$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145718.roa File: AS145718.roa (raw, json) Hash identifier: mMYZRpgxhc7l8tf8XN2OGov0tDifMLIUsJHIOQHNvlU= Subject key identifier: 3D:E7:BC:A9:6F:81:9D:2C:D4:9C:D6:6A:83:53:AE:40:03:7B:AF:EB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 42520CD9EA7CE3BBF3E59D90987DB0A285D1E48F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145718.roa Signing time: Wed 04 Mar 2026 06:30:48 +0000 ROA not before: Wed 04 Mar 2026 06:25:48 +0000 ROA not after: Wed 03 Mar 2027 06:30:48 +0000 asID: 145718 IP address blocks: 240a:abfc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:52:0c:d9:ea:7c:e3:bb:f3:e5:9d:90:98:7d:b0:a2:85:d1:e4:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:48 2026 GMT Not After : Mar 3 06:30:48 2027 GMT Subject: CN=3DE7BCA96F819D2CD49CD66A8353AE40037BAFEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:98:f2:4e:a6:ae:5c:19:af:a1:f0:61:94:ca: 17:c6:8a:94:52:fb:24:6e:10:5b:2d:90:04:d2:23: d7:1f:aa:ba:2f:c2:f1:92:23:e8:93:c0:01:b1:aa: 72:56:ff:8e:2c:a0:50:d4:2e:0f:b2:81:57:64:26: 93:59:92:f6:24:db:25:6f:c7:99:17:62:b7:14:8a: ab:a9:30:d2:7d:f1:d7:af:0e:47:ae:52:8c:e3:75: 6f:26:57:e0:31:9e:2f:f4:ab:0b:43:60:c3:ac:7f: b1:b1:9c:51:65:0c:71:11:ee:2c:b3:73:72:2c:f3: fb:ca:55:38:0b:91:a1:5c:db:2e:a0:e8:59:34:ec: ad:5e:d1:22:c0:f6:f4:40:5e:9f:99:0e:ad:a1:ad: 69:d4:34:36:c1:e8:5f:35:9d:1b:3a:fa:b1:eb:27: d1:5f:8c:2d:05:4d:c8:0c:e3:8a:8e:2c:78:8b:dc: c3:5d:c8:2b:2d:e3:40:12:9d:6d:79:88:0d:17:32: 95:42:af:5d:ac:c9:4d:40:c2:3e:8f:f1:f5:5f:dd: f9:30:8c:ac:7b:73:44:83:6e:bd:e6:d2:85:34:6d: aa:8f:26:43:45:df:1b:8f:94:71:5c:97:b0:4a:ac: 86:de:5c:d8:e3:7b:fd:fc:c3:1b:68:b0:d2:d4:67: f8:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:E7:BC:A9:6F:81:9D:2C:D4:9C:D6:6A:83:53:AE:40:03:7B:AF:EB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145718.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abfc::/32 Signature Algorithm: sha256WithRSAEncryption d0:2a:ee:23:82:ba:af:1d:00:6e:d7:e5:69:1b:c8:04:02:a9: 41:f8:27:82:fe:aa:99:06:78:62:2b:5d:aa:1a:7a:af:f5:d5: f5:f3:22:e7:c9:bf:05:d2:6c:c2:d4:88:ba:48:57:46:1a:cd: ff:9a:46:3b:12:4a:1b:dc:a6:43:e6:b3:27:27:a9:fb:5c:82: b8:20:85:20:82:45:01:0e:a1:0e:42:47:12:7a:86:74:06:e0: 55:34:10:de:27:fe:e8:d7:bf:97:08:2e:d1:25:21:66:c6:94: cf:2d:48:1b:f7:19:c5:cd:e0:d9:34:41:4e:96:12:67:9c:a3: 2a:43:08:33:82:c9:a6:81:5d:e5:57:09:b0:51:9a:5d:95:0d: 53:83:76:ec:65:5a:91:25:7d:de:7a:d6:c7:2e:9b:b5:c4:a3: 8c:5d:f1:2e:35:f3:64:81:e4:51:3b:e8:f4:ab:47:de:ce:90: c1:99:da:bf:6c:9b:fc:c7:0f:4f:00:5c:69:bf:e5:96:50:7f: ea:f4:dd:3f:5d:5f:93:96:8d:53:ae:34:78:f4:ee:65:04:e2: 89:9b:d3:86:b4:aa:1f:f4:23:9e:71:81:e1:ef:3f:2a:6f:65: 6d:4b:d3:50:3e:43:c8:23:2b:b0:8a:ed:e0:89:a9:58:d3:62: 90:2a:81:f7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQlIM2ep847vz5Z2QmH2wooXR5I8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0OFoX DTI3MDMwMzA2MzA0OFowMzExMC8GA1UEAxMoM0RFN0JDQTk2RjgxOUQyQ0Q0OUNE NjZBODM1M0FFNDAwMzdCQUZFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALGY8k6mrlwZr6HwYZTKF8aKlFL7JG4QWy2QBNIj1x+qui/C8ZIj6JPAAbGq clb/jiygUNQuD7KBV2Qmk1mS9iTbJW/HmRditxSKq6kw0n3x168OR65SjON1byZX 4DGeL/SrC0Ngw6x/sbGcUWUMcRHuLLNzcizz+8pVOAuRoVzbLqDoWTTsrV7RIsD2 9EBen5kOraGtadQ0NsHoXzWdGzr6sesn0V+MLQVNyAzjio4seIvcw13IKy3jQBKd bXmIDRcylUKvXazJTUDCPo/x9V/d+TCMrHtzRINuvebShTRtqo8mQ0XfG4+UcVyX sEqsht5c2ON7/fzDG2iw0tRn+P0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ957yp b4GdLNSc1mqDU65AA3uv6zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q/wwDQYJKoZIhvcNAQELBQADggEBANAq7iOCuq8dAG7X5WkbyAQCqUH4J4L+qpkG eGIrXaoaeq/11fXzIufJvwXSbMLUiLpIV0Yazf+aRjsSShvcpkPmsycnqftcgrgg hSCCRQEOoQ5CRxJ6hnQG4FU0EN4n/ujXv5cILtElIWbGlM8tSBv3GcXN4Nk0QU6W EmecoypDCDOCyaaBXeVXCbBRml2VDVODduxlWpElfd561scum7XEo4xd8S4182SB 5FE76PSrR97OkMGZ2r9sm/zHD08AXGm/5ZZQf+r03T9dX5OWjVOuNHj07mUE4omb 04a0qh/0I55xgeHvPypvZW1L01A+Q8gjK7CK7eCJqVjTYpAqgfc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:56 2026 by rpki-client