GA1UEAxMoNTgzMjU0RTZFNURFNTFDMjNFREI5 RDgxMkUwOTdGMjQ1REYyOTI2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbmaAJG4gQNDTUeiFbtX4bVRoqxGwqRkrviayQXJrHuQ/ap1FPIzSKi4qHZ zYn/NouzSecDmyjkBk5VHxgfWMPVBvGCf/pljctPku4ElUAEZfJqsuDRhTwYL5h1 1NxKfVkJenneP38PZVnTodl+KUl2FU2z3x1FPjk/v+etJHHIO+F0wTVVBRluJ/fI EVm/1czrmU8BkJFddxkrAUiN8qHvtlKvxVZ4SCjR/y1dXMxG9qGVnQCa2cetu1SV ntY1clo0G9MgkqcSKp6Zn9qLzmT7pDNJ7f8Pzp8tzQM+0GkpQstRZzKdyFhRmkiz paV0Cb7Zn6rkglkm6UgCsKahrGUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRYMlTm 5d5Rwj7bnYEuCX8kXfKSazAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q6MwDQYJKoZIhvcNAQELBQADggEBAFfo2sEHuH8BtS6PzA97W4H99VWg+CK3ywE4 F6CSzi/0D//UXTjmmgtRe9LOh+uN9ab/xGjsDBMyEHiNwalbR+L9YmdaWkFTYqxd CbB3CyAG0y/sMqpRQor/ETefaamuO15zw0al4PoJOFa1RMDn6rouw3S6HuZrEOiY f/4CdOwc1GlHxN+TzgyXQGdw6yi2Vt88ISKP4/BOdcF7xiGhkyQcc6TYqeHfWb5z s2QfkyLxIIL6TqDJX63HuRTu+2HU7JENczdJU4ZnqdDmVU9a/VF/LPLqb4d/NikN N+HXaOGmdKY7WoSXRSKbh/GBl+MXLV8s0REXKMXB/DO0g9ShZtE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:58 2026 by rpki-client