$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145721.roa File: AS145721.roa (raw, json) Hash identifier: qi5QUOPCwx2061r3/CJrG3YbIsyYzvRMYAVYT2BJjsE= Subject key identifier: 2C:6E:B5:12:EC:EC:55:4D:E1:EF:9F:7F:34:8B:F0:CC:03:5F:A9:92 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 28B064972E215BFC9F376CDC146FF3C5D0E28B0C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145721.roa Signing time: Wed 04 Mar 2026 06:30:49 +0000 ROA not before: Wed 04 Mar 2026 06:25:49 +0000 ROA not after: Wed 03 Mar 2027 06:30:49 +0000 asID: 145721 IP address blocks: 240a:abff::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:b0:64:97:2e:21:5b:fc:9f:37:6c:dc:14:6f:f3:c5:d0:e2:8b:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:49 2026 GMT Not After : Mar 3 06:30:49 2027 GMT Subject: CN=2C6EB512ECEC554DE1EF9F7F348BF0CC035FA992 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:69:1d:a7:41:43:49:c5:9c:48:c7:c6:53:c0: 6c:b3:3c:db:2e:43:b5:21:1e:4c:37:8b:67:14:15: 9a:2c:11:0f:0d:2d:64:a6:b0:9b:64:cb:db:2f:5b: bd:97:73:b1:c0:61:07:0d:78:22:cf:5a:ff:6a:53: a1:97:9f:98:95:04:9e:0c:f7:03:e3:96:4e:0e:4b: 83:3b:df:ca:89:c0:ff:a5:e4:f9:e7:9f:3b:a2:0c: 2d:e2:c5:de:9b:91:22:00:0d:0e:ec:25:ce:3b:40: e1:eb:f7:ac:aa:22:16:34:13:e6:eb:68:43:53:8a: 77:65:39:78:67:7b:57:de:da:13:00:c1:33:8d:6e: 1e:63:92:6f:1c:9b:2a:cb:9a:60:ce:a6:72:4c:9a: e2:90:5c:07:7b:26:de:9b:d9:92:56:83:29:e1:be: dc:9b:93:7a:50:11:e4:e9:2c:b8:64:93:f5:21:0e: bb:6a:9a:76:f3:b8:35:be:0d:3b:d6:f5:9c:95:61: 99:91:4d:f5:e0:a8:6b:c3:15:a6:38:f2:27:26:cc: 00:15:97:dd:0f:e4:d6:8a:dc:d2:8d:38:8f:2c:e3: d2:9f:85:19:e9:a7:80:11:da:6d:94:db:e5:66:a7: dd:9e:9d:81:41:94:2d:2f:24:86:ff:d4:3b:c8:57: 78:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:6E:B5:12:EC:EC:55:4D:E1:EF:9F:7F:34:8B:F0:CC:03:5F:A9:92 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145721.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:abff::/32 Signature Algorithm: sha256WithRSAEncryption 63:e4:c7:92:61:6c:17:d5:d3:6f:7b:f0:c5:ee:39:90:14:48: 16:ca:73:84:7d:d4:cf:a2:a3:33:17:a4:55:d2:ed:e6:7f:2d: bd:02:d5:51:75:a6:78:94:c7:54:a7:8d:cd:9e:81:5d:89:70: e5:39:51:d7:7a:ad:ee:9e:ac:f8:a2:3d:5f:99:3e:a5:b6:df: 90:c0:e6:75:44:d4:56:61:e8:09:05:db:f9:fc:f7:c8:82:c1: d2:a7:30:ac:ef:f2:90:c3:55:c3:c6:6c:8d:de:34:5a:81:db: aa:b8:1f:23:40:97:92:9f:26:c8:c9:58:df:83:3d:59:7e:56: fd:a0:9d:51:27:01:56:61:6a:ac:e1:43:fd:e0:da:94:52:02: 6f:95:91:8d:2a:37:94:8c:d4:cf:6c:d3:f4:51:98:de:34:be: 40:06:7a:28:a2:be:c8:fc:17:b0:11:87:fc:0c:03:f8:8a:57: 45:4b:0e:14:40:0a:f3:31:0f:c9:d2:d7:1f:c0:de:86:ec:3d: f0:ca:b1:12:c5:4a:81:c0:fd:ce:4e:21:f8:5b:02:2b:8e:61: 4f:52:61:09:f9:46:ff:bd:36:e8:de:7d:38:24:17:62:b9:ef: 49:b8:f6:1d:1b:16:62:97:1a:a9:26:01:b3:2b:1b:f8:96:82: 32:55:5e:d7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKLBkly4hW/yfN2zcFG/zxdDiiwwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU0OVoX DTI3MDMwMzA2MzA0OVowMzExMC8GA1UEAxMoMkM2RUI1MTJFQ0VDNTU0REUxRUY5 RjdGMzQ4QkYwQ0MwMzVGQTk5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKVpHadBQ0nFnEjHxlPAbLM82y5DtSEeTDeLZxQVmiwRDw0tZKawm2TL2y9b vZdzscBhBw14Is9a/2pToZefmJUEngz3A+OWTg5LgzvfyonA/6Xk+eefO6IMLeLF 3puRIgANDuwlzjtA4ev3rKoiFjQT5utoQ1OKd2U5eGd7V97aEwDBM41uHmOSbxyb KsuaYM6mckya4pBcB3sm3pvZklaDKeG+3JuTelAR5OksuGST9SEOu2qadvO4Nb4N O9b1nJVhmZFN9eCoa8MVpjjyJybMABWX3Q/k1orc0o04jyzj0p+FGemngBHabZTb 5Wan3Z6dgUGULS8khv/UO8hXeFECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQsbrUS 7OxVTeHvn380i/DMA1+pkjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTcyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK q/8wDQYJKoZIhvcNAQELBQADggEBAGPkx5JhbBfV02978MXuOZAUSBbKc4R91M+i ozMXpFXS7eZ/Lb0C1VF1pniUx1Snjc2egV2JcOU5Udd6re6erPiiPV+ZPqW235DA 5nVE1FZh6AkF2/n898iCwdKnMKzv8pDDVcPGbI3eNFqB26q4HyNAl5KfJsjJWN+D PVl+Vv2gnVEnAVZhaqzhQ/3g2pRSAm+VkY0qN5SM1M9s0/RRmN40vkAGeiiivsj8 F7ARh/wMA/iKV0VLDhRACvMxD8nS1x/A3obsPfDKsRLFSoHA/c5OIfhbAiuOYU9S YQn5Rv+9NujefTgkF2K570m49h0bFmKXGqkmAbMrG/iWgjJVXtc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:39 2026 by rpki-client