$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145636.roa File: AS145636.roa (raw, json) Hash identifier: nOtZ9UMQiE/8gB4LlrkA/WYZRro3vzqfIwcjKbE3OvA= Subject key identifier: 95:71:26:9E:41:14:48:3E:F8:A8:AA:1F:8C:7B:F6:00:40:92:56:EF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 16ACA84AE0002B9DE629D6AE07791BE527B9DADA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145636.roa Signing time: Wed 04 Mar 2026 06:31:07 +0000 ROA not before: Wed 04 Mar 2026 06:26:07 +0000 ROA not after: Wed 03 Mar 2027 06:31:07 +0000 asID: 145636 IP address blocks: 240a:abaa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:ac:a8:4a:e0:00:2b:9d:e6:29:d6:ae:07:79:1b:e5:27:b9:da:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:07 2026 GMT Not After : Mar 3 06:31:07 2027 GMT Subject: CN=9571269E4114483EF8A8AA1F8C7BF600409256EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:92:1f:94:92:75:81:03:92:f5:1a:94:a0:46: 94:67:aa:89:88:34:54:85:46:51:01:87:67:8f:cc: ac:9a:e6:e1:29:b0:99:c2:e4:37:fd:17:81:e6:29: 8d:b6:a4:d2:e8:4f:b3:58:a8:61:ff:48:01:2e:15: be:6b:ae:84:aa:cc:7c:46:7b:56:b1:8d:21:5d:62: 25:8a:3b:bc:b6:27:b5:e8:4a:f4:29:28:38:18:96: fa:b2:b0:97:3d:1f:ff:5c:98:0c:6a:54:9f:dd:43: 28:9e:c7:c0:c8:76:dd:ea:58:0b:8e:f8:af:b2:37: 25:00:cf:5e:0c:74:9f:8a:fd:6d:45:6a:44:1b:e5: 2a:c7:18:f3:27:bc:18:23:ab:93:79:10:95:f7:e0: 7a:7d:35:92:ec:fd:9f:4c:61:94:16:d4:2b:92:bb: ca:07:33:e4:62:ae:ee:7f:8d:06:60:c7:ac:5a:57: 34:d9:bb:cc:4c:c4:e0:fb:3f:67:f6:de:85:ae:a3: 3a:eb:82:54:a2:d1:fc:ca:54:7e:ec:36:9c:3d:de: 99:5a:2c:81:dd:b2:0f:64:32:fc:c7:13:71:34:77: 9b:c1:1c:9d:a7:1c:2c:2b:3d:09:a5:a9:a5:ef:30: 55:a8:ed:df:38:d6:89:69:e4:2b:1f:d7:a3:43:46: f8:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:71:26:9E:41:14:48:3E:F8:A8:AA:1F:8C:7B:F6:00:40:92:56:EF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145636.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abaa::/32 Signature Algorithm: sha256WithRSAEncryption 01:91:99:d6:e9:6e:02:c9:27:6c:7c:ce:78:ae:48:8f:f9:3f: 91:d1:5b:d4:95:67:d6:d2:cd:de:e5:33:92:ed:27:fa:5e:2f: 4d:f1:24:51:3a:3a:ed:12:8d:2f:fb:65:8a:6a:1b:82:30:ae: 19:49:4a:30:ef:dd:f7:5d:79:cc:97:a9:64:0a:1e:e6:ea:03: 34:5f:90:f2:e3:67:14:30:19:dc:a1:ee:1d:77:36:22:88:d3: 70:cd:a4:32:4d:e4:de:3f:a0:90:5d:c3:54:02:1f:e6:0a:65: 73:f3:56:74:08:52:f3:38:d9:78:3f:ca:1a:65:71:3d:25:f2: fc:ad:f2:49:c9:6d:ae:54:d3:35:28:47:88:c1:46:6e:aa:4f: 0c:d6:2d:2c:c1:18:3e:cc:db:62:90:17:95:00:59:55:52:53: fa:be:fd:dd:1d:6b:ea:29:16:21:38:b8:aa:42:75:da:32:5c: 3f:26:9a:78:05:93:8e:4a:36:72:5d:f4:6a:49:98:67:ac:04: 56:b7:23:eb:20:65:90:73:9a:7a:8d:6a:fb:85:94:1b:e7:6a: 5d:fa:a3:ab:bb:96:16:14:c6:cf:7c:1f:6e:94:1c:04:be:90: 12:06:05:d3:5a:e5:ac:07:f4:04:64:bd:3e:38:0a:15:29:6c: f6:a1:e3:ef -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFqyoSuAAK53mKdauB3kb5Se52towDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwN1oX DTI3MDMwMzA2MzEwN1owMzExMC8GA1UEAxMoOTU3MTI2OUU0MTE0NDgzRUY4QThB QTFGOEM3QkY2MDA0MDkyNTZFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANqSH5SSdYEDkvUalKBGlGeqiYg0VIVGUQGHZ4/MrJrm4SmwmcLkN/0XgeYp jbak0uhPs1ioYf9IAS4VvmuuhKrMfEZ7VrGNIV1iJYo7vLYntehK9CkoOBiW+rKw lz0f/1yYDGpUn91DKJ7HwMh23epYC474r7I3JQDPXgx0n4r9bUVqRBvlKscY8ye8 GCOrk3kQlffgen01kuz9n0xhlBbUK5K7ygcz5GKu7n+NBmDHrFpXNNm7zEzE4Ps/ Z/beha6jOuuCVKLR/MpUfuw2nD3emVosgd2yD2Qy/McTcTR3m8EcnaccLCs9CaWp pe8wVajt3zjWiWnkKx/Xo0NG+NECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSVcSae QRRIPvioqh+Me/YAQJJW7zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTYzNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q6owDQYJKoZIhvcNAQELBQADggEBAAGRmdbpbgLJJ2x8zniuSI/5P5HRW9SVZ9bS zd7lM5LtJ/peL03xJFE6Ou0SjS/7ZYpqG4IwrhlJSjDv3fddecyXqWQKHubqAzRf kPLjZxQwGdyh7h13NiKI03DNpDJN5N4/oJBdw1QCH+YKZXPzVnQIUvM42Xg/yhpl cT0l8vyt8knJba5U0zUoR4jBRm6qTwzWLSzBGD7M22KQF5UAWVVSU/q+/d0da+op FiE4uKpCddoyXD8mmngFk45KNnJd9GpJmGesBFa3I+sgZZBzmnqNavuFlBvnal36 o6u7lhYUxs98H26UHAS+kBIGBdNa5awH9ARkvT44ChUpbPah4+8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:07 2026 by rpki-client