$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145654.roa File: AS145654.roa (raw, json) Hash identifier: tNd9XrWO/aQw9YHUNYbOzccj6Dl5jO2/dKC7T1qfzu8= Subject key identifier: 6E:8A:2B:6B:B4:38:B8:C2:1A:B2:9B:E1:97:5B:9A:F2:62:52:C2:D0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C1864A43795319CF92E14F30F685DE4E0AC6A63 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145654.roa Signing time: Wed 04 Mar 2026 06:30:17 +0000 ROA not before: Wed 04 Mar 2026 06:25:17 +0000 ROA not after: Wed 03 Mar 2027 06:30:17 +0000 asID: 145654 IP address blocks: 240a:abbc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:18:64:a4:37:95:31:9c:f9:2e:14:f3:0f:68:5d:e4:e0:ac:6a:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:17 2026 GMT Not After : Mar 3 06:30:17 2027 GMT Subject: CN=6E8A2B6BB438B8C21AB29BE1975B9AF26252C2D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9d:7c:1b:aa:84:1f:a8:0b:21:27:8f:ac:66: 4a:8c:95:99:76:16:ce:ac:d9:41:db:5e:71:60:9f: ce:f7:8c:87:62:f5:70:67:0f:b8:bb:6c:66:17:c6: ed:06:54:fe:54:ca:11:1a:04:bb:8b:17:24:5d:8d: 9a:de:9c:a9:95:f7:b5:d7:46:b5:f3:85:ef:fa:ac: c0:64:a1:e4:c2:81:5f:e2:ee:94:56:f8:bf:69:2e: 9c:ee:aa:66:3a:7a:8e:d6:d8:71:f9:67:a9:af:b7: 38:57:65:59:80:63:57:35:cd:67:55:b7:ae:e1:e1: a7:2e:aa:8f:68:8b:c9:ad:6a:08:07:e2:5b:f6:26: 02:4a:af:ab:78:9a:9f:cc:24:47:79:e4:23:10:07: 71:5e:e0:5c:fb:1b:3a:d0:75:bb:01:16:8f:f3:92: b4:a9:94:cb:4e:8c:eb:1e:ca:10:b6:e7:af:b2:42: 80:42:cc:67:8e:42:f2:b2:6e:24:ed:49:25:1e:a0: 7d:91:7b:c3:f7:6d:9c:b6:30:4f:0e:53:4f:da:93: 8f:64:a3:0e:97:ee:ca:02:b3:32:ec:f0:ad:c4:f7: a5:3b:dd:17:ae:c3:ff:cd:0e:a3:53:da:c2:b5:c5: 44:fb:00:c7:a6:47:0c:c2:19:a2:8e:a2:2a:a8:7f: 12:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:8A:2B:6B:B4:38:B8:C2:1A:B2:9B:E1:97:5B:9A:F2:62:52:C2:D0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145654.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abbc::/32 Signature Algorithm: sha256WithRSAEncryption 2f:4d:f5:5b:bd:cb:6b:bc:82:5f:a0:e3:cb:94:1b:ab:6d:63: fb:cd:b5:b5:b4:48:a9:5f:f2:90:e9:26:cc:91:bd:e5:b8:45: 05:43:21:76:86:85:ba:6d:e5:24:f7:2f:8d:a7:ce:61:73:77: c9:2f:24:21:ea:10:18:e7:a5:aa:57:e2:8a:a8:1d:c8:49:fc: d9:ca:ce:70:a3:4a:63:4f:56:c4:a5:31:66:9f:7a:71:86:f2: 29:93:12:fa:d9:25:a0:fa:72:41:8d:cf:97:3c:1a:d2:63:ea: c8:d4:8e:0c:6c:5e:2e:6a:f7:50:31:70:85:aa:b8:d3:4d:29: 38:39:0a:86:36:bf:6f:e4:04:74:0f:ac:9b:57:e0:fc:8c:3d: 00:f3:5c:f8:fc:5b:ca:22:78:3c:31:5c:33:a0:3c:1a:a4:a5: 2e:74:84:77:08:9c:ca:9f:fb:ab:dd:cd:bf:00:87:74:20:69: e7:c1:fe:8f:c2:5f:ca:79:b9:eb:20:92:c0:8b:8d:84:6e:fd: 17:77:5d:7d:ae:99:35:4f:89:9f:59:48:0c:0e:13:90:aa:38: d6:db:7e:0e:2c:b5:6d:2d:d4:76:94:8e:1c:58:5d:15:d8:7f: 74:e5:b8:e7:2c:44:7b:04:14:28:77:78:e5:55:d3:aa:ef:a0: 3e:0b:3c:27 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfBhkpDeVMZz5LhTzD2hd5OCsamMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxN1oX DTI3MDMwMzA2MzAxN1owMzExMC8GA1UEAxMoNkU4QTJCNkJCNDM4QjhDMjFBQjI5 QkUxOTc1QjlBRjI2MjUyQzJEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALGdfBuqhB+oCyEnj6xmSoyVmXYWzqzZQdtecWCfzveMh2L1cGcPuLtsZhfG 7QZU/lTKERoEu4sXJF2Nmt6cqZX3tddGtfOF7/qswGSh5MKBX+LulFb4v2kunO6q Zjp6jtbYcflnqa+3OFdlWYBjVzXNZ1W3ruHhpy6qj2iLya1qCAfiW/YmAkqvq3ia n8wkR3nkIxAHcV7gXPsbOtB1uwEWj/OStKmUy06M6x7KELbnr7JCgELMZ45C8rJu JO1JJR6gfZF7w/dtnLYwTw5TT9qTj2SjDpfuygKzMuzwrcT3pTvdF67D/80Oo1Pa wrXFRPsAx6ZHDMIZoo6iKqh/EgkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRuiitr tDi4whqym+GXW5ryYlLC0DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q7wwDQYJKoZIhvcNAQELBQADggEBAC9N9Vu9y2u8gl+g48uUG6ttY/vNtbW0SKlf 8pDpJsyRveW4RQVDIXaGhbpt5ST3L42nzmFzd8kvJCHqEBjnpapX4oqoHchJ/NnK znCjSmNPVsSlMWafenGG8imTEvrZJaD6ckGNz5c8GtJj6sjUjgxsXi5q91AxcIWq uNNNKTg5CoY2v2/kBHQPrJtX4PyMPQDzXPj8W8oieDwxXDOgPBqkpS50hHcInMqf +6vdzb8Ah3QgaefB/o/CX8p5uesgksCLjYRu/Rd3XX2umTVPiZ9ZSAwOE5CqONbb fg4stW0t1HaUjhxYXRXYf3TluOcsRHsEFCh3eOVV06rvoD4LPCc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:11 2026 by rpki-client