$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145673.roa File: AS145673.roa (raw, json) Hash identifier: fNlWCPasx9OiONi70PC5Gah0ec/NKnrpFh0Ba+3WyME= Subject key identifier: 8E:68:23:50:CA:B4:21:9B:02:52:E0:34:D5:E4:51:4A:52:E0:68:0A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 07F798F26F77A016FBCE29672A3FC76DD86CD323 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145673.roa Signing time: Wed 04 Mar 2026 06:31:09 +0000 ROA not before: Wed 04 Mar 2026 06:26:09 +0000 ROA not after: Wed 03 Mar 2027 06:31:09 +0000 asID: 145673 IP address blocks: 240a:abcf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:f7:98:f2:6f:77:a0:16:fb:ce:29:67:2a:3f:c7:6d:d8:6c:d3:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:26:09 2026 GMT Not After : Mar 3 06:31:09 2027 GMT Subject: CN=8E682350CAB4219B0252E034D5E4514A52E0680A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:79:28:fe:b1:63:af:9e:9c:60:32:89:f0:d2: 6b:f1:d8:6c:8b:83:2e:c8:e6:89:a6:ca:d2:0e:f9: 6e:71:a6:67:0a:d0:2e:24:b6:73:bc:1f:f5:f0:1f: 99:f7:e1:9b:df:25:b5:cf:ef:ed:7e:1c:ce:df:aa: 59:2c:a1:2e:c8:14:5c:bc:11:b1:8c:16:70:b6:a0: 7a:2d:e4:6d:aa:d8:2c:5a:74:2f:0e:fe:c3:e7:28: 13:f2:bc:67:ca:75:dc:8d:a1:cd:4d:d2:90:f2:a5: 02:05:2a:24:98:5d:4e:fa:18:bd:07:68:83:1b:fa: 58:cc:ed:fe:64:d7:b1:ee:bc:a4:27:73:58:96:f5: 0b:6f:e5:98:b7:50:ee:b5:99:6c:86:fd:ea:94:f3: 56:c3:32:17:ec:c4:1b:bc:39:eb:ac:9d:0b:a8:c7: d0:40:27:19:18:6d:82:1a:f4:80:e4:58:a4:98:fc: b3:8a:37:e7:ed:00:5d:f8:be:7b:06:bb:2b:87:0a: 3e:8b:4c:d4:27:58:e8:c1:8a:70:98:69:8e:d9:86: e9:04:a3:1f:f9:44:f7:14:29:93:4c:53:a5:c0:50: a9:86:66:7b:67:a1:02:55:58:18:be:aa:71:8a:f3: 8c:63:66:8e:4f:03:a2:d7:1e:ea:70:39:54:e0:42: 5d:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:68:23:50:CA:B4:21:9B:02:52:E0:34:D5:E4:51:4A:52:E0:68:0A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145673.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abcf::/32 Signature Algorithm: sha256WithRSAEncryption 06:7c:a5:75:93:98:90:ad:af:1f:a8:d1:7d:42:28:b6:f5:ae: 8a:37:81:59:ba:d3:f6:79:df:68:95:51:ab:59:83:c3:d0:4d: 9a:d4:07:25:31:44:8c:bf:06:4e:c3:7e:2a:c7:a1:70:83:14: f1:6b:58:f9:6f:5a:94:37:5b:62:d4:f0:e1:5e:59:31:af:64: 8f:63:2b:98:f2:14:14:1d:dc:f1:06:d4:9c:2a:2b:03:ad:78: 73:2c:d7:b4:4d:36:93:60:3b:c1:23:3f:69:5c:18:c0:84:90: d8:81:f9:66:29:7b:3d:fc:4f:5b:2a:26:29:c8:2f:62:05:de: de:7c:31:33:bf:ba:e5:65:18:22:26:13:99:ed:cf:e0:e0:c2: 46:aa:48:d0:46:3c:98:2a:98:72:0f:b5:f1:52:c5:9f:81:4a: 9a:7f:29:3c:5b:6a:b6:89:0c:f2:36:2b:bf:6a:56:3a:00:eb: 19:40:ba:7e:9c:13:72:7d:15:d0:0e:b1:43:e6:cb:d0:62:ff: 08:4c:0a:16:97:47:5c:0d:c9:76:b2:b6:27:48:db:76:c6:ea: 70:27:91:42:29:ad:bc:a2:5b:ae:46:39:0f:e7:9f:d0:09:bd: 82:48:4c:03:a6:4f:98:60:2f:75:d0:a0:45:0d:0d:d8:56:c2: 47:48:ab:e9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUB/eY8m93oBb7zilnKj/Hbdhs0yMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjYwOVoX DTI3MDMwMzA2MzEwOVowMzExMC8GA1UEAxMoOEU2ODIzNTBDQUI0MjE5QjAyNTJF MDM0RDVFNDUxNEE1MkUwNjgwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKR5KP6xY6+enGAyifDSa/HYbIuDLsjmiabK0g75bnGmZwrQLiS2c7wf9fAf mffhm98ltc/v7X4czt+qWSyhLsgUXLwRsYwWcLagei3kbarYLFp0Lw7+w+coE/K8 Z8p13I2hzU3SkPKlAgUqJJhdTvoYvQdogxv6WMzt/mTXse68pCdzWJb1C2/lmLdQ 7rWZbIb96pTzVsMyF+zEG7w566ydC6jH0EAnGRhtghr0gORYpJj8s4o35+0AXfi+ ewa7K4cKPotM1CdY6MGKcJhpjtmG6QSjH/lE9xQpk0xTpcBQqYZme2ehAlVYGL6q cYrzjGNmjk8Dotce6nA5VOBCXQMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSOaCNQ yrQhmwJS4DTV5FFKUuBoCjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q88wDQYJKoZIhvcNAQELBQADggEBAAZ8pXWTmJCtrx+o0X1CKLb1roo3gVm60/Z5 32iVUatZg8PQTZrUByUxRIy/Bk7DfirHoXCDFPFrWPlvWpQ3W2LU8OFeWTGvZI9j K5jyFBQd3PEG1JwqKwOteHMs17RNNpNgO8EjP2lcGMCEkNiB+WYpez38T1sqJinI L2IF3t58MTO/uuVlGCImE5ntz+DgwkaqSNBGPJgqmHIPtfFSxZ+BSpp/KTxbaraJ DPI2K79qVjoA6xlAun6cE3J9FdAOsUPmy9Bi/whMChaXR1wNyXaytidI23bG6nAn kUIprbyiW65GOQ/nn9AJvYJITAOmT5hgL3XQoEUNDdhWwkdIq+k= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:40 2026 by rpki-client