$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145678.roa File: AS145678.roa (raw, json) Hash identifier: M1LTnE4G9y/YPEGm0Ip+9ENvhZEHknXlkmwleulK9lw= Subject key identifier: A0:FF:B6:72:00:28:7D:16:4C:FA:4A:A5:01:11:6B:6B:18:D3:1E:C4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 417338C2822514C6D6B6B3B1AD0A0AB3580CC19B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145678.roa Signing time: Wed 04 Mar 2026 06:30:53 +0000 ROA not before: Wed 04 Mar 2026 06:25:53 +0000 ROA not after: Wed 03 Mar 2027 06:30:53 +0000 asID: 145678 IP address blocks: 240a:abd4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:73:38:c2:82:25:14:c6:d6:b6:b3:b1:ad:0a:0a:b3:58:0c:c1:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:53 2026 GMT Not After : Mar 3 06:30:53 2027 GMT Subject: CN=A0FFB67200287D164CFA4AA501116B6B18D31EC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:19:bb:6a:7c:e6:a8:a8:2e:48:56:17:e6:59: 37:c1:56:e8:c0:76:3b:83:c7:0f:11:94:48:fd:c2: 3a:da:e8:44:7e:0c:6b:08:c4:28:0a:87:79:23:ad: 38:fa:88:62:9b:a9:28:f6:0a:5b:7d:45:24:e8:0b: c4:23:1c:91:09:bf:51:68:65:0c:ae:dc:94:d0:56: c6:34:18:2a:9c:81:0b:bb:41:a9:a9:d8:e5:99:bf: ef:84:17:bc:17:d2:f6:fe:e5:39:30:81:8f:a6:73: 56:f0:a2:85:f9:36:af:15:0b:f3:78:e7:e4:9c:f7: ba:09:a3:cc:73:f6:b6:74:34:97:95:55:2c:6d:ad: 62:18:85:2c:90:56:85:17:20:e7:20:05:73:61:7f: 61:21:3f:15:25:ef:76:15:84:ef:da:b5:2e:89:7e: 40:c3:98:8d:0b:9e:4d:6d:ba:08:b5:2a:8a:88:61: 69:25:57:93:e7:9d:01:2f:a6:c8:3b:9a:44:16:19: cd:4d:95:8b:96:cf:0a:9d:69:b2:91:63:e0:78:92: d2:3d:a1:e1:cd:56:b7:d2:8f:98:b5:df:36:43:28: cc:7f:d0:68:af:b9:ea:d1:29:d2:56:81:e6:ed:6e: ee:f8:d9:cf:2d:d5:12:c2:a7:a5:2e:c3:c0:d2:a8: b1:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:FF:B6:72:00:28:7D:16:4C:FA:4A:A5:01:11:6B:6B:18:D3:1E:C4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145678.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abd4::/32 Signature Algorithm: sha256WithRSAEncryption 88:a6:b9:02:f6:3a:ec:bd:a7:4a:26:52:3c:73:79:4c:47:ae: 19:70:d1:fb:c8:83:30:bf:8a:a2:d5:cd:1e:ef:55:3f:03:05: 94:4d:25:d0:34:f0:f1:35:f4:67:ca:55:fd:a0:a7:28:42:49: 59:6e:8b:a5:70:75:71:e9:d7:c7:19:99:c8:93:4d:47:e8:cb: a2:78:0a:18:71:e4:3b:5c:14:1b:34:5c:f0:9a:29:fd:0d:cf: 9d:43:52:63:25:f6:a0:bf:02:6d:43:9c:f0:83:62:a3:96:f3: ff:bc:99:a3:b3:f4:e2:b6:29:a0:28:bb:4e:fe:c0:33:50:48: 61:d8:36:dd:29:66:a8:f6:7f:3e:4e:1d:73:4d:df:f0:16:62: a8:1f:f3:5b:4c:b1:5e:0b:6f:7b:05:27:54:a9:02:77:7a:a9: c9:ab:5f:be:74:8e:d1:3d:28:63:56:3c:56:7a:95:e0:31:38: b6:d0:fc:dd:5d:0b:4c:e7:b8:57:a5:84:b8:76:cf:c4:1f:ba: 36:c7:28:32:fd:52:04:df:82:03:1c:1c:58:e9:70:75:b9:d3: f4:85:9e:b0:d4:02:8e:9d:12:d8:e4:54:7e:73:b1:bc:7f:e9: a1:62:f2:a9:bb:f7:2a:c6:a3:01:29:67:9b:e0:dc:d7:f9:f4: 85:98:26:ed -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQXM4woIlFMbWtrOxrQoKs1gMwZswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1M1oX DTI3MDMwMzA2MzA1M1owMzExMC8GA1UEAxMoQTBGRkI2NzIwMDI4N0QxNjRDRkE0 QUE1MDExMTZCNkIxOEQzMUVDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM8Zu2p85qioLkhWF+ZZN8FW6MB2O4PHDxGUSP3COtroRH4MawjEKAqHeSOt OPqIYpupKPYKW31FJOgLxCMckQm/UWhlDK7clNBWxjQYKpyBC7tBqanY5Zm/74QX vBfS9v7lOTCBj6ZzVvCihfk2rxUL83jn5Jz3ugmjzHP2tnQ0l5VVLG2tYhiFLJBW hRcg5yAFc2F/YSE/FSXvdhWE79q1Lol+QMOYjQueTW26CLUqiohhaSVXk+edAS+m yDuaRBYZzU2Vi5bPCp1pspFj4HiS0j2h4c1Wt9KPmLXfNkMozH/QaK+56tEp0laB 5u1u7vjZzy3VEsKnpS7DwNKosZsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSg/7Zy ACh9Fkz6SqUBEWtrGNMexDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q9QwDQYJKoZIhvcNAQELBQADggEBAIimuQL2Ouy9p0omUjxzeUxHrhlw0fvIgzC/ iqLVzR7vVT8DBZRNJdA08PE19GfKVf2gpyhCSVlui6VwdXHp18cZmciTTUfoy6J4 Chhx5DtcFBs0XPCaKf0Nz51DUmMl9qC/Am1DnPCDYqOW8/+8maOz9OK2KaAou07+ wDNQSGHYNt0pZqj2fz5OHXNN3/AWYqgf81tMsV4Lb3sFJ1SpAnd6qcmrX750jtE9 KGNWPFZ6leAxOLbQ/N1dC0znuFelhLh2z8QfujbHKDL9UgTfggMcHFjpcHW50/SF nrDUAo6dEtjkVH5zsbx/6aFi8qm79yrGowEpZ5vg3Nf59IWYJu0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:55 2026 by rpki-client