$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145020.roa File: AS145020.roa (raw, json) Hash identifier: YY9bhuV9PFh3WpH1PycOwzO9cFakFN2k6CB3gIQw+0E= Subject key identifier: 95:3A:82:BF:AE:B6:E6:EA:99:5E:3C:2E:F5:B5:02:E3:8C:68:75:26 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E6AE3749C93E859ED1E4B8D958C4A877A8342FC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145020.roa Signing time: Wed 04 Mar 2026 06:20:41 +0000 ROA not before: Wed 04 Mar 2026 06:15:41 +0000 ROA not after: Wed 03 Mar 2027 06:20:41 +0000 asID: 145020 IP address blocks: 240a:a942::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:6a:e3:74:9c:93:e8:59:ed:1e:4b:8d:95:8c:4a:87:7a:83:42:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:41 2026 GMT Not After : Mar 3 06:20:41 2027 GMT Subject: CN=953A82BFAEB6E6EA995E3C2EF5B502E38C687526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ef:e9:8f:05:90:d7:81:6d:bc:c5:3b:ab:bb: 7f:e7:16:eb:d3:44:19:93:54:64:6c:80:66:d7:15: ec:e2:e6:b8:9f:de:33:a3:54:50:1a:8d:89:fb:be: ed:dd:ce:a9:f7:4a:c4:cc:b3:5e:a7:22:33:18:e4: 2a:ea:fd:c3:0b:8d:0a:7f:fd:9d:ba:60:30:d1:04: 3c:05:fb:9c:5d:7c:c0:70:6a:ae:93:2d:1c:21:cf: fb:23:8d:6f:a1:30:19:51:2c:f0:52:75:fb:4f:9c: d5:5e:f4:53:48:58:f8:11:65:39:89:1c:90:1c:57: 07:11:a4:16:70:3e:d6:38:40:87:e2:4a:f8:49:36: 87:dc:dd:9b:27:cf:84:80:c1:1b:62:5f:8c:b6:e5: ba:7f:07:8b:f2:90:bf:22:e4:48:d2:80:ef:df:61: 5f:84:0b:dd:d8:2a:c8:00:87:80:34:a4:28:e8:dd: 01:4b:11:17:b8:8a:10:4d:86:cf:6d:f3:68:b8:46: a0:aa:33:de:7b:66:57:2e:69:fc:a7:36:f2:0a:4c: c2:11:e8:a6:92:68:d9:c0:a5:f3:d9:ab:72:7e:7f: 09:98:ac:f7:e8:f0:08:4b:e5:be:09:7b:30:f0:50: 25:e4:6e:77:cd:09:ec:53:07:20:11:0e:2d:40:20: cb:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:3A:82:BF:AE:B6:E6:EA:99:5E:3C:2E:F5:B5:02:E3:8C:68:75:26 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145020.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a942::/32 Signature Algorithm: sha256WithRSAEncryption 3d:ad:1c:40:1f:10:e2:14:01:b3:88:8c:e3:d9:93:e3:b5:e2: ef:04:b9:09:dd:03:d9:8f:45:0a:09:72:91:53:b6:db:97:30: 50:96:41:b7:14:c0:53:2b:e5:56:f1:1e:a0:f6:76:23:fa:68: 7e:99:77:2d:49:a4:d5:72:2d:57:38:5f:22:15:2f:86:a0:b2: 2e:0b:b2:e9:91:ab:4e:c9:95:70:c2:d7:d8:39:8a:e6:33:7e: 7d:ae:e4:b6:a5:37:5d:27:38:62:8b:68:8b:4f:9f:85:2f:5b: 91:c7:e6:9c:24:26:4d:ef:27:15:b6:a3:b3:32:3e:99:3f:8f: c4:90:1d:d3:89:dd:a7:5a:3a:2c:60:63:12:b7:13:b4:f2:a1: ae:4c:41:91:9b:4d:4f:72:dc:08:ba:92:a1:b2:14:8f:39:48: b7:6c:26:c5:05:53:3a:a2:7f:f6:a7:8c:37:ae:db:c2:af:79: 8b:1f:8c:05:9d:3c:0b:72:bd:9e:6e:53:18:c6:f4:e0:d7:3b: 5e:f3:8b:0b:49:8f:10:91:89:62:39:82:63:bd:fc:d3:f7:16: 58:e5:b7:ec:5f:df:55:bd:32:16:78:6c:24:ed:35:5e:2e:35: cf:c5:7e:d3:7d:f0:71:08:a8:55:31:2a:27:d9:5b:a6:21:77: 9d:c1:e0:ef -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPmrjdJyT6FntHkuNlYxKh3qDQvwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0MVoX DTI3MDMwMzA2MjA0MVowMzExMC8GA1UEAxMoOTUzQTgyQkZBRUI2RTZFQTk5NUUz QzJFRjVCNTAyRTM4QzY4NzUyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzv6Y8FkNeBbbzFO6u7f+cW69NEGZNUZGyAZtcV7OLmuJ/eM6NUUBqNifu+ 7d3OqfdKxMyzXqciMxjkKur9wwuNCn/9nbpgMNEEPAX7nF18wHBqrpMtHCHP+yON b6EwGVEs8FJ1+0+c1V70U0hY+BFlOYkckBxXBxGkFnA+1jhAh+JK+Ek2h9zdmyfP hIDBG2JfjLblun8Hi/KQvyLkSNKA799hX4QL3dgqyACHgDSkKOjdAUsRF7iKEE2G z23zaLhGoKoz3ntmVy5p/Kc28gpMwhHoppJo2cCl89mrcn5/CZis9+jwCEvlvgl7 MPBQJeRud80J7FMHIBEOLUAgy8MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSVOoK/ rrbm6plePC71tQLjjGh1JjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qUIwDQYJKoZIhvcNAQELBQADggEBAD2tHEAfEOIUAbOIjOPZk+O14u8EuQndA9mP RQoJcpFTttuXMFCWQbcUwFMr5VbxHqD2diP6aH6Zdy1JpNVyLVc4XyIVL4agsi4L sumRq07JlXDC19g5iuYzfn2u5LalN10nOGKLaItPn4UvW5HH5pwkJk3vJxW2o7My Ppk/j8SQHdOJ3adaOixgYxK3E7Tyoa5MQZGbTU9y3Ai6kqGyFI85SLdsJsUFUzqi f/anjDeu28KveYsfjAWdPAtyvZ5uUxjG9ODXO17ziwtJjxCRiWI5gmO9/NP3Fljl t+xf31W9MhZ4bCTtNV4uNc/FftN98HEIqFUxKifZW6Yhd53B4O8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:15 2026 by rpki-client