$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145698.roa File: AS145698.roa (raw, json) Hash identifier: rKgxw5rB6TYeQe3w2z9fktv4vN+KHNaFLYuATFBnldQ= Subject key identifier: CC:C7:A1:38:13:5B:72:57:B3:1C:A0:92:31:C6:CB:7B:8C:92:F5:7B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D26A1B71D5126B89116EB301486E100880C2556 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145698.roa Signing time: Wed 04 Mar 2026 06:30:10 +0000 ROA not before: Wed 04 Mar 2026 06:25:10 +0000 ROA not after: Wed 03 Mar 2027 06:30:10 +0000 asID: 145698 IP address blocks: 240a:abe8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:26:a1:b7:1d:51:26:b8:91:16:eb:30:14:86:e1:00:88:0c:25:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:10 2026 GMT Not After : Mar 3 06:30:10 2027 GMT Subject: CN=CCC7A138135B7257B31CA09231C6CB7B8C92F57B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:38:22:1a:73:cf:8c:18:8a:79:0a:cc:56:f6: 2b:3b:87:8c:a2:6f:00:fa:26:a7:a4:d0:f8:2b:51: cf:47:83:cc:4b:f6:ca:32:77:2c:3b:08:01:b4:16: 62:09:bc:27:eb:92:a1:8b:ab:1e:43:d4:ac:e0:82: df:d0:17:a4:9e:32:42:54:30:61:76:c5:94:de:60: 44:44:91:6e:2a:ee:9d:e4:5e:a4:15:62:9e:c3:6d: 25:71:43:51:79:df:05:1e:d8:b1:a7:7a:8c:f4:2e: 9b:de:85:49:c4:67:ab:fe:e6:0e:0b:67:b3:e4:99: 3e:79:44:09:b8:7d:d6:21:60:16:6b:7a:6b:3d:89: 26:7a:46:8a:2a:53:bb:0c:5a:3a:db:74:15:91:ac: 9d:3f:a6:aa:d6:e8:df:79:b5:98:a9:af:18:45:48: 95:74:2b:3b:37:f1:33:5d:00:81:a2:90:6c:28:ae: ec:f2:3a:7b:2f:74:31:25:3d:c1:c5:48:b9:09:c7: 53:73:37:66:5c:2e:0f:be:58:bf:3f:c9:c0:d0:83: d4:92:f5:54:39:df:14:6b:75:78:10:11:f4:78:00: 12:fc:b1:ff:8b:20:79:38:af:50:e4:07:20:8b:c3: 2d:98:5b:22:3c:03:fd:b5:2e:d6:de:61:68:da:8a: 0b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:C7:A1:38:13:5B:72:57:B3:1C:A0:92:31:C6:CB:7B:8C:92:F5:7B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145698.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abe8::/32 Signature Algorithm: sha256WithRSAEncryption a1:79:58:d7:32:a8:77:90:2c:ff:d2:c2:ed:0e:d5:42:d9:0a: 4c:95:50:e2:7e:1e:9e:65:35:b0:55:7c:d8:92:b3:b0:a4:40: 2f:72:28:aa:0b:02:36:c3:59:c3:8d:bf:fe:83:31:59:7d:48: 1a:4e:c9:78:ba:d9:40:e4:be:c1:31:76:4c:08:f1:60:b0:0c: ae:39:98:fa:a1:e8:24:c3:74:21:d2:de:3a:dd:20:0f:5a:5e: 2e:7a:2a:02:c3:38:42:10:1b:32:e1:1d:52:9d:72:09:ff:7a: d2:ce:d8:da:c5:e9:bc:20:08:26:f4:7d:6d:ca:31:01:97:43: a1:de:97:d6:a4:c5:9c:5c:b3:86:2e:28:2d:6c:13:f8:c9:26: 1e:a4:de:b4:32:14:49:01:9d:e7:14:22:f8:1c:22:15:b5:3c: c7:d7:ea:d9:20:38:f0:15:96:25:20:b1:5c:48:f4:7e:d4:e0: 88:39:f7:74:d0:cc:82:1f:fa:03:1a:19:a1:22:18:21:eb:a7: e3:df:e3:95:be:9a:3e:c1:10:82:f0:1f:04:b4:f5:a6:c3:9a: d4:66:1a:e0:18:b9:e6:93:b9:7b:36:60:f5:24:fd:89:5c:19: 9b:98:4e:24:9b:9d:ed:8a:ed:b4:10:e4:09:50:cf:d2:c0:04: 6d:94:b9:9e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPSahtx1RJriRFuswFIbhAIgMJVYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUxMFoX DTI3MDMwMzA2MzAxMFowMzExMC8GA1UEAxMoQ0NDN0ExMzgxMzVCNzI1N0IzMUNB MDkyMzFDNkNCN0I4QzkyRjU3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJE4Ihpzz4wYinkKzFb2KzuHjKJvAPomp6TQ+CtRz0eDzEv2yjJ3LDsIAbQW Ygm8J+uSoYurHkPUrOCC39AXpJ4yQlQwYXbFlN5gRESRbiruneRepBVinsNtJXFD UXnfBR7Ysad6jPQum96FScRnq/7mDgtns+SZPnlECbh91iFgFmt6az2JJnpGiipT uwxaOtt0FZGsnT+mqtbo33m1mKmvGEVIlXQrOzfxM10AgaKQbCiu7PI6ey90MSU9 wcVIuQnHU3M3ZlwuD75Yvz/JwNCD1JL1VDnfFGt1eBAR9HgAEvyx/4sgeTivUOQH IIvDLZhbIjwD/bUu1t5haNqKC+UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTMx6E4 E1tyV7McoJIxxst7jJL1ezAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTY5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q+gwDQYJKoZIhvcNAQELBQADggEBAKF5WNcyqHeQLP/Swu0O1ULZCkyVUOJ+Hp5l NbBVfNiSs7CkQC9yKKoLAjbDWcONv/6DMVl9SBpOyXi62UDkvsExdkwI8WCwDK45 mPqh6CTDdCHS3jrdIA9aXi56KgLDOEIQGzLhHVKdcgn/etLO2NrF6bwgCCb0fW3K MQGXQ6Hel9akxZxcs4YuKC1sE/jJJh6k3rQyFEkBnecUIvgcIhW1PMfX6tkgOPAV liUgsVxI9H7U4Ig593TQzIIf+gMaGaEiGCHrp+Pf45W+mj7BEILwHwS09abDmtRm GuAYueaTuXs2YPUk/YlcGZuYTiSbne2K7bQQ5AlQz9LABG2UuZ4= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:12 2026 by rpki-client