$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145666.roa File: AS145666.roa (raw, json) Hash identifier: IkIqroTpBxUp83bTh6Pk2CPmFC7divStq5XIpmcb8BI= Subject key identifier: E3:A2:CB:47:39:82:2E:A0:15:A3:90:0D:03:F4:18:86:84:57:C8:4A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 64FF354201006BF2D847DBB1FE647C30AFBD4186 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145666.roa Signing time: Wed 04 Mar 2026 06:30:15 +0000 ROA not before: Wed 04 Mar 2026 06:25:15 +0000 ROA not after: Wed 03 Mar 2027 06:30:15 +0000 asID: 145666 IP address blocks: 240a:abc8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:ff:35:42:01:00:6b:f2:d8:47:db:b1:fe:64:7c:30:af:bd:41:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:15 2026 GMT Not After : Mar 3 06:30:15 2027 GMT Subject: CN=E3A2CB4739822EA015A3900D03F418868457C84A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:46:2d:7c:8b:7a:26:60:8f:bc:a5:99:35:7e: 40:c2:a4:2c:ac:29:2a:34:66:27:e8:f3:8f:aa:4c: c6:af:35:af:20:3b:bc:ce:19:e7:e7:67:cc:26:89: 2d:7a:07:17:c7:5c:9f:17:6d:bf:52:ca:2a:04:65: 11:83:6a:db:ef:28:00:d6:9f:51:09:de:5d:2f:e7: ba:ed:16:e1:52:d5:b3:e1:90:f8:e1:6f:05:7d:b9: 68:d1:3c:2a:34:ee:e7:ee:9b:61:ee:e1:ae:03:ec: 7b:a1:56:40:de:90:6e:4a:65:d2:cf:fd:d6:7c:c5: 0c:d3:47:03:73:4a:26:8b:06:f1:c0:ef:1e:4c:90: fd:18:93:10:c0:52:af:3c:f1:7f:a6:88:0a:18:ac: fa:51:95:e3:e5:1d:08:7b:5e:54:31:e9:4c:63:9c: aa:b5:a4:48:ff:91:3e:c9:7e:f7:68:90:f0:b2:cc: 01:d7:b2:87:95:86:ac:09:1a:cf:1b:82:36:eb:70: a0:8b:c6:88:19:7f:37:e6:8a:93:89:78:d8:a5:b8: 28:3d:48:c0:28:81:f5:60:ff:b2:37:d3:9e:a2:1e: 66:02:b5:85:4e:b6:07:aa:4a:21:8b:6c:16:2a:5f: 45:9a:e7:bf:fb:cb:41:c9:b6:a8:00:af:1e:dd:a3: bf:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A2:CB:47:39:82:2E:A0:15:A3:90:0D:03:F4:18:86:84:57:C8:4A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145666.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abc8::/32 Signature Algorithm: sha256WithRSAEncryption 34:ff:26:25:ec:ca:39:91:ac:c5:d9:f2:ba:b5:c2:d8:20:e5: 62:bb:6e:9b:bb:fd:e0:b1:6a:2f:f3:e1:7b:f8:86:28:a3:dd: df:42:c6:7f:94:f1:0e:39:e7:72:b2:19:e3:bf:26:e6:10:57: af:97:54:d7:23:6d:1a:f8:cc:c7:96:80:99:a6:31:d2:48:80: 0a:09:22:cc:1e:6c:df:5b:7d:88:f6:6a:e2:62:64:e0:d3:73: e2:01:30:e9:76:f5:03:f3:06:a6:59:d7:2e:58:c7:fb:56:7b: 70:19:37:6b:60:eb:c4:2b:b8:8e:15:8d:19:07:b3:19:0e:f7: 98:fc:4f:e7:a2:55:7d:e2:73:fb:04:7f:66:82:8a:9a:b4:45: c6:21:1b:98:f2:df:1c:ac:b7:2c:96:a7:39:fe:5a:66:67:eb: 5d:8f:09:06:00:61:ef:02:87:b8:b6:8b:ac:b7:9d:e0:67:7c: 17:b5:ad:01:9a:74:b3:d9:60:61:39:5a:4a:2e:b6:b9:cc:c8: 73:13:14:5a:f2:b5:1d:34:7c:00:f6:af:3f:bd:78:c5:c5:a3: 4e:62:27:6c:08:70:7f:cd:92:01:c2:23:aa:d2:9d:9b:28:57: fe:34:df:13:8d:63:a4:f5:bc:50:44:65:0f:32:48:c3:3c:16: a1:ee:7d:6b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZP81QgEAa/LYR9ux/mR8MK+9QYYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxNVoX DTI3MDMwMzA2MzAxNVowMzExMC8GA1UEAxMoRTNBMkNCNDczOTgyMkVBMDE1QTM5 MDBEMDNGNDE4ODY4NDU3Qzg0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPRGLXyLeiZgj7ylmTV+QMKkLKwpKjRmJ+jzj6pMxq81ryA7vM4Z5+dnzCaJ LXoHF8dcnxdtv1LKKgRlEYNq2+8oANafUQneXS/nuu0W4VLVs+GQ+OFvBX25aNE8 KjTu5+6bYe7hrgPse6FWQN6Qbkpl0s/91nzFDNNHA3NKJosG8cDvHkyQ/RiTEMBS rzzxf6aIChis+lGV4+UdCHteVDHpTGOcqrWkSP+RPsl+92iQ8LLMAdeyh5WGrAka zxuCNutwoIvGiBl/N+aKk4l42KW4KD1IwCiB9WD/sjfTnqIeZgK1hU62B6pKIYts FipfRZrnv/vLQcm2qACvHt2jv3UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTjostH OYIuoBWjkA0D9BiGhFfISjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY2Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q8gwDQYJKoZIhvcNAQELBQADggEBADT/JiXsyjmRrMXZ8rq1wtgg5WK7bpu7/eCx ai/z4Xv4hiij3d9Cxn+U8Q4553KyGeO/JuYQV6+XVNcjbRr4zMeWgJmmMdJIgAoJ IswebN9bfYj2auJiZODTc+IBMOl29QPzBqZZ1y5Yx/tWe3AZN2tg68QruI4VjRkH sxkO95j8T+eiVX3ic/sEf2aCipq0RcYhG5jy3xystyyWpzn+WmZn612PCQYAYe8C h7i2i6y3neBnfBe1rQGadLPZYGE5WkoutrnMyHMTFFrytR00fAD2rz+9eMXFo05i J2wIcH/NkgHCI6rSnZsoV/403xONY6T1vFBEZQ8ySMM8FqHufWs= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:29 2026 by rpki-client