$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145714.roa File: AS145714.roa (raw, json) Hash identifier: B0IxXIqbKEkAlEYsUPeIyyRsL9o4zbEO+ksEg2x9MzQ= Subject key identifier: 4B:83:91:7B:F8:ED:D2:0F:50:01:BE:84:46:E6:3C:4C:13:0F:8C:48 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 62EFB338B2D2CDDA7BBE7EDC0272536A11139414 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145714.roa Signing time: Wed 04 Mar 2026 06:30:22 +0000 ROA not before: Wed 04 Mar 2026 06:25:22 +0000 ROA not after: Wed 03 Mar 2027 06:30:22 +0000 asID: 145714 IP address blocks: 240a:abf8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:ef:b3:38:b2:d2:cd:da:7b:be:7e:dc:02:72:53:6a:11:13:94:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:22 2026 GMT Not After : Mar 3 06:30:22 2027 GMT Subject: CN=4B83917BF8EDD20F5001BE8446E63C4C130F8C48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:2d:4f:83:1b:d5:41:8a:00:3a:0a:57:67:8b: 28:fd:85:ac:25:84:0f:cf:88:b4:e5:db:97:a5:d9: 0a:7f:27:cc:4a:68:57:32:a5:99:2f:09:73:f3:3a: 61:fe:04:13:81:02:3d:d4:ea:6c:44:7e:27:d4:c1: 21:52:7d:be:9c:ae:d3:6f:0e:82:a4:4f:95:32:66: e6:0a:d2:5b:1e:4b:a4:02:1d:f9:fe:28:a2:95:b8: f3:5e:2e:c3:e8:ec:db:a0:ff:da:01:8f:5b:7a:06: fc:3d:b6:2b:06:25:e0:fd:56:9a:e6:3a:16:78:ff: ef:97:db:cf:cf:35:55:3a:d2:8a:92:d1:28:84:83: 33:59:74:08:45:5e:24:1d:84:36:5e:8f:16:d9:72: 05:e9:74:9e:e2:18:8f:46:25:13:9f:7e:b3:5e:3b: 9d:72:16:96:13:c1:50:41:ab:40:3a:f1:b0:f0:8f: 07:fe:a4:90:27:21:4e:b6:e9:4f:a4:38:03:6e:fb: e6:1f:59:e7:33:84:f1:03:ac:d9:85:4a:ac:b8:ce: 58:48:d8:ff:cc:19:e3:f6:ca:c0:8a:65:f3:00:44: 1e:06:64:52:af:8b:93:e5:65:a3:7b:eb:0e:d4:4e: 39:97:7a:cb:85:f3:69:70:6c:1d:3c:bc:d5:bf:3f: ad:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:83:91:7B:F8:ED:D2:0F:50:01:BE:84:46:E6:3C:4C:13:0F:8C:48 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145714.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abf8::/32 Signature Algorithm: sha256WithRSAEncryption 51:cc:de:6f:34:94:1a:57:8a:7a:2c:f4:c2:23:b8:d4:1f:48: ea:fe:48:8b:3c:fd:2c:51:5e:b3:34:57:68:e8:d1:3c:10:9b: fd:27:92:1d:c4:22:90:a1:01:31:cc:18:43:7d:2c:35:af:27: a6:a9:7c:78:51:61:55:bc:43:fd:ff:6d:0e:66:db:b3:54:c2: 85:21:18:a3:88:cf:5f:ae:80:c6:98:88:71:7f:02:b8:c0:d5: 41:b0:86:58:0a:45:f5:b7:91:91:d9:f2:76:4a:5c:e5:11:a8: 40:3f:d2:21:14:0b:8e:95:6d:d9:97:37:d2:75:cb:3a:4c:e6: a1:41:76:55:8e:ba:41:98:f6:58:af:0a:29:c9:fc:ee:33:1b: 1a:54:40:5d:41:ff:7e:dc:37:58:6b:2f:0d:4d:69:e0:90:7c: 82:bc:4a:b1:ef:38:c9:28:90:a5:2d:e5:3a:db:2c:39:f5:40: 07:a9:47:53:6a:43:86:ab:bc:db:b6:59:15:41:13:71:66:5c: e7:b1:26:61:f8:63:58:4a:1a:1e:e4:11:e1:99:89:27:5c:07: 5d:8a:66:db:21:f4:31:b2:47:6e:1d:7a:cd:06:45:8b:88:8f: 6c:e5:15:b1:e2:c6:2d:67:c7:32:8e:46:6f:d6:19:dc:d1:af: 0e:2d:da:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYu+zOLLSzdp7vn7cAnJTahETlBQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyMloX DTI3MDMwMzA2MzAyMlowMzExMC8GA1UEAxMoNEI4MzkxN0JGOEVERDIwRjUwMDFC RTg0NDZFNjNDNEMxMzBGOEM0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKctT4Mb1UGKADoKV2eLKP2FrCWED8+ItOXbl6XZCn8nzEpoVzKlmS8Jc/M6 Yf4EE4ECPdTqbER+J9TBIVJ9vpyu028OgqRPlTJm5grSWx5LpAId+f4oopW4814u w+js26D/2gGPW3oG/D22KwYl4P1WmuY6Fnj/75fbz881VTrSipLRKISDM1l0CEVe JB2ENl6PFtlyBel0nuIYj0YlE59+s147nXIWlhPBUEGrQDrxsPCPB/6kkCchTrbp T6Q4A2775h9Z5zOE8QOs2YVKrLjOWEjY/8wZ4/bKwIpl8wBEHgZkUq+Lk+Vlo3vr DtROOZd6y4XzaXBsHTy81b8/rY8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRLg5F7 +O3SD1ABvoRG5jxMEw+MSDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcxNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q/gwDQYJKoZIhvcNAQELBQADggEBAFHM3m80lBpXinos9MIjuNQfSOr+SIs8/SxR XrM0V2jo0TwQm/0nkh3EIpChATHMGEN9LDWvJ6apfHhRYVW8Q/3/bQ5m27NUwoUh GKOIz1+ugMaYiHF/ArjA1UGwhlgKRfW3kZHZ8nZKXOURqEA/0iEUC46VbdmXN9J1 yzpM5qFBdlWOukGY9livCinJ/O4zGxpUQF1B/37cN1hrLw1NaeCQfIK8SrHvOMko kKUt5TrbLDn1QAepR1NqQ4arvNu2WRVBE3FmXOexJmH4Y1hKGh7kEeGZiSdcB12K Ztsh9DGyR24des0GRYuIj2zlFbHixi1nxzKORm/WGdzRrw4t2u4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:25 2026 by rpki-client