$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145632.roa File: AS145632.roa (raw, json) Hash identifier: cb84VqjNTw7bWlETSBVVIMsGnQ6s4XBVwfQuqb5auXg= Subject key identifier: DD:E5:38:B7:89:C6:5D:75:2B:07:A9:4D:1C:AC:AA:98:77:15:BC:8C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7D25EB8A336EA8F61228B762C6F849E402022A6C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145632.roa Signing time: Wed 04 Mar 2026 06:30:37 +0000 ROA not before: Wed 04 Mar 2026 06:25:37 +0000 ROA not after: Wed 03 Mar 2027 06:30:37 +0000 asID: 145632 IP address blocks: 240a:aba6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:25:eb:8a:33:6e:a8:f6:12:28:b7:62:c6:f8:49:e4:02:02:2a:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:37 2026 GMT Not After : Mar 3 06:30:37 2027 GMT Subject: CN=DDE538B789C65D752B07A94D1CACAA987715BC8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:e4:a4:8c:6a:4b:a4:21:07:5a:61:d2:c2:fb: 49:12:6b:d5:91:63:3c:a9:a0:ff:d0:d7:2b:07:b2: 79:37:88:00:8f:0c:3e:ed:cc:97:d5:db:22:ee:f4: 95:42:de:b3:c8:db:fd:70:6a:5e:b6:e8:a3:19:6b: 01:63:e3:a5:ef:75:6f:1b:a6:cb:f1:45:58:4b:00: cf:64:d5:1a:db:8b:18:53:7b:2c:09:1d:4d:3c:17: 75:ac:3b:65:92:29:74:fa:17:80:b3:5a:a3:f5:2f: 6f:9d:03:3c:a6:9d:cf:53:fd:15:2b:b6:3e:67:34: b6:87:c4:3a:7a:59:24:8c:e2:bd:5a:3a:8d:71:65: 46:84:99:60:bb:01:0d:5d:33:b3:91:95:b7:2b:c5: 04:75:4f:42:ed:81:22:ab:4f:64:0b:df:ac:2d:d6: 20:94:6d:0b:62:d2:8b:f5:ee:48:75:76:db:c2:5d: 97:3c:0a:84:da:f2:49:36:09:92:a4:76:54:98:d8: eb:a2:12:0f:c7:1d:28:de:3a:6a:1d:7c:6b:ea:27: 30:27:79:26:08:1a:f2:93:2b:52:85:fa:94:20:bc: b9:9e:00:e3:e3:cb:77:9f:81:41:66:f1:91:09:ed: c9:fa:c3:de:61:af:8e:62:f1:46:ab:f4:44:c8:a0: d0:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:E5:38:B7:89:C6:5D:75:2B:07:A9:4D:1C:AC:AA:98:77:15:BC:8C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145632.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aba6::/32 Signature Algorithm: sha256WithRSAEncryption 81:ee:b7:e8:6d:99:57:e6:17:71:68:85:d7:48:48:99:f3:22: 9a:5f:51:32:71:33:84:f4:c1:9e:1d:c0:c0:5e:d0:c2:5d:4b: 7e:da:22:31:4c:e9:6d:c3:32:9b:56:f1:7c:dd:47:02:57:cb: 9e:09:cf:44:40:c0:4a:0f:7d:97:84:66:20:92:4d:24:22:29: 8d:5b:22:4c:88:18:8c:5c:c9:aa:52:64:9c:12:2c:31:b2:06: 66:d2:41:ab:f4:6c:e2:e9:41:06:c5:10:cf:a1:ef:98:3a:37: 5a:6f:6d:b7:e7:dd:0b:44:e0:3a:f1:d3:85:0d:41:a2:83:9c: bb:a6:a9:a9:00:2a:24:43:6b:5a:c9:ea:9c:f9:73:39:d4:23: 28:0a:df:af:c7:16:1b:5d:77:a4:32:21:7f:b1:f9:ff:49:52: 40:db:1d:93:3c:23:3d:9c:42:17:fc:36:7e:74:06:a5:e9:92: 64:80:31:32:c0:b7:10:ec:6e:f5:53:78:27:bf:f7:03:9c:cf: 53:fb:93:30:3c:c7:7d:22:cb:24:a7:12:78:37:70:14:bf:9e: b7:3e:ce:5a:28:1d:99:c1:c2:80:7f:03:19:48:d7:d5:2c:79: 34:22:0e:25:83:a5:7f:4f:32:6d:65:d8:27:23:e9:64:ff:01: c7:54:7d:b2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfSXrijNuqPYSKLdixvhJ5AICKmwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzN1oX DTI3MDMwMzA2MzAzN1owMzExMC8GA1UEAxMoRERFNTM4Qjc4OUM2NUQ3NTJCMDdB OTREMUNBQ0FBOTg3NzE1QkM4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJDkpIxqS6QhB1ph0sL7SRJr1ZFjPKmg/9DXKweyeTeIAI8MPu3Ml9XbIu70 lULes8jb/XBqXrbooxlrAWPjpe91bxumy/FFWEsAz2TVGtuLGFN7LAkdTTwXdaw7 ZZIpdPoXgLNao/Uvb50DPKadz1P9FSu2Pmc0tofEOnpZJIzivVo6jXFlRoSZYLsB DV0zs5GVtyvFBHVPQu2BIqtPZAvfrC3WIJRtC2LSi/XuSHV228JdlzwKhNrySTYJ kqR2VJjY66ISD8cdKN46ah18a+onMCd5Jgga8pMrUoX6lCC8uZ4A4+PLd5+BQWbx kQntyfrD3mGvjmLxRqv0RMig0LcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTd5Ti3 icZddSsHqU0crKqYdxW8jDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYzMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q6YwDQYJKoZIhvcNAQELBQADggEBAIHut+htmVfmF3FohddISJnzIppfUTJxM4T0 wZ4dwMBe0MJdS37aIjFM6W3DMptW8XzdRwJXy54Jz0RAwEoPfZeEZiCSTSQiKY1b IkyIGIxcyapSZJwSLDGyBmbSQav0bOLpQQbFEM+h75g6N1pvbbfn3QtE4Drx04UN QaKDnLumqakAKiRDa1rJ6pz5cznUIygK36/HFhtdd6QyIX+x+f9JUkDbHZM8Iz2c Qhf8Nn50BqXpkmSAMTLAtxDsbvVTeCe/9wOcz1P7kzA8x30iyySnEng3cBS/nrc+ zlooHZnBwoB/AxlI19UseTQiDiWDpX9PMm1l2Ccj6WT/AcdUfbI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:41 2026 by rpki-client