$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145660.roa File: AS145660.roa (raw, json) Hash identifier: hNGoeVLcx4GRQ42CZn0zmqg1KyUJTIfiFBhwNI14W5Q= Subject key identifier: F8:FC:F0:B9:BE:7F:A5:7B:4B:BD:81:F4:77:5F:80:AD:96:A0:3E:15 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3211C6957176D89E663D9E284EE51322B7E2A222 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145660.roa Signing time: Wed 04 Mar 2026 06:29:51 +0000 ROA not before: Wed 04 Mar 2026 06:24:51 +0000 ROA not after: Wed 03 Mar 2027 06:29:51 +0000 asID: 145660 IP address blocks: 240a:abc2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:11:c6:95:71:76:d8:9e:66:3d:9e:28:4e:e5:13:22:b7:e2:a2:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:51 2026 GMT Not After : Mar 3 06:29:51 2027 GMT Subject: CN=F8FCF0B9BE7FA57B4BBD81F4775F80AD96A03E15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:63:53:f2:b2:20:19:c9:ba:62:a5:36:67:50: 5d:33:b0:ca:bc:ba:6a:31:42:28:1a:5f:01:9c:4f: 76:5e:95:03:66:96:b3:fd:28:23:00:ad:01:e0:87: 88:4e:9e:ce:13:75:84:0a:c6:1d:4b:4d:13:a8:a5: f2:9f:e5:17:d0:7d:10:22:f3:1c:29:b8:7c:d0:c5: 93:df:b7:97:1e:52:87:85:ef:ba:ba:2a:e7:1d:d3: b2:a5:4a:e3:a7:ca:da:03:1e:31:cd:cc:21:b9:e5: db:93:92:ba:8f:a4:c5:82:a8:32:81:62:1b:b1:9b: 58:d5:79:ab:63:2d:b0:a2:a0:cb:8d:95:34:97:e6: 49:0b:e7:c9:d2:94:bc:84:0e:8b:a3:15:14:31:35: 7e:67:34:8e:80:4e:b9:88:76:be:b9:55:a9:b5:6c: a9:d6:7c:46:f2:31:ef:50:6d:2d:cb:2a:ba:a4:68: 91:02:52:f5:ed:b4:e1:c2:4f:b1:f7:b8:08:b7:b2: 8c:1d:9d:63:bc:3b:ef:10:d5:d0:74:a2:56:88:76: 23:b8:aa:93:c6:28:5f:59:0d:78:5c:0b:db:8c:33: 59:80:bb:8c:2c:aa:e3:c1:38:87:d6:90:db:6c:18: 71:07:91:e4:81:9f:ed:ba:16:86:82:d3:61:cd:76: bd:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:FC:F0:B9:BE:7F:A5:7B:4B:BD:81:F4:77:5F:80:AD:96:A0:3E:15 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145660.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abc2::/32 Signature Algorithm: sha256WithRSAEncryption da:ee:91:43:27:48:36:93:4c:c2:b4:d5:f8:73:67:df:95:7d: b0:df:32:f2:e6:72:ca:6f:02:92:77:d7:78:66:c7:21:35:e2: 85:c3:29:17:84:09:9c:14:9a:86:4a:e9:b7:02:79:84:83:55: bb:57:60:6c:ea:bc:4a:15:d8:c4:36:ae:d5:f7:5e:b1:56:39: d8:81:94:0d:e8:38:36:f9:7c:15:de:a5:dd:a9:33:42:3c:d0: 75:d3:30:f4:a7:dd:49:74:f8:f4:69:91:65:de:5b:1e:cf:66: 56:0a:c9:aa:32:08:fc:3a:6a:5c:a1:37:35:ee:15:24:ec:ea: 01:8d:8e:55:ce:e3:73:5d:8c:79:c4:a7:52:8b:ed:74:40:bd: f7:41:39:d5:e5:82:d1:45:01:23:3c:6c:e7:16:4f:ca:0e:09: 26:7a:52:93:2d:ec:66:73:b3:05:94:92:56:f2:07:30:0c:3a: ea:19:f4:ee:0c:c1:11:c8:cd:e0:d6:bf:ed:ef:69:25:5c:da: be:f5:06:c4:b0:3e:2c:49:04:86:68:b1:11:69:91:00:98:38: 25:97:e3:9b:0e:66:b0:f9:de:b7:d2:9f:47:08:4d:e5:7e:fb: e2:10:91:06:98:5e:ee:05:fa:37:1d:18:eb:71:77:3e:7d:c0: 2d:b1:f5:70 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMhHGlXF22J5mPZ4oTuUTIrfioiIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQ1MVoX DTI3MDMwMzA2Mjk1MVowMzExMC8GA1UEAxMoRjhGQ0YwQjlCRTdGQTU3QjRCQkQ4 MUY0Nzc1RjgwQUQ5NkEwM0UxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ9jU/KyIBnJumKlNmdQXTOwyry6ajFCKBpfAZxPdl6VA2aWs/0oIwCtAeCH iE6ezhN1hArGHUtNE6il8p/lF9B9ECLzHCm4fNDFk9+3lx5Sh4Xvuroq5x3TsqVK 46fK2gMeMc3MIbnl25OSuo+kxYKoMoFiG7GbWNV5q2MtsKKgy42VNJfmSQvnydKU vIQOi6MVFDE1fmc0joBOuYh2vrlVqbVsqdZ8RvIx71BtLcsquqRokQJS9e204cJP sfe4CLeyjB2dY7w77xDV0HSiVoh2I7iqk8YoX1kNeFwL24wzWYC7jCyq48E4h9aQ 22wYcQeR5IGf7boWhoLTYc12vecCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT4/PC5 vn+le0u9gfR3X4CtlqA+FTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q8IwDQYJKoZIhvcNAQELBQADggEBANrukUMnSDaTTMK01fhzZ9+VfbDfMvLmcspv ApJ313hmxyE14oXDKReECZwUmoZK6bcCeYSDVbtXYGzqvEoV2MQ2rtX3XrFWOdiB lA3oODb5fBXepd2pM0I80HXTMPSn3Ul0+PRpkWXeWx7PZlYKyaoyCPw6alyhNzXu FSTs6gGNjlXO43NdjHnEp1KL7XRAvfdBOdXlgtFFASM8bOcWT8oOCSZ6UpMt7GZz swWUklbyBzAMOuoZ9O4MwRHIzeDWv+3vaSVc2r71BsSwPixJBIZosRFpkQCYOCWX 45sOZrD53rfSn0cITeV+++IQkQaYXu4F+jcdGOtxdz59wC2x9XA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:08 2026 by rpki-client