$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145856.roa File: AS145856.roa (raw, json) Hash identifier: d8hKyhLMZ4bkuox4ew3332l9QY/CIVcZ/OCmA6AMwYE= Subject key identifier: 5B:3A:F5:81:73:C9:61:59:86:F9:B6:EB:EC:0F:E5:83:62:1D:0D:8B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 502BF49F82165A495A791468803A2A4893E9D969 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145856.roa Signing time: Wed 04 Mar 2026 06:30:29 +0000 ROA not before: Wed 04 Mar 2026 06:25:29 +0000 ROA not after: Wed 03 Mar 2027 06:30:29 +0000 asID: 145856 IP address blocks: 240a:ac86::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:2b:f4:9f:82:16:5a:49:5a:79:14:68:80:3a:2a:48:93:e9:d9:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:29 2026 GMT Not After : Mar 3 06:30:29 2027 GMT Subject: CN=5B3AF58173C9615986F9B6EBEC0FE583621D0D8B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:dd:91:6f:d9:11:80:00:c8:b0:4b:bf:2d:aa: a5:ee:78:57:fb:37:21:14:fd:d2:42:04:29:d2:60: 02:3d:61:4e:e2:d5:2b:a0:65:34:82:0d:b5:71:ee: 0c:16:79:a9:18:f6:d1:98:c2:d5:ed:29:71:3c:6e: fe:12:36:30:a5:26:a7:ae:3e:2c:c2:42:d5:3b:47: a9:9e:ad:c1:09:79:39:42:79:21:f3:09:08:44:0d: 5c:22:19:94:10:57:18:c9:83:99:be:d4:eb:74:45: f4:c7:a6:bf:4b:47:5c:ef:c8:04:27:e9:06:21:37: 9a:62:cc:10:a1:70:e3:5f:bd:11:86:25:f3:a6:e4: 3d:3c:ca:11:9e:08:05:1c:ed:8f:a7:03:fa:c1:ea: 20:69:1a:a5:b1:cb:5f:85:7d:21:f6:ca:a1:82:a2: f5:f4:17:ad:22:d8:fc:54:45:59:a7:22:4e:a5:fa: 8a:0b:02:12:69:cb:23:98:6b:f5:86:8d:dd:0d:92: d9:e8:bc:1e:a7:da:da:c6:b8:84:7c:52:9c:a4:ce: 50:75:eb:fe:32:6e:10:f1:95:ee:ee:94:22:ce:39: d8:62:e3:63:04:8a:79:7b:2d:4b:51:f4:3e:c2:93: 90:e0:13:d8:d3:1f:51:02:d0:e4:fa:fb:05:64:1f: 37:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:3A:F5:81:73:C9:61:59:86:F9:B6:EB:EC:0F:E5:83:62:1D:0D:8B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145856.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ac86::/32 Signature Algorithm: sha256WithRSAEncryption 7b:aa:2c:32:95:6b:c7:d5:52:6c:94:f9:00:cd:a7:80:ba:67: c0:ae:84:e1:2c:21:08:51:25:b3:50:4c:9d:76:7c:32:cf:19: bf:81:f5:f6:34:2d:5b:2c:e5:4c:cb:f1:83:34:d1:27:57:a3: 69:e2:9f:da:27:be:98:dc:58:76:8a:1f:42:a6:2c:2f:7f:bb: de:8e:af:0f:a4:1f:64:92:ff:82:b1:a5:e0:97:f7:6c:7b:ab: 3f:24:ba:5d:86:93:df:3b:df:fb:50:1e:4d:d8:55:6d:c0:8d: 72:0c:8e:43:37:4d:d8:1f:45:65:2a:ca:ec:72:66:cd:bc:85: aa:d4:5e:6a:a7:92:98:84:85:eb:47:e2:03:64:f3:c7:06:6a: 67:21:2f:c8:70:0f:de:76:01:17:e6:b2:9a:90:b6:93:4d:17: 62:46:57:36:9f:51:84:29:7e:a9:de:86:1d:dd:79:7d:32:c4: 71:2d:e4:b7:f4:63:88:0d:e3:d4:db:86:d2:f0:9e:d8:6f:db: 05:2c:76:25:9b:1d:7b:e4:84:68:1c:b4:85:86:9a:e1:46:dd: 6a:54:b6:e8:83:17:74:6a:4b:5a:a1:45:2e:c1:a7:fe:50:71: 94:f7:bf:36:e3:4d:f7:1b:bf:b3:49:d4:37:ff:22:51:54:59: c3:ea:45:5f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUCv0n4IWWklaeRRogDoqSJPp2WkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUyOVoX DTI3MDMwMzA2MzAyOVowMzExMC8GA1UEAxMoNUIzQUY1ODE3M0M5NjE1OTg2RjlC NkVCRUMwRkU1ODM2MjFEMEQ4QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALvdkW/ZEYAAyLBLvy2qpe54V/s3IRT90kIEKdJgAj1hTuLVK6BlNIINtXHu DBZ5qRj20ZjC1e0pcTxu/hI2MKUmp64+LMJC1TtHqZ6twQl5OUJ5IfMJCEQNXCIZ lBBXGMmDmb7U63RF9Memv0tHXO/IBCfpBiE3mmLMEKFw41+9EYYl86bkPTzKEZ4I BRztj6cD+sHqIGkapbHLX4V9IfbKoYKi9fQXrSLY/FRFWaciTqX6igsCEmnLI5hr 9YaN3Q2S2ei8Hqfa2sa4hHxSnKTOUHXr/jJuEPGV7u6UIs452GLjYwSKeXstS1H0 PsKTkOAT2NMfUQLQ5Pr7BWQfNyUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRbOvWB c8lhWYb5tuvsD+WDYh0NizAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTg1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rIYwDQYJKoZIhvcNAQELBQADggEBAHuqLDKVa8fVUmyU+QDNp4C6Z8CuhOEsIQhR JbNQTJ12fDLPGb+B9fY0LVss5UzL8YM00SdXo2nin9onvpjcWHaKH0KmLC9/u96O rw+kH2SS/4KxpeCX92x7qz8kul2Gk9873/tQHk3YVW3AjXIMjkM3TdgfRWUqyuxy Zs28harUXmqnkpiEhetH4gNk88cGamchL8hwD952ARfmspqQtpNNF2JGVzafUYQp fqnehh3deX0yxHEt5Lf0Y4gN49TbhtLwnthv2wUsdiWbHXvkhGgctIWGmuFG3WpU tuiDF3RqS1qhRS7Bp/5QcZT3vzbjTfcbv7NJ1Df/IlFUWcPqRV8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:42 2026 by rpki-client