$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145671.roa File: AS145671.roa (raw, json) Hash identifier: xXFQY4rwB/sdrOz7EBZ0zKThMM8QkS03AKQbAeRMwMc= Subject key identifier: 09:29:6B:B8:C2:8B:18:39:BD:C0:A2:75:46:98:B3:B2:F8:46:57:68 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 35A00A4C47E9AAA9B0F72FCE3EED4B7903418D8C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145671.roa Signing time: Wed 04 Mar 2026 06:30:45 +0000 ROA not before: Wed 04 Mar 2026 06:25:45 +0000 ROA not after: Wed 03 Mar 2027 06:30:45 +0000 asID: 145671 IP address blocks: 240a:abcd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:a0:0a:4c:47:e9:aa:a9:b0:f7:2f:ce:3e:ed:4b:79:03:41:8d:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:45 2026 GMT Not After : Mar 3 06:30:45 2027 GMT Subject: CN=09296BB8C28B1839BDC0A2754698B3B2F8465768 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:39:5e:6d:6e:0d:12:52:ac:18:44:3c:f7:34: fc:9e:59:53:56:cc:fe:18:0b:3c:d5:f2:df:65:0a: e8:e1:c3:fc:8f:64:60:94:ff:ae:41:e1:98:91:94: 59:81:f9:d1:97:99:a1:1c:49:03:6f:14:d3:f0:22: d2:44:4d:91:0a:61:00:bf:03:7b:4c:de:2c:61:cb: 18:08:64:73:39:49:11:b4:93:da:7e:85:16:4d:15: 27:41:cd:a6:99:52:30:01:41:78:49:bb:d2:ff:2e: b2:cc:d5:fe:16:cf:33:49:59:2d:f8:de:d0:69:93: ec:ea:a7:a3:cb:44:54:af:32:9d:47:4c:99:6f:77: 19:e2:e7:e5:60:3a:fb:5d:04:74:c5:f7:ba:b9:3c: e1:1a:4b:8d:3a:2e:a8:73:cd:8f:4f:3d:4d:c4:98: fc:22:30:52:56:18:95:cc:c1:a1:e5:f4:10:48:85: 26:9c:3b:2d:c7:e4:28:e9:92:74:eb:55:03:a5:64: 23:2c:db:37:41:5b:ab:b6:da:c7:1c:d4:1a:c0:8c: 9c:e8:2c:ad:10:63:a9:c8:df:ff:ae:09:f5:49:1f: 17:26:7d:60:e8:d2:fe:86:27:7c:31:ce:ff:53:55: f8:f0:1e:0c:9b:f0:3c:21:07:65:7b:04:e7:05:e1: 37:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:29:6B:B8:C2:8B:18:39:BD:C0:A2:75:46:98:B3:B2:F8:46:57:68 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145671.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abcd::/32 Signature Algorithm: sha256WithRSAEncryption 5d:79:6a:cc:15:ca:d2:af:2f:e8:33:e8:c1:56:5b:06:1f:2f: b3:89:2d:43:81:cf:66:80:7a:8c:84:91:03:77:a5:c6:3f:58: 8f:b5:90:7e:d7:e0:cd:82:4e:67:fe:bd:21:0a:0f:2f:13:a6: 85:62:7f:32:75:d9:55:7e:01:31:cc:b3:64:04:f9:7a:5f:d8: ec:86:da:7e:88:66:f1:b7:3b:3a:7f:cc:d4:90:fe:3a:91:3e: 4a:55:f2:b3:ec:df:7c:1d:a9:6f:77:60:30:bd:0f:7c:a1:aa: 52:10:ca:6a:2d:68:cb:c9:65:fe:a5:98:f3:b0:be:08:55:ed: ab:2b:dc:50:db:96:d0:eb:a1:b0:f0:c9:85:2e:b5:20:c4:db: 0f:7f:30:84:db:d6:62:88:51:b4:12:10:82:13:8c:1d:fa:14: 0a:de:07:76:89:a2:75:39:90:12:37:ab:4a:3d:ce:cd:ec:09: 4e:92:62:c7:eb:eb:d0:a0:b5:7a:b6:86:26:4f:29:82:ff:a0: f8:ba:75:24:57:cf:35:b6:6f:b5:8e:b4:ed:3c:cc:73:e5:6f: bb:6d:9b:70:26:2a:19:8e:46:73:58:80:fe:46:91:7e:dc:80: 61:e4:0d:9c:ba:ce:0d:83:43:fb:a0:a7:35:e3:ab:38:08:9e: ba:74:c1:34 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNaAKTEfpqqmw9y/OPu1LeQNBjYwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0NVoX DTI3MDMwMzA2MzA0NVowMzExMC8GA1UEAxMoMDkyOTZCQjhDMjhCMTgzOUJEQzBB Mjc1NDY5OEIzQjJGODQ2NTc2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMk5Xm1uDRJSrBhEPPc0/J5ZU1bM/hgLPNXy32UK6OHD/I9kYJT/rkHhmJGU WYH50ZeZoRxJA28U0/Ai0kRNkQphAL8De0zeLGHLGAhkczlJEbST2n6FFk0VJ0HN pplSMAFBeEm70v8usszV/hbPM0lZLfje0GmT7Oqno8tEVK8ynUdMmW93GeLn5WA6 +10EdMX3urk84RpLjTouqHPNj089TcSY/CIwUlYYlczBoeX0EEiFJpw7LcfkKOmS dOtVA6VkIyzbN0Fbq7baxxzUGsCMnOgsrRBjqcjf/64J9UkfFyZ9YOjS/oYnfDHO /1NV+PAeDJvwPCEHZXsE5wXhN5sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQJKWu4 wosYOb3AonVGmLOy+EZXaDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q80wDQYJKoZIhvcNAQELBQADggEBAF15aswVytKvL+gz6MFWWwYfL7OJLUOBz2aA eoyEkQN3pcY/WI+1kH7X4M2CTmf+vSEKDy8TpoVifzJ12VV+ATHMs2QE+Xpf2OyG 2n6IZvG3Ozp/zNSQ/jqRPkpV8rPs33wdqW93YDC9D3yhqlIQymotaMvJZf6lmPOw vghV7asr3FDbltDrobDwyYUutSDE2w9/MITb1mKIUbQSEIITjB36FAreB3aJonU5 kBI3q0o9zs3sCU6SYsfr69CgtXq2hiZPKYL/oPi6dSRXzzW2b7WOtO08zHPlb7tt m3AmKhmORnNYgP5GkX7cgGHkDZy6zg2DQ/ugpzXjqzgInrp0wTQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:13 2026 by rpki-client