$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145717.roa File: AS145717.roa (raw, json) Hash identifier: NvQs8G17ncBPvnITtyFQ3vScKw9cSP9sWkzI2OHhs9k= Subject key identifier: C4:38:F1:75:7D:00:0D:BA:E5:7B:2F:C7:55:E2:F7:BA:65:7C:D6:87 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2374D4E3FB45488A7E657EEAD234DB62A212F95E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145717.roa Signing time: Wed 04 Mar 2026 06:30:37 +0000 ROA not before: Wed 04 Mar 2026 06:25:37 +0000 ROA not after: Wed 03 Mar 2027 06:30:37 +0000 asID: 145717 IP address blocks: 240a:abfb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:74:d4:e3:fb:45:48:8a:7e:65:7e:ea:d2:34:db:62:a2:12:f9:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:37 2026 GMT Not After : Mar 3 06:30:37 2027 GMT Subject: CN=C438F1757D000DBAE57B2FC755E2F7BA657CD687 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:af:b5:b6:03:78:e2:44:18:87:19:81:13:99: 37:5f:c3:98:c8:5c:97:b2:b5:b6:f4:49:d8:6c:54: 3b:a9:2a:7c:b1:33:b6:ae:f5:e6:2f:fa:a0:45:df: 65:66:40:5b:63:94:ae:34:d6:8d:5b:24:02:e0:5a: e0:c2:dd:26:5a:69:c5:ba:b2:59:10:1d:b0:e0:f9: f3:ef:d1:21:f0:04:b5:7c:1f:eb:fa:e1:98:97:15: 63:5d:8b:96:45:86:7a:9b:45:97:f3:03:3e:d8:dc: 93:84:37:61:d1:b4:33:ff:2f:07:f0:52:45:47:59: 94:1c:3b:9f:d3:a4:18:c3:92:e6:7d:f5:90:66:21: 1b:78:95:58:ed:03:85:ff:af:52:1a:3e:76:e7:a9: 13:63:e6:0c:8d:3a:9d:4c:b0:93:3c:2a:45:87:55: 77:57:c8:d2:80:e2:52:27:86:60:5b:9d:bd:3a:22: c5:ee:45:21:d8:d6:24:d6:9a:cd:6c:32:ab:e9:52: 5a:2c:85:51:8d:ab:0f:8f:27:db:6c:bd:dd:44:f3: 69:91:22:2c:a4:44:9f:10:c0:30:9b:4c:81:5e:1a: a8:5d:0f:b5:37:77:ce:e7:f6:39:30:0b:98:e3:76: 2e:24:d4:43:99:ea:f4:5a:69:ce:ae:94:b8:43:2f: d8:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:38:F1:75:7D:00:0D:BA:E5:7B:2F:C7:55:E2:F7:BA:65:7C:D6:87 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145717.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abfb::/32 Signature Algorithm: sha256WithRSAEncryption 58:1a:9d:bc:9b:7c:09:09:c9:dd:75:70:58:16:53:3d:45:88: a6:d2:99:35:3f:cf:d5:2b:70:b0:b5:b6:be:c2:3b:d4:40:27: bf:9a:5a:e0:ad:ef:e0:f1:35:e6:87:0b:a0:c5:0d:d9:4c:7b: be:4a:a9:16:1e:75:5d:c8:05:da:c4:09:1c:bb:e3:58:c5:eb: bd:34:24:fd:9c:50:df:8c:bc:cb:0a:06:51:b9:f6:1a:cc:29: 4c:12:7b:8d:06:ab:b6:01:6d:85:88:df:b3:a6:1d:21:53:7b: 82:b3:fa:f8:eb:4c:78:1c:ae:36:06:4e:32:ab:a9:9c:0f:68: f6:39:41:e9:d8:34:19:35:7a:a7:95:fc:b6:38:7c:e2:43:fb: 13:e1:d6:fb:e9:25:ab:f0:5e:95:5a:fa:71:97:b0:31:2c:0e: dd:9c:00:fe:ad:f6:65:e4:27:79:61:fe:71:a1:62:f6:de:8e: f2:53:c5:a5:92:38:ce:1e:89:1a:58:e6:c9:01:91:aa:d9:17: fa:56:ba:5d:f0:38:5c:ed:26:d7:36:1d:b1:48:70:18:46:76: bd:68:5e:3c:47:26:2d:88:a6:de:df:03:54:53:c9:23:ce:ea: 7f:db:0c:e2:a7:48:34:13:f0:12:0c:b9:fb:9c:ee:05:e9:04: 04:65:be:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI3TU4/tFSIp+ZX7q0jTbYqIS+V4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzN1oX DTI3MDMwMzA2MzAzN1owMzExMC8GA1UEAxMoQzQzOEYxNzU3RDAwMERCQUU1N0Iy RkM3NTVFMkY3QkE2NTdDRDY4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIyvtbYDeOJEGIcZgROZN1/DmMhcl7K1tvRJ2GxUO6kqfLEztq715i/6oEXf ZWZAW2OUrjTWjVskAuBa4MLdJlppxbqyWRAdsOD58+/RIfAEtXwf6/rhmJcVY12L lkWGeptFl/MDPtjck4Q3YdG0M/8vB/BSRUdZlBw7n9OkGMOS5n31kGYhG3iVWO0D hf+vUho+duepE2PmDI06nUywkzwqRYdVd1fI0oDiUieGYFudvToixe5FIdjWJNaa zWwyq+lSWiyFUY2rD48n22y93UTzaZEiLKREnxDAMJtMgV4aqF0PtTd3zuf2OTAL mON2LiTUQ5nq9Fppzq6UuEMv2KsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTEOPF1 fQANuuV7L8dV4ve6ZXzWhzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcxNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q/swDQYJKoZIhvcNAQELBQADggEBAFganbybfAkJyd11cFgWUz1FiKbSmTU/z9Ur cLC1tr7CO9RAJ7+aWuCt7+DxNeaHC6DFDdlMe75KqRYedV3IBdrECRy741jF6700 JP2cUN+MvMsKBlG59hrMKUwSe40Gq7YBbYWI37OmHSFTe4Kz+vjrTHgcrjYGTjKr qZwPaPY5QenYNBk1eqeV/LY4fOJD+xPh1vvpJavwXpVa+nGXsDEsDt2cAP6t9mXk J3lh/nGhYvbejvJTxaWSOM4eiRpY5skBkarZF/pWul3wOFztJtc2HbFIcBhGdr1o XjxHJi2Ipt7fA1RTySPO6n/bDOKnSDQT8BIMufuc7gXpBARlvpg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:13 2026 by rpki-client