$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145685.roa File: AS145685.roa (raw, json) Hash identifier: GPkx+QArNbwr3MFrboHMLW4R/fmTy+sTdB6pioetMe4= Subject key identifier: 98:E1:E2:51:08:57:E7:20:F1:44:B1:7A:29:FF:43:35:CE:D1:B3:C2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1B92BEFF509225E414367DEC218413133EEB0F6B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145685.roa Signing time: Wed 04 Mar 2026 06:30:32 +0000 ROA not before: Wed 04 Mar 2026 06:25:32 +0000 ROA not after: Wed 03 Mar 2027 06:30:32 +0000 asID: 145685 IP address blocks: 240a:abdb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:92:be:ff:50:92:25:e4:14:36:7d:ec:21:84:13:13:3e:eb:0f:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:32 2026 GMT Not After : Mar 3 06:30:32 2027 GMT Subject: CN=98E1E2510857E720F144B17A29FF4335CED1B3C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:1c:9b:0e:2a:d8:a1:2d:88:36:3c:35:38:14: 64:c5:5c:04:90:1b:f1:53:c2:11:37:1f:63:f6:0c: 4e:6d:cc:d1:c9:a8:19:86:47:30:5e:00:2c:9c:1d: 14:b6:b9:9b:74:0f:a8:81:ed:5e:e5:04:19:1f:23: 27:cc:5a:2a:b9:cb:44:44:81:06:7f:8d:a9:d3:1c: 09:97:2b:35:ce:9c:57:98:c3:88:a4:5a:73:56:31: 9c:d9:1c:e2:bb:2b:ad:b5:a0:e3:42:4d:76:58:1f: 03:4c:c4:1d:30:12:6d:b9:d3:07:16:35:0b:6a:83: 4d:9a:a1:25:6c:3e:35:2c:c1:49:e8:3c:94:99:61: de:c6:64:5c:5b:7a:1d:e8:9b:09:a1:25:a8:c4:5f: f6:a7:5d:40:4f:d6:3d:fc:7e:eb:42:2b:25:b6:ef: eb:7f:f7:71:3b:f7:b0:c9:18:6e:9d:28:1d:98:b2: 73:a2:ef:60:10:9b:93:25:7e:76:fb:cc:2a:16:d4: 16:9e:63:6a:16:ce:21:49:9f:33:ab:51:e2:dd:89: 33:1d:b2:3e:c0:d2:7b:71:6c:39:08:aa:3b:05:88: 08:7f:73:d5:64:28:b8:38:22:47:7d:8b:5b:ea:bb: 20:53:6d:ef:65:25:2d:54:b3:db:53:8f:90:ab:c9: ce:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:E1:E2:51:08:57:E7:20:F1:44:B1:7A:29:FF:43:35:CE:D1:B3:C2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145685.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abdb::/32 Signature Algorithm: sha256WithRSAEncryption ae:3e:f2:55:e6:af:45:6e:5d:5a:2c:77:d0:c4:dd:6e:74:20: ad:0a:57:52:e2:8b:22:5e:14:85:df:d0:2c:04:88:ad:e2:46: 75:77:3d:fe:a6:54:0b:ab:f6:1b:f2:33:c4:cb:38:88:ec:fe: 52:8c:46:ab:6b:c9:a5:58:8f:53:3d:ed:09:0a:86:66:bf:a7: 1a:fe:f0:9b:1c:57:4b:be:3e:e6:20:8a:17:76:fe:23:ee:78: 37:2d:ff:73:50:0b:24:d4:d8:47:ab:c1:55:e9:42:2d:14:40: ac:47:b1:61:c0:73:6d:b4:51:bb:00:d3:ed:bc:2f:96:23:4b: 17:df:b8:b4:88:3b:1e:da:86:de:52:67:40:fc:48:b1:88:54: 01:48:d2:62:7f:b7:a1:3b:af:11:c2:ee:26:d7:b7:8b:bd:66: 88:8b:0f:31:22:9b:50:34:89:f4:2b:6b:1b:1f:27:67:76:d2: d7:38:99:3d:c4:a1:6d:9a:2f:6f:66:8b:a9:28:f4:6a:dc:94: 84:4a:6c:56:f0:79:8d:32:67:0e:0a:a0:5f:56:9a:b8:69:68: 09:a3:e4:18:a3:a2:ef:11:d1:d8:d0:fa:42:ac:52:c2:33:b6: b6:90:34:06:8b:69:cb:a1:c1:fb:1c:ef:50:04:e0:b3:a2:1e: 42:de:c2:92 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG5K+/1CSJeQUNn3sIYQTEz7rD2swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzMloX DTI3MDMwMzA2MzAzMlowMzExMC8GA1UEAxMoOThFMUUyNTEwODU3RTcyMEYxNDRC MTdBMjlGRjQzMzVDRUQxQjNDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANwcmw4q2KEtiDY8NTgUZMVcBJAb8VPCETcfY/YMTm3M0cmoGYZHMF4ALJwd FLa5m3QPqIHtXuUEGR8jJ8xaKrnLRESBBn+NqdMcCZcrNc6cV5jDiKRac1YxnNkc 4rsrrbWg40JNdlgfA0zEHTASbbnTBxY1C2qDTZqhJWw+NSzBSeg8lJlh3sZkXFt6 HeibCaElqMRf9qddQE/WPfx+60IrJbbv63/3cTv3sMkYbp0oHZiyc6LvYBCbkyV+ dvvMKhbUFp5jahbOIUmfM6tR4t2JMx2yPsDSe3FsOQiqOwWICH9z1WQouDgiR32L W+q7IFNt72UlLVSz21OPkKvJztUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSY4eJR CFfnIPFEsXop/0M1ztGzwjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q9swDQYJKoZIhvcNAQELBQADggEBAK4+8lXmr0VuXVosd9DE3W50IK0KV1LiiyJe FIXf0CwEiK3iRnV3Pf6mVAur9hvyM8TLOIjs/lKMRqtryaVYj1M97QkKhma/pxr+ 8JscV0u+PuYgihd2/iPueDct/3NQCyTU2EerwVXpQi0UQKxHsWHAc220UbsA0+28 L5YjSxffuLSIOx7aht5SZ0D8SLGIVAFI0mJ/t6E7rxHC7ibXt4u9ZoiLDzEim1A0 ifQraxsfJ2d20tc4mT3EoW2aL29mi6ko9GrclIRKbFbweY0yZw4KoF9WmrhpaAmj 5Bijou8R0djQ+kKsUsIztraQNAaLacuhwfsc71AE4LOiHkLewpI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:07 2026 by rpki-client