$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145684.roa File: AS145684.roa (raw, json) Hash identifier: jWbB61ClqUU14QVs59LqvQbQweknwpfrFuVOBJTI3O0= Subject key identifier: D7:24:77:42:1B:92:97:88:25:07:E2:3F:6E:27:DC:88:D2:4D:F9:81 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 29C93190BC330A384D08A252D3AC0E2D1D977910 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145684.roa Signing time: Wed 04 Mar 2026 06:29:33 +0000 ROA not before: Wed 04 Mar 2026 06:24:33 +0000 ROA not after: Wed 03 Mar 2027 06:29:33 +0000 asID: 145684 IP address blocks: 240a:abda::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:c9:31:90:bc:33:0a:38:4d:08:a2:52:d3:ac:0e:2d:1d:97:79:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:33 2026 GMT Not After : Mar 3 06:29:33 2027 GMT Subject: CN=D72477421B9297882507E23F6E27DC88D24DF981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:73:dc:af:5f:a4:bd:94:30:95:fa:9a:fb:35: 5c:0d:1d:6e:06:04:0e:b6:25:45:ca:0e:7c:f4:a9: 7c:5b:ff:c6:ed:b8:d1:da:e9:8a:97:3e:cb:84:8f: d6:ee:02:fe:14:a3:f3:22:a2:5b:a5:7a:0c:74:02: bd:61:b3:ba:3b:7c:77:cf:3d:60:e4:48:a7:c2:63: 97:82:50:b0:b1:c4:10:1c:cd:7f:01:f2:61:17:c4: ff:c0:dd:a5:ae:ae:dd:20:be:59:a1:4b:fb:e8:c7: a5:4c:05:8f:33:3c:a4:f2:f1:56:28:50:47:d3:09: a0:a1:f5:12:6c:00:38:45:84:c5:7d:5d:66:2d:5b: 27:50:00:dd:a1:0f:fb:0a:06:75:37:4f:65:f2:bd: ca:b6:84:0a:62:d9:16:df:cb:2c:8f:d3:8d:50:48: 94:81:41:2c:c7:eb:95:c2:c0:6d:f7:6e:dc:2f:04: 58:60:06:66:93:45:c2:1d:8c:32:3a:59:a9:a0:61: 9c:05:32:d1:7a:fc:7f:64:9f:6a:4a:34:cd:77:1d: 47:44:e7:b6:1f:13:ec:de:d3:66:db:67:96:64:9b: 78:a6:cd:b6:9c:02:07:ea:07:17:c2:70:b9:ff:59: bf:3e:88:c8:be:8d:ad:a0:18:0e:b0:84:07:23:d7: 05:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:24:77:42:1B:92:97:88:25:07:E2:3F:6E:27:DC:88:D2:4D:F9:81 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145684.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abda::/32 Signature Algorithm: sha256WithRSAEncryption 20:a5:63:a5:42:bd:b3:de:2e:f7:22:21:91:1a:38:48:2e:bf: c3:1a:17:f5:95:d6:82:4b:56:1b:e2:05:e9:0c:ff:0e:2d:3c: 49:f0:f4:96:1b:93:a9:e3:8b:dd:38:9f:ee:ad:b7:ea:ba:ed: 47:94:0d:6e:6f:a6:8f:eb:52:73:60:da:2c:9d:ad:eb:89:f8: ae:43:a1:9a:a2:06:af:03:96:08:42:bd:7a:a8:32:a2:5f:bc: 4c:7c:8d:72:ef:ec:4c:b4:86:fb:51:dc:5e:f2:50:64:6e:90: 26:47:c8:00:00:81:24:ac:5b:7e:a7:71:74:1a:6b:b6:85:c6: d1:4a:2e:bb:0e:9a:02:4e:f5:ae:25:41:02:53:57:4e:75:5f: e1:36:24:0f:84:d5:ce:c4:00:02:73:84:77:82:5b:14:cc:6d: 73:13:5f:04:a8:82:31:31:13:1a:65:39:57:f9:27:fc:b5:48: 2a:31:a3:cf:9a:6f:c6:9a:b9:ce:68:b8:22:c4:3d:e7:3e:bb: f6:a7:63:6a:d2:98:63:1d:35:ec:80:06:8d:43:99:9c:1f:ad: ea:f0:6c:e5:98:c7:a3:c9:d1:c9:24:d0:eb:22:e7:21:f8:f6: 15:96:38:15:83:f6:e5:79:ab:f7:76:a0:2a:84:24:35:af:2e: 66:35:9f:fe -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKckxkLwzCjhNCKJS06wOLR2XeRAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzM1oX DTI3MDMwMzA2MjkzM1owMzExMC8GA1UEAxMoRDcyNDc3NDIxQjkyOTc4ODI1MDdF MjNGNkUyN0RDODhEMjRERjk4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOpz3K9fpL2UMJX6mvs1XA0dbgYEDrYlRcoOfPSpfFv/xu240drpipc+y4SP 1u4C/hSj8yKiW6V6DHQCvWGzujt8d889YORIp8Jjl4JQsLHEEBzNfwHyYRfE/8Dd pa6u3SC+WaFL++jHpUwFjzM8pPLxVihQR9MJoKH1EmwAOEWExX1dZi1bJ1AA3aEP +woGdTdPZfK9yraECmLZFt/LLI/TjVBIlIFBLMfrlcLAbfdu3C8EWGAGZpNFwh2M MjpZqaBhnAUy0Xr8f2Sfako0zXcdR0Tnth8T7N7TZttnlmSbeKbNtpwCB+oHF8Jw uf9Zvz6IyL6NraAYDrCEByPXBTUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTXJHdC G5KXiCUH4j9uJ9yI0k35gTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q9owDQYJKoZIhvcNAQELBQADggEBACClY6VCvbPeLvciIZEaOEguv8MaF/WV1oJL VhviBekM/w4tPEnw9JYbk6nji904n+6tt+q67UeUDW5vpo/rUnNg2iydreuJ+K5D oZqiBq8DlghCvXqoMqJfvEx8jXLv7Ey0hvtR3F7yUGRukCZHyAAAgSSsW36ncXQa a7aFxtFKLrsOmgJO9a4lQQJTV051X+E2JA+E1c7EAAJzhHeCWxTMbXMTXwSogjEx ExplOVf5J/y1SCoxo8+ab8aauc5ouCLEPec+u/anY2rSmGMdNeyABo1DmZwfrerw bOWYx6PJ0ckk0Osi5yH49hWWOBWD9uV5q/d2oCqEJDWvLmY1n/4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:23 2026 by rpki-client