$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145733.roa File: AS145733.roa (raw, json) Hash identifier: SFc+hqnM7uOQXbiRB94DezZObCOMUt9GksbF0S05MeY= Subject key identifier: AF:CE:5E:72:1E:14:53:23:AC:2B:9A:81:DC:E1:A9:6C:66:BB:9A:91 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5E47B9F2D5275A40282B0B77A325AC45B3D1945F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145733.roa Signing time: Wed 04 Mar 2026 06:30:59 +0000 ROA not before: Wed 04 Mar 2026 06:25:59 +0000 ROA not after: Wed 03 Mar 2027 06:30:59 +0000 asID: 145733 IP address blocks: 240a:ac0b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:47:b9:f2:d5:27:5a:40:28:2b:0b:77:a3:25:ac:45:b3:d1:94:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:59 2026 GMT Not After : Mar 3 06:30:59 2027 GMT Subject: CN=AFCE5E721E145323AC2B9A81DCE1A96C66BB9A91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d1:18:c0:bd:2d:ed:9f:08:91:30:7d:ac:15: 79:22:2e:42:9f:ab:2e:91:ab:c9:31:62:d4:3d:b0: df:33:f2:f7:ff:34:88:d1:b2:c7:f4:da:c8:3a:ac: 22:08:8c:86:78:18:d0:15:b9:2d:38:07:04:8d:27: 31:c3:fd:a1:a6:4a:07:14:3c:84:79:34:cf:0b:f4: 23:f8:3b:e4:a0:7a:1d:6b:6e:d5:c3:62:73:27:f5: 5b:2d:85:07:8a:46:4b:e7:c1:30:95:7f:fe:f6:3c: 0d:e9:a5:40:48:2f:96:78:25:9b:9d:ab:27:48:80: f7:4b:cc:58:5b:e3:6d:94:ab:d6:fc:ec:80:52:cd: 8e:dd:0b:43:96:60:75:ac:46:42:d5:44:7a:39:19: bf:6b:dc:4a:f2:a8:26:ad:3e:e4:88:4e:d9:9e:24: 5d:17:b3:6d:2e:48:da:46:2d:74:71:f9:7a:67:b5: 1b:80:1c:09:97:fb:a1:bd:70:87:b8:27:4a:77:af: 26:32:e6:b4:62:cc:36:52:6e:15:82:35:d8:d3:0c: 68:ea:2f:f6:e5:9f:c0:e7:c0:36:2c:10:df:b1:46: 15:91:34:8b:56:05:54:06:e3:bf:0a:1d:66:66:ca: 3b:9b:64:be:7f:65:96:7f:f1:0e:28:2d:72:79:a0: e4:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:CE:5E:72:1E:14:53:23:AC:2B:9A:81:DC:E1:A9:6C:66:BB:9A:91 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac0b::/32 Signature Algorithm: sha256WithRSAEncryption 30:ec:c8:e5:b4:21:ba:24:21:a7:f2:4d:d2:f2:00:b8:01:06: 86:e5:7d:7c:35:eb:a9:80:58:a8:6c:ea:ab:28:63:2c:69:ef: 7d:6a:5c:e0:da:ed:06:1d:ad:7c:f8:5d:78:13:73:9d:77:70: 8a:2b:ca:10:49:26:d0:34:e4:bc:72:71:1a:df:7c:1f:9c:ec: 99:57:9b:c2:29:12:ba:e2:9b:88:47:3c:a8:5f:86:a3:8a:d1: 7a:bd:6c:3c:08:fa:ae:32:57:ec:22:34:07:4d:b5:10:41:ed: 66:54:5e:c5:e0:4d:42:b7:e0:30:ab:8b:18:1f:11:55:1c:d7: f8:e7:62:47:5b:a6:54:04:8b:ce:ce:33:e9:a6:b6:18:68:8e: 0c:31:1a:59:b6:d1:c8:4b:66:56:29:56:1c:4d:02:e8:7c:37: 90:64:59:a2:e9:24:e1:fb:fb:9e:e9:a0:e7:a0:c5:5f:b6:53: fe:70:44:16:06:0a:6c:87:e9:f7:44:7a:c4:5f:ca:60:86:26: 76:e6:d8:dc:1e:e1:d6:54:8e:cc:5f:7d:6e:c4:f1:7b:4e:bc: 06:5c:f2:5f:a6:cf:60:d2:a6:0b:ab:fa:b8:5f:a2:cd:07:75: e4:a7:9b:14:cd:e5:f2:a1:29:01:83:30:e7:08:26:3b:d7:89: d3:5f:13:d4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXke58tUnWkAoKwt3oyWsRbPRlF8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1OVoX DTI3MDMwMzA2MzA1OVowMzExMC8GA1UEAxMoQUZDRTVFNzIxRTE0NTMyM0FDMkI5 QTgxRENFMUE5NkM2NkJCOUE5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPRGMC9Le2fCJEwfawVeSIuQp+rLpGryTFi1D2w3zPy9/80iNGyx/TayDqs IgiMhngY0BW5LTgHBI0nMcP9oaZKBxQ8hHk0zwv0I/g75KB6HWtu1cNicyf1Wy2F B4pGS+fBMJV//vY8DemlQEgvlnglm52rJ0iA90vMWFvjbZSr1vzsgFLNjt0LQ5Zg daxGQtVEejkZv2vcSvKoJq0+5IhO2Z4kXRezbS5I2kYtdHH5eme1G4AcCZf7ob1w h7gnSnevJjLmtGLMNlJuFYI12NMMaOov9uWfwOfANiwQ37FGFZE0i1YFVAbjvwod ZmbKO5tkvn9lln/xDigtcnmg5BcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSvzl5y HhRTI6wrmoHc4alsZruakTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTczMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rAswDQYJKoZIhvcNAQELBQADggEBADDsyOW0IbokIafyTdLyALgBBoblfXw166mA WKhs6qsoYyxp731qXODa7QYdrXz4XXgTc513cIoryhBJJtA05LxycRrffB+c7JlX m8IpErrim4hHPKhfhqOK0Xq9bDwI+q4yV+wiNAdNtRBB7WZUXsXgTUK34DCrixgf EVUc1/jnYkdbplQEi87OM+mmthhojgwxGlm20chLZlYpVhxNAuh8N5BkWaLpJOH7 +57poOegxV+2U/5wRBYGCmyH6fdEesRfymCGJnbm2Nwe4dZUjsxffW7E8XtOvAZc 8l+mz2DSpgur+rhfos0HdeSnmxTN5fKhKQGDMOcIJjvXidNfE9Q= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:48 2026 by rpki-client