$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145653.roa File: AS145653.roa (raw, json) Hash identifier: XK2q25PYqvmgYsuumg/x9fsTEElrR3WGAXufXui2YJQ= Subject key identifier: 97:92:5F:CC:31:D3:95:1D:19:91:80:79:BE:E4:88:98:03:9E:1D:6E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1121A5549CD620BA3935A1BE871D5F5BC985A581 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145653.roa Signing time: Wed 04 Mar 2026 06:29:45 +0000 ROA not before: Wed 04 Mar 2026 06:24:45 +0000 ROA not after: Wed 03 Mar 2027 06:29:45 +0000 asID: 145653 IP address blocks: 240a:abbb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:21:a5:54:9c:d6:20:ba:39:35:a1:be:87:1d:5f:5b:c9:85:a5:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:45 2026 GMT Not After : Mar 3 06:29:45 2027 GMT Subject: CN=97925FCC31D3951D19918079BEE48898039E1D6E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:11:e3:89:17:5a:72:a4:0f:e9:4c:0d:4d:97: fd:66:a3:31:dc:3c:5e:28:00:53:e9:40:41:3b:b8: 92:e0:f6:57:8a:27:b0:0d:8e:fc:31:88:bd:90:98: 47:1d:d4:58:14:02:6f:61:ef:7f:62:71:96:0d:dc: 2b:1d:c0:3a:95:67:0f:f5:cc:e3:f9:3e:7d:db:73: 4c:d5:0e:0d:99:6e:cf:4e:47:f6:30:aa:13:e9:52: 95:a1:94:30:1c:52:a4:0d:34:a9:92:5c:2c:b3:25: 1e:6d:7d:a1:99:27:de:35:39:a3:4a:46:97:1c:f8: 77:4b:1c:0f:56:47:d9:a1:94:28:b0:e6:56:7f:b0: 40:9a:8b:ec:ab:68:a3:ee:3d:3e:23:72:66:34:1c: bd:36:52:23:4e:47:3c:22:0f:f4:8f:a7:2e:2d:bc: 98:b5:3e:c8:7e:fa:40:0d:a0:d0:66:f8:dd:7c:fd: 39:15:4b:be:3f:5a:97:6b:1b:c9:7c:44:87:08:ec: 43:55:db:29:8c:62:c2:5d:f3:9d:e9:28:f3:16:2a: f2:7e:fb:4b:28:53:ef:ca:84:f7:62:7b:b1:b2:23: 68:86:ba:04:d5:83:a6:98:50:43:90:d5:df:29:30: 7b:1d:14:ae:9d:04:13:a7:34:8e:c1:15:2e:aa:24: eb:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:92:5F:CC:31:D3:95:1D:19:91:80:79:BE:E4:88:98:03:9E:1D:6E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145653.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abbb::/32 Signature Algorithm: sha256WithRSAEncryption 17:54:a5:62:01:ac:01:f9:4c:47:b8:6b:a3:0b:8e:3b:e9:8e: b2:c6:c4:24:64:fd:36:05:7f:38:61:43:9a:47:9e:f4:16:67: 2e:f3:9b:77:76:a8:ac:98:3e:6a:52:ee:d1:b5:91:99:89:f9: 6a:a5:cc:cd:68:59:3f:6e:7a:9e:38:b5:79:e0:ee:cf:73:d2: f2:69:3e:56:39:35:70:83:6a:59:35:83:fa:dd:8f:d9:16:22: 2d:d5:12:a1:d5:b0:a6:cc:6a:c5:2e:1d:92:6d:16:0a:ba:c3: 99:ca:7b:00:4b:cb:82:cb:4d:de:82:19:57:12:5f:a9:c2:ae: 68:b5:d0:79:d9:49:34:03:d9:b1:6c:e8:87:4b:08:c7:e1:5c: 36:3f:7a:7f:ef:9a:d6:ab:9a:9c:a9:f1:52:20:99:35:e9:84: 16:84:8d:c2:fa:ac:95:43:8f:9c:cc:f1:3e:36:18:11:61:de: 35:3f:e2:80:7c:04:28:ac:15:39:96:5f:5f:ae:65:67:ca:80: 82:bc:64:58:25:b9:d3:a9:16:59:28:ce:84:69:02:41:df:6a: fc:96:58:a1:4a:e3:82:13:5a:35:26:8c:13:bb:57:6a:98:5a: 3c:61:53:55:3c:0b:3b:2f:b7:d3:9a:41:65:25:47:9e:8e:02: 66:d7:f3:a4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUESGlVJzWILo5NaG+hx1fW8mFpYEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ0NVoX DTI3MDMwMzA2Mjk0NVowMzExMC8GA1UEAxMoOTc5MjVGQ0MzMUQzOTUxRDE5OTE4 MDc5QkVFNDg4OTgwMzlFMUQ2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsR44kXWnKkD+lMDU2X/WajMdw8XigAU+lAQTu4kuD2V4onsA2O/DGIvZCY Rx3UWBQCb2Hvf2Jxlg3cKx3AOpVnD/XM4/k+fdtzTNUODZluz05H9jCqE+lSlaGU MBxSpA00qZJcLLMlHm19oZkn3jU5o0pGlxz4d0scD1ZH2aGUKLDmVn+wQJqL7Kto o+49PiNyZjQcvTZSI05HPCIP9I+nLi28mLU+yH76QA2g0Gb43Xz9ORVLvj9al2sb yXxEhwjsQ1XbKYxiwl3zneko8xYq8n77SyhT78qE92J7sbIjaIa6BNWDpphQQ5DV 3ykwex0Urp0EE6c0jsEVLqok68MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSXkl/M MdOVHRmRgHm+5IiYA54dbjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q7swDQYJKoZIhvcNAQELBQADggEBABdUpWIBrAH5TEe4a6MLjjvpjrLGxCRk/TYF fzhhQ5pHnvQWZy7zm3d2qKyYPmpS7tG1kZmJ+WqlzM1oWT9uep44tXng7s9z0vJp PlY5NXCDalk1g/rdj9kWIi3VEqHVsKbMasUuHZJtFgq6w5nKewBLy4LLTd6CGVcS X6nCrmi10HnZSTQD2bFs6IdLCMfhXDY/en/vmtarmpyp8VIgmTXphBaEjcL6rJVD j5zM8T42GBFh3jU/4oB8BCisFTmWX1+uZWfKgIK8ZFgludOpFlkozoRpAkHfavyW WKFK44ITWjUmjBO7V2qYWjxhU1U8Czsvt9OaQWUlR56OAmbX86Q= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:15 2026 by rpki-client