$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145703.roa File: AS145703.roa (raw, json) Hash identifier: CL70M3ggAZjp1wXB39fcOCNnHHWbtNFoR4jDZ2IUQVM= Subject key identifier: D4:00:2E:25:BC:DC:40:DD:59:5E:DA:36:1E:1B:6F:28:DD:6D:DC:E8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4B2EF528484786752C1474BEAE6B88B8AFE79E7C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145703.roa Signing time: Wed 04 Mar 2026 06:30:26 +0000 ROA not before: Wed 04 Mar 2026 06:25:26 +0000 ROA not after: Wed 03 Mar 2027 06:30:26 +0000 asID: 145703 IP address blocks: 240a:abed::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:2e:f5:28:48:47:86:75:2c:14:74:be:ae:6b:88:b8:af:e7:9e:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:26 2026 GMT Not After : Mar 3 06:30:26 2027 GMT Subject: CN=D4002E25BCDC40DD595EDA361E1B6F28DD6DDCE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:30:25:9d:33:39:3e:ff:27:ad:de:d9:b8:c6: dc:4b:ab:f0:a5:dc:a8:68:1d:5f:62:35:40:05:8c: b3:b1:f0:eb:80:15:36:f6:35:43:8b:8c:d3:d3:99: 13:eb:bb:6e:95:b4:5f:e3:d9:4f:3c:88:cd:d1:07: 11:47:f5:c8:a2:77:12:f2:bf:23:2a:7a:a6:4f:65: 2b:3b:c1:57:59:b9:b9:33:25:a7:63:48:8c:f9:9c: 54:76:0d:30:38:f4:b4:f2:63:4c:4b:0c:bc:6a:ee: f7:19:54:f1:a7:a8:18:9a:64:27:34:47:7e:b3:14: 48:f7:a6:b3:53:86:11:81:cc:f1:28:52:af:c0:69: 5e:c4:64:6b:fc:79:03:d1:1b:97:cd:7f:ee:23:b6: f3:08:ad:90:60:4a:da:7b:a4:cf:51:7c:5f:ac:3d: 7b:16:1c:a9:dc:1c:fb:88:6c:c0:23:f6:7c:d3:85: 4b:62:f5:4a:b9:b1:d2:5b:ac:49:82:a2:7c:1d:4f: da:d6:14:52:20:26:e7:67:1c:41:26:d0:84:cd:e8: eb:16:79:39:f0:81:fe:d9:49:5a:b4:fb:38:d2:f5: 7a:d1:64:e6:ac:73:b1:e9:eb:0e:49:c2:18:ef:7a: 7c:6b:50:ce:fe:e9:1d:af:c6:c1:86:fe:0f:09:f4: 24:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:00:2E:25:BC:DC:40:DD:59:5E:DA:36:1E:1B:6F:28:DD:6D:DC:E8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145703.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abed::/32 Signature Algorithm: sha256WithRSAEncryption 0b:27:12:d6:27:b8:7f:83:21:ed:30:ce:5a:01:23:d4:4a:fe: d5:77:70:63:d4:33:61:be:6d:f4:e4:0e:0e:66:83:9a:89:68: aa:74:d7:8a:61:53:76:98:7e:b2:cb:7e:c8:f7:b2:ea:e2:25: fe:a2:64:a2:01:de:27:e6:c0:c1:30:ca:84:fe:88:8c:91:c1: 57:23:6a:91:f2:28:e2:89:d1:01:2c:e5:b0:b1:46:97:b4:c6: 19:7e:2b:fe:5a:9e:cf:a3:f6:22:47:7d:6f:48:90:41:35:d1: 11:64:cf:f2:ed:93:6a:45:7b:10:23:64:f9:fd:9b:55:f2:17: 98:84:5e:4a:12:2f:03:03:fd:f8:9a:5a:1d:70:df:e0:e7:57: 84:27:3e:a1:06:46:f2:fa:fc:51:6f:4b:33:42:19:01:a8:bc: 6a:dd:4d:21:70:70:00:1a:cc:de:03:b8:53:ab:aa:cd:b8:84: bc:0a:67:3d:3f:23:04:eb:b4:1d:f9:03:72:ab:82:58:07:0e: 2f:46:a4:7b:a3:1d:ac:da:de:6c:63:fd:17:14:71:bf:47:a1: c1:05:bc:02:7c:8c:20:6c:9a:2e:ef:4b:00:75:64:38:55:e2: 45:78:e1:28:2d:7c:4e:8c:a2:3a:c5:68:12:ae:72:71:3f:b5: 3c:61:84:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSy71KEhHhnUsFHS+rmuIuK/nnnwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyNloX DTI3MDMwMzA2MzAyNlowMzExMC8GA1UEAxMoRDQwMDJFMjVCQ0RDNDBERDU5NUVE QTM2MUUxQjZGMjhERDZERENFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALowJZ0zOT7/J63e2bjG3Eur8KXcqGgdX2I1QAWMs7Hw64AVNvY1Q4uM09OZ E+u7bpW0X+PZTzyIzdEHEUf1yKJ3EvK/Iyp6pk9lKzvBV1m5uTMlp2NIjPmcVHYN MDj0tPJjTEsMvGru9xlU8aeoGJpkJzRHfrMUSPems1OGEYHM8ShSr8BpXsRka/x5 A9Ebl81/7iO28witkGBK2nukz1F8X6w9exYcqdwc+4hswCP2fNOFS2L1Srmx0lus SYKifB1P2tYUUiAm52ccQSbQhM3o6xZ5OfCB/tlJWrT7ONL1etFk5qxzsenrDknC GO96fGtQzv7pHa/GwYb+Dwn0JGUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTUAC4l vNxA3Vle2jYeG28o3W3c6DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q+0wDQYJKoZIhvcNAQELBQADggEBAAsnEtYnuH+DIe0wzloBI9RK/tV3cGPUM2G+ bfTkDg5mg5qJaKp014phU3aYfrLLfsj3suriJf6iZKIB3ifmwMEwyoT+iIyRwVcj apHyKOKJ0QEs5bCxRpe0xhl+K/5ans+j9iJHfW9IkEE10RFkz/Ltk2pFexAjZPn9 m1XyF5iEXkoSLwMD/fiaWh1w3+DnV4QnPqEGRvL6/FFvSzNCGQGovGrdTSFwcAAa zN4DuFOrqs24hLwKZz0/IwTrtB35A3KrglgHDi9GpHujHaza3mxj/RcUcb9HocEF vAJ8jCBsmi7vSwB1ZDhV4kV44SgtfE6MojrFaBKucnE/tTxhhHM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:43 2026 by rpki-client