$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145029.roa File: AS145029.roa (raw, json) Hash identifier: u2bhE+VYvNIOZeAadfe0OVMM5E1lBKE9FMCR53n/kKw= Subject key identifier: 01:67:71:F6:F7:07:D7:DC:7C:66:5C:A2:44:AB:C0:75:57:A6:99:AD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 48DD6A00F0586EB2662F05A40DE91A4E584F3C84 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145029.roa Signing time: Wed 04 Mar 2026 06:20:42 +0000 ROA not before: Wed 04 Mar 2026 06:15:42 +0000 ROA not after: Wed 03 Mar 2027 06:20:42 +0000 asID: 145029 IP address blocks: 240a:a94b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:dd:6a:00:f0:58:6e:b2:66:2f:05:a4:0d:e9:1a:4e:58:4f:3c:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:42 2026 GMT Not After : Mar 3 06:20:42 2027 GMT Subject: CN=016771F6F707D7DC7C665CA244ABC07557A699AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5a:99:3e:d8:96:86:d6:cc:14:f4:0c:32:eb: 6d:62:f4:91:f1:f5:e1:47:9a:b3:68:08:36:d1:2a: a1:d8:e1:d1:c7:59:ce:a0:b9:1e:45:c0:7b:4e:92: 94:d4:17:82:13:31:db:ce:81:91:11:e4:54:a1:13: 7b:0c:4e:66:82:44:22:19:8f:41:24:cd:b5:13:32: 3b:59:09:2f:15:79:cb:dd:93:27:e7:6f:df:dd:54: f0:90:ab:f1:68:2e:b7:4c:cf:c8:93:7f:6c:03:37: 3d:89:fd:40:79:1a:54:6a:b2:d9:16:0c:6c:27:48: e7:4e:7c:16:36:04:f6:eb:45:28:ed:68:2d:06:ee: 0f:07:aa:4e:26:87:08:6a:26:79:07:28:31:ea:2c: 4e:9f:d1:cb:0d:51:8d:c1:27:64:1a:b2:db:5e:89: 3e:d2:ff:3c:c3:31:39:a0:47:05:92:11:ce:f4:8d: 62:cd:ef:4c:bc:8e:a9:3b:47:05:6a:c9:51:6c:d1: ab:40:97:37:8d:ac:fc:84:6f:9b:ed:30:39:2b:4e: 6e:6b:40:d9:f3:00:43:5f:98:32:42:0c:a2:f8:6d: 3b:a4:de:99:98:42:39:61:a5:fb:7a:21:61:7c:19: e7:2a:a5:8c:67:d1:b4:34:c6:38:31:f7:7f:58:b4: 7a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:67:71:F6:F7:07:D7:DC:7C:66:5C:A2:44:AB:C0:75:57:A6:99:AD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145029.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a94b::/32 Signature Algorithm: sha256WithRSAEncryption 9b:8d:55:2b:58:37:56:1a:4c:fc:86:e4:8e:23:05:52:57:97: 77:cb:05:13:06:c8:7b:72:5b:b5:10:95:e2:5f:ba:54:d1:71: 5d:df:a4:79:0b:fb:eb:5b:48:a6:6b:9f:9b:c5:53:e3:d5:71: 4d:34:e0:65:57:21:d2:91:b8:69:e9:2f:28:05:4d:c8:27:7f: 59:fd:b5:09:7e:d4:ae:64:e3:77:ec:b3:62:7f:66:5c:34:68: 8c:a4:84:22:bc:90:6d:de:49:de:ea:99:10:61:3b:ad:f6:9e: ab:cd:eb:56:de:25:f9:26:13:a7:5f:66:e6:12:08:54:94:cf: 85:fb:e4:14:15:80:34:1a:3d:fd:88:fd:92:df:93:f0:87:05: 29:9b:1c:76:ba:4c:7d:75:78:ff:cd:bc:3d:8e:44:8e:3a:28: 78:c5:c6:ce:ab:3e:a0:bd:9d:73:b3:7b:f2:19:53:61:d8:ee: 4d:f7:f4:12:dc:43:23:8b:17:90:e3:ea:a0:37:e6:12:f5:01: dc:14:75:78:7c:d4:42:0b:3a:bc:6c:b2:65:05:6e:fe:29:f3: b9:35:36:5c:16:e0:44:e8:1e:e7:cb:83:47:2e:4b:79:45:ac: 93:c9:6b:f3:7d:72:93:c6:74:72:0c:fc:cc:8f:13:a5:30:26: d1:2d:07:97 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSN1qAPBYbrJmLwWkDekaTlhPPIQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0MloX DTI3MDMwMzA2MjA0MlowMzExMC8GA1UEAxMoMDE2NzcxRjZGNzA3RDdEQzdDNjY1 Q0EyNDRBQkMwNzU1N0E2OTlBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9amT7YlobWzBT0DDLrbWL0kfH14Ueas2gINtEqodjh0cdZzqC5HkXAe06S lNQXghMx286BkRHkVKETewxOZoJEIhmPQSTNtRMyO1kJLxV5y92TJ+dv391U8JCr 8Wgut0zPyJN/bAM3PYn9QHkaVGqy2RYMbCdI5058FjYE9utFKO1oLQbuDweqTiaH CGomeQcoMeosTp/Ryw1RjcEnZBqy216JPtL/PMMxOaBHBZIRzvSNYs3vTLyOqTtH BWrJUWzRq0CXN42s/IRvm+0wOStObmtA2fMAQ1+YMkIMovhtO6TemZhCOWGl+3oh YXwZ5yqljGfRtDTGODH3f1i0eqsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQBZ3H2 9wfX3HxmXKJEq8B1V6aZrTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTAyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qUswDQYJKoZIhvcNAQELBQADggEBAJuNVStYN1YaTPyG5I4jBVJXl3fLBRMGyHty W7UQleJfulTRcV3fpHkL++tbSKZrn5vFU+PVcU004GVXIdKRuGnpLygFTcgnf1n9 tQl+1K5k43fss2J/Zlw0aIykhCK8kG3eSd7qmRBhO632nqvN61beJfkmE6dfZuYS CFSUz4X75BQVgDQaPf2I/ZLfk/CHBSmbHHa6TH11eP/NvD2ORI46KHjFxs6rPqC9 nXOze/IZU2HY7k339BLcQyOLF5Dj6qA35hL1AdwUdXh81EILOrxssmUFbv4p87k1 NlwW4EToHufLg0cuS3lFrJPJa/N9cpPGdHIM/MyPE6UwJtEtB5c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:27 2026 by rpki-client