$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145679.roa File: AS145679.roa (raw, json) Hash identifier: X8gtRughTIVvDPIAggiSy6fR505aNAzmwmehfSPB5jI= Subject key identifier: AA:E1:43:07:93:EC:21:AE:D8:EA:08:E0:C8:52:85:DA:61:8E:E0:AE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3CA1BDFAC5DBB5C6F4440593232A30B5FAB6BE61 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145679.roa Signing time: Wed 04 Mar 2026 06:29:39 +0000 ROA not before: Wed 04 Mar 2026 06:24:39 +0000 ROA not after: Wed 03 Mar 2027 06:29:39 +0000 asID: 145679 IP address blocks: 240a:abd5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:a1:bd:fa:c5:db:b5:c6:f4:44:05:93:23:2a:30:b5:fa:b6:be:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:39 2026 GMT Not After : Mar 3 06:29:39 2027 GMT Subject: CN=AAE1430793EC21AED8EA08E0C85285DA618EE0AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:45:75:2c:7c:aa:76:b7:2d:1f:eb:c1:7c:98: 99:dc:e9:4b:07:67:c7:7a:53:9a:7d:c9:60:50:54: e4:8a:31:20:3e:35:45:62:a7:7f:26:9c:13:45:58: 5f:64:b6:97:a2:5a:77:51:2a:8a:ac:2a:95:94:c2: 87:4b:f7:85:c0:97:8c:56:2a:f1:8e:21:59:14:51: 49:6e:b4:0b:23:93:9a:53:ca:ac:e8:1f:ca:27:ac: 66:64:67:b9:f5:c0:da:0a:50:5b:16:02:50:fc:ab: 65:77:34:e6:30:25:1c:c2:e8:d0:60:62:8c:45:28: 46:d2:ac:b0:5d:43:27:dd:a6:d4:2c:3f:34:80:c2: 98:7e:f9:3c:65:5c:f8:9f:aa:53:b6:5e:57:74:2d: 75:59:00:6f:e8:38:37:3d:12:96:0d:30:9d:21:c6: 61:88:97:0a:d7:cc:a8:61:fb:9a:81:a0:20:84:da: a0:17:f2:17:ce:6d:8b:1e:ee:cb:2d:67:6a:17:a1: 5d:16:f0:0b:90:15:4c:bf:4d:da:90:05:4e:c0:db: bf:77:51:4b:53:a1:24:02:35:a9:fc:99:12:a4:05: e3:d6:e8:5e:ad:90:16:a8:5b:96:34:6b:86:65:bc: c1:c4:5b:56:73:5c:8c:0f:7e:62:fd:21:eb:bb:d4: 45:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:E1:43:07:93:EC:21:AE:D8:EA:08:E0:C8:52:85:DA:61:8E:E0:AE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145679.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abd5::/32 Signature Algorithm: sha256WithRSAEncryption a6:c6:68:a4:d8:34:9c:bf:02:d2:fa:4b:49:e1:e8:67:5b:04: d2:56:47:08:28:6d:b2:64:cf:e0:27:fc:13:82:b0:da:3d:81: fa:95:ca:ed:4e:6a:7c:e6:34:b1:8f:44:bc:c5:ac:ee:35:8d: 22:99:61:71:6d:ad:94:61:0c:15:ad:dd:fb:5e:05:d1:f9:6e: ee:61:b6:38:3d:e8:f6:84:33:ce:ff:a7:56:6a:03:7f:9b:91: 59:a3:57:5d:9d:89:c1:1e:29:38:49:41:7c:e2:84:50:6d:64: 59:0b:ec:c3:d7:60:d2:bc:af:1b:3a:05:f9:87:5d:68:3f:60: a6:69:bc:94:ee:55:05:49:75:7c:31:b0:0b:a0:d6:6f:67:69: be:57:e1:13:46:bc:e0:6b:2b:0f:70:d0:d4:10:aa:7f:a4:70: e6:70:8c:4e:69:66:0a:a3:8a:dd:c8:4f:cc:6f:06:7f:2e:e0: b5:ca:a1:6a:52:7b:99:a1:d2:99:a5:b1:eb:b4:ae:2c:34:ce: 25:e7:74:ef:6b:e1:14:c2:3a:c1:72:ac:24:86:71:12:aa:83: 6b:fd:9c:ad:c3:20:90:41:34:d9:c9:28:e1:17:b8:a5:dc:99: f3:e6:9c:5f:6e:6c:79:02:a6:73:3e:80:4b:0d:a4:f7:e5:12: a6:83:f4:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPKG9+sXbtcb0RAWTIyowtfq2vmEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzOVoX DTI3MDMwMzA2MjkzOVowMzExMC8GA1UEAxMoQUFFMTQzMDc5M0VDMjFBRUQ4RUEw OEUwQzg1Mjg1REE2MThFRTBBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANpFdSx8qna3LR/rwXyYmdzpSwdnx3pTmn3JYFBU5IoxID41RWKnfyacE0VY X2S2l6Jad1EqiqwqlZTCh0v3hcCXjFYq8Y4hWRRRSW60CyOTmlPKrOgfyiesZmRn ufXA2gpQWxYCUPyrZXc05jAlHMLo0GBijEUoRtKssF1DJ92m1Cw/NIDCmH75PGVc +J+qU7ZeV3QtdVkAb+g4Nz0Slg0wnSHGYYiXCtfMqGH7moGgIITaoBfyF85tix7u yy1nahehXRbwC5AVTL9N2pAFTsDbv3dRS1OhJAI1qfyZEqQF49boXq2QFqhbljRr hmW8wcRbVnNcjA9+Yv0h67vURcECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSq4UMH k+whrtjqCODIUoXaYY7grjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY3OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q9UwDQYJKoZIhvcNAQELBQADggEBAKbGaKTYNJy/AtL6S0nh6GdbBNJWRwgobbJk z+An/BOCsNo9gfqVyu1OanzmNLGPRLzFrO41jSKZYXFtrZRhDBWt3fteBdH5bu5h tjg96PaEM87/p1ZqA3+bkVmjV12dicEeKThJQXzihFBtZFkL7MPXYNK8rxs6BfmH XWg/YKZpvJTuVQVJdXwxsAug1m9nab5X4RNGvOBrKw9w0NQQqn+kcOZwjE5pZgqj it3IT8xvBn8u4LXKoWpSe5mh0pmlseu0riw0ziXndO9r4RTCOsFyrCSGcRKqg2v9 nK3DIJBBNNnJKOEXuKXcmfPmnF9ubHkCpnM+gEsNpPflEqaD9Ck= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:13 2026 by rpki-client