$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145659.roa File: AS145659.roa (raw, json) Hash identifier: lX3YS3waPR/Jm8EkNPbFjKIBDGKwcgnrsVv19L8iLEY= Subject key identifier: 08:2E:97:9D:39:61:3D:8A:62:56:E4:BE:65:7A:ED:82:41:16:30:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 76A4969B547098BF40699B5E0D1253AEBFAC956A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145659.roa Signing time: Wed 04 Mar 2026 06:30:06 +0000 ROA not before: Wed 04 Mar 2026 06:25:06 +0000 ROA not after: Wed 03 Mar 2027 06:30:06 +0000 asID: 145659 IP address blocks: 240a:abc1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:a4:96:9b:54:70:98:bf:40:69:9b:5e:0d:12:53:ae:bf:ac:95:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:06 2026 GMT Not After : Mar 3 06:30:06 2027 GMT Subject: CN=082E979D39613D8A6256E4BE657AED82411630F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:3b:d9:c2:fe:dd:b1:79:24:fb:e1:65:9b:96: 63:82:a2:31:51:10:b8:7f:fc:0e:57:e6:d6:7f:06: 44:a2:da:ce:64:42:13:22:88:be:62:d7:86:76:68: 52:b3:67:c2:7b:f2:af:c4:ce:a4:4d:1c:92:6e:94: 71:a0:95:52:33:6d:6e:f3:b4:cd:15:a8:10:f4:ee: 98:b7:2c:a4:d0:24:9f:ef:70:69:24:e2:3d:44:ca: 98:50:f2:c3:18:ca:75:20:01:d0:99:b8:e5:d0:a6: 7e:bb:ba:5b:ce:0b:c6:c6:08:21:20:eb:df:9b:77: 38:f1:9d:53:34:a0:9c:d4:78:c2:0d:9b:57:f2:d3: 63:29:08:f0:04:1b:a7:5d:01:96:67:32:9f:5e:29: 64:64:12:e0:04:e0:2c:72:80:e1:53:b5:e1:0c:72: c6:b1:ba:5a:43:4a:99:00:71:c7:e4:ac:ad:48:10: 87:d6:fd:8d:e7:6f:d9:a5:76:ed:fd:47:94:d2:87: 69:56:c7:e7:7f:c1:b3:13:71:37:8d:9f:00:ae:d7: 05:a0:b4:3b:57:b0:af:0c:1f:97:76:8d:92:24:02: 4c:27:39:42:bd:76:8f:a4:5b:9b:99:50:9a:a8:a6: 60:68:ee:1e:e8:31:d6:a9:a8:67:14:53:b4:cc:d0: cf:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:2E:97:9D:39:61:3D:8A:62:56:E4:BE:65:7A:ED:82:41:16:30:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145659.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abc1::/32 Signature Algorithm: sha256WithRSAEncryption 02:63:c2:0f:4d:8d:20:a5:2a:0c:79:85:09:a4:59:76:22:9b: f4:77:e7:80:9d:eb:e5:d3:1a:5e:36:b4:c9:6d:65:81:1f:57: 71:64:dc:ce:7a:37:4c:01:a3:6e:65:e5:32:db:09:85:de:07: 76:8a:d2:16:19:ff:19:1b:8f:5c:ae:91:57:c7:72:0d:1e:8a: 38:38:41:4a:4a:59:66:c1:1b:2d:91:fe:a4:4a:a6:5a:cf:c3: f3:c7:4c:1e:d2:25:ab:f7:4d:26:39:d8:59:3f:ad:9a:cb:0b: 67:3c:00:ee:80:49:6f:c0:1d:7b:6e:f0:32:5f:98:4e:15:6f: fc:ad:de:30:f5:86:e8:10:d3:c9:9a:1e:6a:fc:17:d9:e2:4b: 19:7f:6a:73:09:75:b9:e7:dd:31:93:8b:49:f8:3f:1f:19:c1: a6:8e:7a:ce:d8:47:29:31:22:40:dd:fd:5f:78:1b:f6:9c:10: 93:a7:0b:b4:b1:93:b1:51:bf:c5:bd:ad:c3:9c:0c:18:88:ee: a6:b6:c8:6e:e3:f2:c7:b8:10:53:e2:08:6f:79:de:77:fe:85: 39:32:8c:e8:ed:2e:84:af:a1:c2:dd:a2:d8:16:da:14:d0:13: d0:d0:80:06:23:b5:cf:d4:12:43:40:6f:a4:55:c8:63:74:bb: a2:30:2b:f3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdqSWm1RwmL9AaZteDRJTrr+slWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwNloX DTI3MDMwMzA2MzAwNlowMzExMC8GA1UEAxMoMDgyRTk3OUQzOTYxM0Q4QTYyNTZF NEJFNjU3QUVEODI0MTE2MzBGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI472cL+3bF5JPvhZZuWY4KiMVEQuH/8Dlfm1n8GRKLazmRCEyKIvmLXhnZo UrNnwnvyr8TOpE0ckm6UcaCVUjNtbvO0zRWoEPTumLcspNAkn+9waSTiPUTKmFDy wxjKdSAB0Jm45dCmfru6W84LxsYIISDr35t3OPGdUzSgnNR4wg2bV/LTYykI8AQb p10Blmcyn14pZGQS4ATgLHKA4VO14QxyxrG6WkNKmQBxx+SsrUgQh9b9jedv2aV2 7f1HlNKHaVbH53/BsxNxN42fAK7XBaC0O1ewrwwfl3aNkiQCTCc5Qr12j6Rbm5lQ mqimYGjuHugx1qmoZxRTtMzQzzECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQILped OWE9imJW5L5leu2CQRYw9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q8EwDQYJKoZIhvcNAQELBQADggEBAAJjwg9NjSClKgx5hQmkWXYim/R354Cd6+XT Gl42tMltZYEfV3Fk3M56N0wBo25l5TLbCYXeB3aK0hYZ/xkbj1yukVfHcg0eijg4 QUpKWWbBGy2R/qRKplrPw/PHTB7SJav3TSY52Fk/rZrLC2c8AO6ASW/AHXtu8DJf mE4Vb/yt3jD1hugQ08maHmr8F9niSxl/anMJdbnn3TGTi0n4Px8ZwaaOes7YRykx IkDd/V94G/acEJOnC7Sxk7FRv8W9rcOcDBiI7qa2yG7j8se4EFPiCG953nf+hTky jOjtLoSvocLdotgW2hTQE9DQgAYjtc/UEkNAb6RVyGN0u6IwK/M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:13 2026 by rpki-client