$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145634.roa File: AS145634.roa (raw, json) Hash identifier: NGe34I9zqUWYNfPRqrAUQHHinuaUkVI7QSFuICinEYo= Subject key identifier: F1:59:F8:08:7C:89:F3:97:FC:85:3D:77:BD:56:64:AC:55:D4:4A:31 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4281D50B0793C381A0793AE02020FE97CC8942BB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145634.roa Signing time: Wed 04 Mar 2026 06:31:10 +0000 ROA not before: Wed 04 Mar 2026 06:26:10 +0000 ROA not after: Wed 03 Mar 2027 06:31:10 +0000 asID: 145634 IP address blocks: 240a:aba8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:81:d5:0b:07:93:c3:81:a0:79:3a:e0:20:20:fe:97:cc:89:42:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:10 2026 GMT Not After : Mar 3 06:31:10 2027 GMT Subject: CN=F159F8087C89F397FC853D77BD5664AC55D44A31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:07:1c:6f:ca:23:3a:03:b1:4d:d7:f8:42:ba: 17:24:36:9c:5c:57:01:0f:eb:11:b6:82:ff:d3:ed: c5:6a:6d:59:78:7c:d7:63:d9:25:f1:1b:b1:30:5e: 1f:42:f7:36:52:09:b7:63:86:9c:0c:ee:57:82:9a: 2b:55:a7:fa:15:29:e3:e6:ea:3c:28:37:cd:1a:0d: 48:14:3a:a8:62:3d:b7:fe:c6:e4:1b:6c:bd:dd:00: 84:5e:f4:9d:f3:b6:59:86:0b:46:7c:1f:c0:cb:27: c5:53:a0:c8:6a:64:36:ff:ad:bb:87:cb:01:f4:87: 79:06:0c:46:4a:07:f0:2b:84:1e:b7:c1:44:79:c3: 5a:54:c6:87:6a:57:08:98:34:02:4b:26:0b:f5:34: 12:ee:65:f3:ef:ed:b5:8f:50:b7:c4:5b:f3:4e:7f: 81:ef:1f:01:7d:fb:96:c1:56:ff:07:8b:54:ee:ef: 37:48:44:a4:4d:5f:47:c2:36:ae:70:4c:f5:9b:a0: a7:a3:23:84:4b:e3:c6:4f:25:2f:86:f3:ea:be:22: 45:dc:9a:6a:5c:fd:e0:f3:40:eb:c9:4c:df:47:0b: 56:57:1b:39:29:80:87:01:5b:94:d2:26:50:65:80: 8d:c6:35:0a:08:dc:58:b3:d7:11:58:ac:2b:db:c7: 81:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:59:F8:08:7C:89:F3:97:FC:85:3D:77:BD:56:64:AC:55:D4:4A:31 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aba8::/32 Signature Algorithm: sha256WithRSAEncryption b8:cb:a6:04:67:b7:73:95:5f:8d:33:0e:b1:14:4f:2e:78:b8: 21:8a:79:a5:b7:db:a9:53:c0:32:a4:3c:02:ea:ba:a6:54:db: 54:81:ef:d6:8e:c4:75:b3:8e:50:aa:93:7f:df:48:45:33:5e: f9:25:e0:7b:0e:e7:ac:45:04:b1:e7:e5:a7:83:10:55:da:11: ec:c2:ff:9e:7f:ec:91:b9:c1:c7:f3:db:b9:7a:b0:42:2a:2e: ca:38:9b:0c:89:bc:a4:bb:fa:cf:54:b9:b3:54:3a:18:88:d2: e6:a1:46:d9:f3:dc:14:a1:06:d0:a0:44:d8:26:fe:9a:48:9f: e3:05:a7:7a:71:58:7c:15:a5:92:76:57:13:96:99:4e:35:d5: e6:d4:fa:ad:b7:57:3a:5b:9e:56:82:17:e5:e8:5e:ae:b6:43: 2d:e0:63:57:80:96:e2:8d:06:1d:93:b2:e6:16:99:54:87:e1: f3:6e:54:3e:e5:9b:11:5f:f3:24:f4:ec:11:a9:27:1b:28:e4: a2:4e:77:a5:f4:d3:40:64:ac:bd:d0:0d:9f:4e:3e:99:c9:3a: fb:1d:87:9f:40:f1:73:2d:c9:f7:33:f4:4c:2d:f5:33:14:9d: 87:94:e4:62:7c:b7:67:a5:ea:8a:a9:ba:02:01:32:b4:a0:3f: 67:7d:cc:28 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQoHVCweTw4GgeTrgICD+l8yJQrswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYxMFoX DTI3MDMwMzA2MzExMFowMzExMC8GA1UEAxMoRjE1OUY4MDg3Qzg5RjM5N0ZDODUz RDc3QkQ1NjY0QUM1NUQ0NEEzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANkHHG/KIzoDsU3X+EK6FyQ2nFxXAQ/rEbaC/9PtxWptWXh812PZJfEbsTBe H0L3NlIJt2OGnAzuV4KaK1Wn+hUp4+bqPCg3zRoNSBQ6qGI9t/7G5Btsvd0AhF70 nfO2WYYLRnwfwMsnxVOgyGpkNv+tu4fLAfSHeQYMRkoH8CuEHrfBRHnDWlTGh2pX CJg0AksmC/U0Eu5l8+/ttY9Qt8Rb805/ge8fAX37lsFW/weLVO7vN0hEpE1fR8I2 rnBM9Zugp6MjhEvjxk8lL4bz6r4iRdyaalz94PNA68lM30cLVlcbOSmAhwFblNIm UGWAjcY1CgjcWLPXEVisK9vHgc0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTxWfgI fInzl/yFPXe9VmSsVdRKMTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q6gwDQYJKoZIhvcNAQELBQADggEBALjLpgRnt3OVX40zDrEUTy54uCGKeaW326lT wDKkPALquqZU21SB79aOxHWzjlCqk3/fSEUzXvkl4HsO56xFBLHn5aeDEFXaEezC /55/7JG5wcfz27l6sEIqLso4mwyJvKS7+s9UubNUOhiI0uahRtnz3BShBtCgRNgm /ppIn+MFp3pxWHwVpZJ2VxOWmU411ebU+q23VzpbnlaCF+XoXq62Qy3gY1eAluKN Bh2TsuYWmVSH4fNuVD7lmxFf8yT07BGpJxso5KJOd6X000BkrL3QDZ9OPpnJOvsd h59A8XMtyfcz9Ewt9TMUnYeU5GJ8t2el6oqpugIBMrSgP2d9zCg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:20 2026 by rpki-client