$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145059.roa File: AS145059.roa (raw, json) Hash identifier: ygQ1pPgqV8LGc1mHx3C8OlB05cfpZoKsnWoeuHUEW4A= Subject key identifier: DE:C6:6F:5F:63:B8:AF:5A:E5:92:68:24:3E:CA:F3:80:75:4F:C6:84 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7CA6F20A9DA0FC43A5CE63998B32190ADA317952 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145059.roa Signing time: Wed 04 Mar 2026 06:20:47 +0000 ROA not before: Wed 04 Mar 2026 06:15:47 +0000 ROA not after: Wed 03 Mar 2027 06:20:47 +0000 asID: 145059 IP address blocks: 240a:a969::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:a6:f2:0a:9d:a0:fc:43:a5:ce:63:99:8b:32:19:0a:da:31:79:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:47 2026 GMT Not After : Mar 3 06:20:47 2027 GMT Subject: CN=DEC66F5F63B8AF5AE59268243ECAF380754FC684 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:86:c4:2a:98:cd:8a:5c:51:9b:72:0d:8b:f6: b4:f9:d9:fa:fb:ad:4c:72:8a:8b:d3:ce:24:85:9a: d1:8f:d6:56:e7:d3:9b:72:3b:fb:e2:3e:12:b1:12: 5e:73:21:64:8a:3f:d6:31:25:e3:70:70:93:9d:be: 5e:00:72:fa:ba:8a:7c:88:e1:02:cc:66:77:a7:ef: a8:d1:8f:be:5c:a7:25:e0:a7:20:79:eb:45:49:11: 9b:57:06:cc:ff:02:60:af:26:fa:eb:53:46:33:8c: 67:d3:70:cb:d5:4d:ef:15:0e:32:a6:df:b2:b5:ee: c5:41:0b:9e:c7:33:31:03:c5:41:67:4c:ea:bc:9a: 57:f8:22:19:2c:48:8d:da:d0:47:9a:d8:c1:89:43: f9:55:1c:22:fd:35:fd:ad:5e:33:8b:d7:08:c8:50: 62:ce:00:6a:36:9f:75:81:94:a5:33:5c:98:02:e6: cd:98:2e:2d:9b:79:fc:07:4b:66:e1:9b:89:7d:87: ce:6f:ad:df:fd:2c:81:11:6c:b2:10:02:a0:62:3a: b9:ac:03:2f:c8:ff:bc:45:5e:1d:65:8c:1a:ed:14: e7:47:00:36:21:17:db:3f:d8:2e:64:44:90:be:34: db:b1:02:3a:de:04:3c:dc:76:64:f4:cb:28:76:01: 6f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:C6:6F:5F:63:B8:AF:5A:E5:92:68:24:3E:CA:F3:80:75:4F:C6:84 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145059.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a969::/32 Signature Algorithm: sha256WithRSAEncryption 09:d6:a3:9c:4e:0a:57:29:2c:98:87:5c:e2:b2:61:ff:18:e5: 0b:f8:1e:70:1e:e5:3c:78:57:f9:27:7c:f2:4d:dc:bd:22:10: 52:94:f1:4d:8b:fb:fa:ec:84:eb:0c:07:c9:42:ae:3e:77:e5: 4d:8b:3e:a5:16:81:0c:e3:bc:63:7b:29:cf:7d:13:3f:b3:cd: aa:5c:13:6b:c0:96:88:20:ce:f7:fb:0e:51:8e:0e:39:59:55: a2:a7:d1:aa:36:fd:b0:06:f9:a6:9e:e0:0b:f5:72:94:8a:2f: 51:77:87:ca:80:7d:d7:17:63:b4:66:a6:a8:ad:e1:12:a8:01: de:5b:9a:06:a6:39:94:7e:c5:14:5d:4e:43:f2:74:b8:96:e0: 93:ea:4a:31:1a:32:f1:6d:12:60:c4:0d:fe:04:89:65:3a:11: 33:bf:0d:56:8b:38:ea:71:cc:4a:6e:4d:ad:21:34:7a:06:13: c7:48:b0:43:72:7a:8c:14:af:0b:4c:53:e5:c1:91:ec:24:f5: 6e:ea:69:fd:a0:75:dc:db:73:d1:9d:bb:b1:ed:d2:d9:cb:9f: b9:a2:01:1f:be:c6:95:35:ab:56:40:01:b7:b8:ad:6e:4b:4f: e8:c2:d2:16:20:5c:90:9a:9d:f7:3f:4e:7e:a4:b8:16:da:89: 7b:2d:cd:64 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfKbyCp2g/EOlzmOZizIZCtoxeVIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0N1oX DTI3MDMwMzA2MjA0N1owMzExMC8GA1UEAxMoREVDNjZGNUY2M0I4QUY1QUU1OTI2 ODI0M0VDQUYzODA3NTRGQzY4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKGxCqYzYpcUZtyDYv2tPnZ+vutTHKKi9POJIWa0Y/WVufTm3I7++I+ErES XnMhZIo/1jEl43Bwk52+XgBy+rqKfIjhAsxmd6fvqNGPvlynJeCnIHnrRUkRm1cG zP8CYK8m+utTRjOMZ9Nwy9VN7xUOMqbfsrXuxUELnsczMQPFQWdM6ryaV/giGSxI jdrQR5rYwYlD+VUcIv01/a1eM4vXCMhQYs4AajafdYGUpTNcmALmzZguLZt5/AdL ZuGbiX2Hzm+t3/0sgRFsshACoGI6uawDL8j/vEVeHWWMGu0U50cANiEX2z/YLmRE kL4027ECOt4EPNx2ZPTLKHYBb6ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTexm9f Y7ivWuWSaCQ+yvOAdU/GhDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qWkwDQYJKoZIhvcNAQELBQADggEBAAnWo5xOClcpLJiHXOKyYf8Y5Qv4HnAe5Tx4 V/knfPJN3L0iEFKU8U2L+/rshOsMB8lCrj535U2LPqUWgQzjvGN7Kc99Ez+zzapc E2vAloggzvf7DlGODjlZVaKn0ao2/bAG+aae4Av1cpSKL1F3h8qAfdcXY7Rmpqit 4RKoAd5bmgamOZR+xRRdTkPydLiW4JPqSjEaMvFtEmDEDf4EiWU6ETO/DVaLOOpx zEpuTa0hNHoGE8dIsENyeowUrwtMU+XBkewk9W7qaf2gddzbc9Gdu7Ht0tnLn7mi AR++xpU1q1ZAAbe4rW5LT+jC0hYgXJCanfc/Tn6kuBbaiXstzWQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:59 2026 by rpki-client