$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145043.roa File: AS145043.roa (raw, json) Hash identifier: H+Z1IjLcRsmeW+2xf9OeVHMo3Nv2/CWwuOK8hZMysa4= Subject key identifier: 05:FC:AD:52:22:51:C2:A0:86:67:25:3A:F0:8E:50:B2:6C:F5:04:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 41BACF1AB3E255E771BDEF5D7216EDE8DB9DD8B7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145043.roa Signing time: Wed 04 Mar 2026 06:22:25 +0000 ROA not before: Wed 04 Mar 2026 06:17:25 +0000 ROA not after: Wed 03 Mar 2027 06:22:25 +0000 asID: 145043 IP address blocks: 240a:a959::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:ba:cf:1a:b3:e2:55:e7:71:bd:ef:5d:72:16:ed:e8:db:9d:d8:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:25 2026 GMT Not After : Mar 3 06:22:25 2027 GMT Subject: CN=05FCAD522251C2A08667253AF08E50B26CF504E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:fc:0e:b9:96:12:46:d3:8c:5a:c6:52:7a:02: 4c:94:9d:c1:06:1a:1e:92:15:d4:ac:da:e9:52:df: 4b:d5:83:d2:11:86:a3:dc:57:f1:b6:20:2a:be:d6: 39:b7:92:4f:a4:77:82:bf:a4:78:75:ef:96:e9:b2: cb:27:c5:e8:1b:c3:03:04:da:7a:ac:9b:f9:59:94: d5:a7:ff:76:33:b9:25:c0:42:d9:83:f0:ef:62:cf: 19:3a:c2:58:e9:a1:3b:dc:80:ec:5d:eb:eb:73:9f: 43:bf:da:da:8e:1c:31:54:99:3b:bb:ab:bd:5e:77: d5:3a:20:3c:ec:d3:d0:44:c4:eb:1d:90:23:2b:df: d3:41:cd:3a:ac:3f:ca:16:d4:83:2d:64:05:b4:52: a9:34:7b:92:8e:cc:30:ef:ba:ca:fd:04:d5:40:24: 06:c7:52:2d:c1:fb:e8:dc:79:c6:28:70:bb:38:7d: c9:95:1e:2a:1b:95:52:26:a6:01:1b:3a:3e:5c:03: 1c:5c:9a:cf:e6:c7:21:80:db:79:a6:f5:55:03:4a: d3:00:61:d9:9c:28:85:94:73:83:52:44:c9:27:04: 15:bb:f8:e0:8a:09:e6:6b:af:19:3a:53:8c:7b:aa: 73:01:c7:a1:bd:d4:36:c8:37:a1:e2:66:ff:94:26: a6:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:FC:AD:52:22:51:C2:A0:86:67:25:3A:F0:8E:50:B2:6C:F5:04:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145043.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a959::/32 Signature Algorithm: sha256WithRSAEncryption 1b:3a:53:75:b4:cf:f7:ce:d1:a1:51:f0:60:ee:75:94:a4:00: f9:46:c6:eb:b9:6f:14:4e:a3:e9:fd:4f:6c:1b:78:10:f1:0f: 9f:c3:64:50:db:6f:0d:4d:f4:45:57:01:5d:d6:f8:f6:15:e0: 7e:59:54:77:ae:36:bd:80:92:85:8c:4d:8c:5e:da:f6:ca:7f: 6a:23:f5:50:51:71:ea:22:33:04:24:02:08:4e:7a:1a:60:9e: ef:bb:60:43:8a:5a:0f:fe:c8:f3:d7:b5:2d:99:01:f4:b7:b6: a9:03:06:e7:50:4d:df:84:07:3d:90:a2:06:45:87:cb:a3:1d: 8c:35:b2:fa:7d:6e:eb:3a:cb:20:32:85:5b:99:35:22:c9:e2: ce:e2:f4:5a:fc:b9:3b:0b:fe:a0:75:10:0d:0f:8c:79:e6:c5: c0:e0:18:ed:45:ec:fc:22:14:bd:d9:3f:1e:20:03:d3:6d:88: e1:75:f6:e6:df:2a:85:fb:08:71:04:da:36:94:59:c9:8a:12: 45:c8:fd:95:ad:0b:68:3a:c9:f8:24:d3:d6:af:85:82:35:98: be:f2:7e:b1:23:bc:62:90:e8:fa:6e:a5:3e:1d:bb:b1:64:00: b7:ea:14:99:a2:8a:b2:0b:52:e2:17:28:e3:d3:02:d5:a0:a1: 01:c2:94:62 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQbrPGrPiVedxve9dchbt6Nud2LcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyNVoX DTI3MDMwMzA2MjIyNVowMzExMC8GA1UEAxMoMDVGQ0FENTIyMjUxQzJBMDg2Njcy NTNBRjA4RTUwQjI2Q0Y1MDRFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ78DrmWEkbTjFrGUnoCTJSdwQYaHpIV1Kza6VLfS9WD0hGGo9xX8bYgKr7W ObeST6R3gr+keHXvlumyyyfF6BvDAwTaeqyb+VmU1af/djO5JcBC2YPw72LPGTrC WOmhO9yA7F3r63OfQ7/a2o4cMVSZO7urvV531TogPOzT0ETE6x2QIyvf00HNOqw/ yhbUgy1kBbRSqTR7ko7MMO+6yv0E1UAkBsdSLcH76Nx5xihwuzh9yZUeKhuVUiam ARs6PlwDHFyaz+bHIYDbeab1VQNK0wBh2ZwohZRzg1JEyScEFbv44IoJ5muvGTpT jHuqcwHHob3UNsg3oeJm/5QmphkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQF/K1S IlHCoIZnJTrwjlCybPUE4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qVkwDQYJKoZIhvcNAQELBQADggEBABs6U3W0z/fO0aFR8GDudZSkAPlGxuu5bxRO o+n9T2wbeBDxD5/DZFDbbw1N9EVXAV3W+PYV4H5ZVHeuNr2AkoWMTYxe2vbKf2oj 9VBRceoiMwQkAghOehpgnu+7YEOKWg/+yPPXtS2ZAfS3tqkDBudQTd+EBz2QogZF h8ujHYw1svp9bus6yyAyhVuZNSLJ4s7i9Fr8uTsL/qB1EA0PjHnmxcDgGO1F7Pwi FL3ZPx4gA9NtiOF19ubfKoX7CHEE2jaUWcmKEkXI/ZWtC2g6yfgk09avhYI1mL7y frEjvGKQ6PpupT4du7FkALfqFJmiirILUuIXKOPTAtWgoQHClGI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:08 2026 by rpki-client