$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145652.roa File: AS145652.roa (raw, json) Hash identifier: THab5vJ55hKUGLoGHZ/zyc5dr5gjIl1tmlQjtDR+AKg= Subject key identifier: C2:95:20:FC:8B:C3:B4:0D:D9:4F:CA:F7:10:C8:CE:B0:80:26:7B:64 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4B6F568E33901A263179880D579B019EA174EC58 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145652.roa Signing time: Wed 04 Mar 2026 06:31:12 +0000 ROA not before: Wed 04 Mar 2026 06:26:12 +0000 ROA not after: Wed 03 Mar 2027 06:31:12 +0000 asID: 145652 IP address blocks: 240a:abba::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:6f:56:8e:33:90:1a:26:31:79:88:0d:57:9b:01:9e:a1:74:ec:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:12 2026 GMT Not After : Mar 3 06:31:12 2027 GMT Subject: CN=C29520FC8BC3B40DD94FCAF710C8CEB080267B64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a2:cd:06:9b:68:53:3b:bd:50:84:02:8a:5b: ce:5d:dc:3d:18:ea:87:af:d3:95:d4:f6:6e:57:f5: 98:f6:ed:29:64:ea:56:6a:de:f3:84:97:95:bb:e9: 49:07:cb:48:37:8e:32:35:ad:85:9c:80:63:63:c1: be:32:d4:76:ad:a2:d9:07:c8:8c:d0:7a:fc:2c:42: b4:08:15:02:e7:17:e1:40:fc:4b:27:85:b4:ce:9c: d1:b3:20:85:0d:de:a8:91:64:2a:43:86:1b:8a:1b: 05:db:ab:6c:e1:81:ab:78:bc:06:0a:47:81:bf:f1: d3:d1:c4:03:48:da:81:ec:6c:96:80:97:f4:41:53: 65:92:c7:59:c8:50:32:1d:a5:37:81:f2:f9:e3:99: da:b8:87:86:56:f1:94:f6:92:98:a9:4a:ef:98:8c: 43:8a:a3:48:1a:dc:89:d5:b6:88:e5:cd:61:30:e9: a5:0a:7a:c3:58:b4:62:8d:f0:00:c6:69:d6:01:e3: 77:d5:75:86:f8:86:d2:7f:f8:4e:47:e2:43:a7:ac: 92:c8:e0:22:83:48:ad:74:ed:9b:73:c9:bb:8d:6f: 87:59:b1:7c:51:43:29:0b:07:4d:35:5f:5a:c7:72: a0:52:c4:21:be:88:d5:55:ed:61:a8:29:41:4f:61: 43:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:95:20:FC:8B:C3:B4:0D:D9:4F:CA:F7:10:C8:CE:B0:80:26:7B:64 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145652.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abba::/32 Signature Algorithm: sha256WithRSAEncryption 02:e4:08:42:ba:03:bb:28:5c:2e:30:9f:08:7d:72:81:2c:46: ac:a2:f2:4e:3d:c6:d5:ec:55:88:b0:be:7f:74:7e:89:a7:76: f3:6c:60:62:ce:e1:13:ab:4f:e2:e6:d4:86:b5:fa:a9:12:50: 6e:12:26:87:fd:d1:6d:08:18:14:c7:62:bb:b2:8f:78:9f:95: 18:15:b8:8a:32:b8:25:a7:a2:cd:02:d8:76:64:2e:92:ea:7b: c4:0b:aa:d2:7a:cc:7a:cb:2a:38:45:cb:53:41:42:4e:12:fd: af:ed:b5:81:69:6e:c9:39:88:b5:f0:3c:02:6d:72:cc:30:44: 9b:d5:c8:52:ef:a8:34:1f:35:3b:7d:ca:69:c0:5d:85:66:5c: 48:f2:74:b9:8a:e7:3b:db:7d:9d:70:4d:3a:f0:d3:60:51:93: 40:37:ec:1f:48:63:3f:fb:b6:62:f3:fb:95:5c:2a:f0:46:fa: 99:de:0e:e3:6d:30:f9:72:a1:42:77:d2:f2:b3:f4:a8:30:db: ee:17:5d:d1:46:30:e2:95:e6:bd:83:ee:30:7a:79:61:59:1b: 7d:69:a8:48:70:34:57:1f:a8:bb:ff:4b:45:51:52:e9:06:7a: 4e:0a:b8:26:a3:42:b7:98:69:3c:9c:28:4c:07:73:98:d3:eb: f0:a7:f9:00 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUS29WjjOQGiYxeYgNV5sBnqF07FgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYxMloX DTI3MDMwMzA2MzExMlowMzExMC8GA1UEAxMoQzI5NTIwRkM4QkMzQjQwREQ5NEZD QUY3MTBDOENFQjA4MDI2N0I2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqizQabaFM7vVCEAopbzl3cPRjqh6/TldT2blf1mPbtKWTqVmre84SXlbvp SQfLSDeOMjWthZyAY2PBvjLUdq2i2QfIjNB6/CxCtAgVAucX4UD8SyeFtM6c0bMg hQ3eqJFkKkOGG4obBdurbOGBq3i8BgpHgb/x09HEA0jagexsloCX9EFTZZLHWchQ Mh2lN4Hy+eOZ2riHhlbxlPaSmKlK75iMQ4qjSBrcidW2iOXNYTDppQp6w1i0Yo3w AMZp1gHjd9V1hviG0n/4TkfiQ6esksjgIoNIrXTtm3PJu41vh1mxfFFDKQsHTTVf WsdyoFLEIb6I1VXtYagpQU9hQ50CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTClSD8 i8O0DdlPyvcQyM6wgCZ7ZDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q7owDQYJKoZIhvcNAQELBQADggEBAALkCEK6A7soXC4wnwh9coEsRqyi8k49xtXs VYiwvn90fomndvNsYGLO4ROrT+Lm1Ia1+qkSUG4SJof90W0IGBTHYruyj3iflRgV uIoyuCWnos0C2HZkLpLqe8QLqtJ6zHrLKjhFy1NBQk4S/a/ttYFpbsk5iLXwPAJt cswwRJvVyFLvqDQfNTt9ymnAXYVmXEjydLmK5zvbfZ1wTTrw02BRk0A37B9IYz/7 tmLz+5VcKvBG+pneDuNtMPlyoUJ30vKz9Kgw2+4XXdFGMOKV5r2D7jB6eWFZG31p qEhwNFcfqLv/S0VRUukGek4KuCajQreYaTycKEwHc5jT6/Cn+QA= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:13 2026 by rpki-client