$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145656.roa File: AS145656.roa (raw, json) Hash identifier: jqsMxlUKWpijT8UspW2QIm5kvlPZYvubPDvUDkFs90s= Subject key identifier: 39:9B:3C:43:8C:56:47:76:69:1F:22:3E:B0:62:62:CA:D1:D5:A8:EA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0766B0CF3D5F4D7FAF2D2093DDDEDC7B63E5C310 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145656.roa Signing time: Wed 04 Mar 2026 06:30:18 +0000 ROA not before: Wed 04 Mar 2026 06:25:18 +0000 ROA not after: Wed 03 Mar 2027 06:30:18 +0000 asID: 145656 IP address blocks: 240a:abbe::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:66:b0:cf:3d:5f:4d:7f:af:2d:20:93:dd:de:dc:7b:63:e5:c3:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:18 2026 GMT Not After : Mar 3 06:30:18 2027 GMT Subject: CN=399B3C438C564776691F223EB06262CAD1D5A8EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:9e:53:92:14:ea:49:fc:42:56:a5:19:d8:78: 82:80:58:ea:03:8d:5f:b5:48:d0:cc:3e:41:df:60: bf:8d:75:02:76:9e:5e:d4:3a:a6:fb:79:a3:85:92: 1f:50:e4:d4:85:72:ec:af:09:e3:ad:0f:d9:91:8b: 91:53:d3:d6:f3:dd:19:9f:14:6c:02:ab:9e:ae:1a: f4:e4:c0:bf:f2:0f:53:bf:a0:f2:fe:7a:1c:90:24: 90:50:df:68:0e:e9:5b:99:34:79:ec:d5:2a:a5:6c: f0:58:77:39:98:0f:bd:42:07:07:ea:1d:ae:a6:47: 10:d1:27:28:a3:2c:d3:7d:c2:31:a5:ac:f8:93:51: 77:2e:42:af:aa:56:46:ba:4e:fc:cb:fc:f5:d8:18: 3f:66:72:66:10:a9:ab:f8:9e:5e:78:bc:c3:8b:b0: 61:dd:96:ce:ce:3b:4d:de:f3:cb:72:6f:c8:5a:46: 3e:c6:d8:f5:46:87:8d:16:2f:cb:90:77:09:b6:54: 31:ce:34:61:57:a2:7a:a1:11:c3:ce:08:3e:a1:0c: ea:f9:ab:d3:5f:57:5e:04:3f:2e:0f:6a:f2:29:05: 67:82:d7:96:c2:b0:16:72:99:ee:45:a8:34:56:98: 22:51:b2:21:5a:5f:86:12:ed:32:bb:c1:f6:42:e4: 51:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:9B:3C:43:8C:56:47:76:69:1F:22:3E:B0:62:62:CA:D1:D5:A8:EA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145656.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abbe::/32 Signature Algorithm: sha256WithRSAEncryption dd:64:a5:1e:1e:9a:52:24:c9:8c:10:01:62:c8:f6:b6:d7:6f: 92:ef:cc:f9:19:06:bc:f3:5c:35:24:a5:d4:2d:5e:eb:b1:d2: 67:e2:f8:b2:59:75:c0:de:29:86:ce:8e:50:78:94:8b:ee:d9: 37:12:2b:12:fc:0a:d0:ac:31:66:a9:79:be:45:b4:04:fa:96: 81:c9:78:c5:6b:4d:1b:6c:d5:18:eb:88:1f:be:35:41:89:c7: 21:60:0e:a0:21:f6:17:6f:f4:4c:62:b5:f9:bb:8b:e1:19:c7: de:e2:f1:e0:6c:d7:2e:de:e9:9c:b6:2c:d5:15:aa:b6:a0:54: b5:ce:56:93:5f:fb:69:ae:e0:a8:c7:02:43:d0:b7:cb:25:11: ed:36:43:fb:7f:c5:19:4b:18:2c:07:c5:c5:39:ae:3f:0d:0c: aa:8b:31:10:95:d0:5f:b4:e2:0e:6b:7c:e3:c5:d2:f1:75:c8: dd:99:bf:a8:c9:f3:92:06:fd:60:3f:27:9e:d2:02:de:d2:0d: 2a:e4:c7:33:63:c5:a9:a0:b3:b9:4b:e8:38:b9:5a:0b:a9:44: 6a:00:67:49:9a:bb:04:72:f0:b9:b6:59:d1:23:8c:27:8c:0f: 13:d8:4f:f2:0b:6d:81:1f:dd:a0:5a:14:b8:23:51:d4:2e:53: a7:95:e0:39 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUB2awzz1fTX+vLSCT3d7ce2PlwxAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxOFoX DTI3MDMwMzA2MzAxOFowMzExMC8GA1UEAxMoMzk5QjNDNDM4QzU2NDc3NjY5MUYy MjNFQjA2MjYyQ0FEMUQ1QThFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6eU5IU6kn8QlalGdh4goBY6gONX7VI0Mw+Qd9gv411AnaeXtQ6pvt5o4WS H1Dk1IVy7K8J460P2ZGLkVPT1vPdGZ8UbAKrnq4a9OTAv/IPU7+g8v56HJAkkFDf aA7pW5k0eezVKqVs8Fh3OZgPvUIHB+odrqZHENEnKKMs033CMaWs+JNRdy5Cr6pW RrpO/Mv89dgYP2ZyZhCpq/ieXni8w4uwYd2Wzs47Td7zy3JvyFpGPsbY9UaHjRYv y5B3CbZUMc40YVeieqERw84IPqEM6vmr019XXgQ/Lg9q8ikFZ4LXlsKwFnKZ7kWo NFaYIlGyIVpfhhLtMrvB9kLkUY8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ5mzxD jFZHdmkfIj6wYmLK0dWo6jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q74wDQYJKoZIhvcNAQELBQADggEBAN1kpR4emlIkyYwQAWLI9rbXb5LvzPkZBrzz XDUkpdQtXuux0mfi+LJZdcDeKYbOjlB4lIvu2TcSKxL8CtCsMWapeb5FtAT6loHJ eMVrTRts1RjriB++NUGJxyFgDqAh9hdv9Exitfm7i+EZx97i8eBs1y7e6Zy2LNUV qragVLXOVpNf+2mu4KjHAkPQt8slEe02Q/t/xRlLGCwHxcU5rj8NDKqLMRCV0F+0 4g5rfOPF0vF1yN2Zv6jJ85IG/WA/J57SAt7SDSrkxzNjxamgs7lL6Di5WgupRGoA Z0mauwRy8Lm2WdEjjCeMDxPYT/ILbYEf3aBaFLgjUdQuU6eV4Dk= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:12 2026 by rpki-client