$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145061.roa File: AS145061.roa (raw, json) Hash identifier: fUbQvek15TOTkx+OCPhFnYRHFBedWN4ARSyjBXuezYA= Subject key identifier: AF:46:EC:2C:6A:59:28:2E:5F:65:87:0F:94:32:3C:90:73:5B:CF:DB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 011827C0E6CCB20FE22CFA6869599CF37968D951 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145061.roa Signing time: Wed 04 Mar 2026 06:20:04 +0000 ROA not before: Wed 04 Mar 2026 06:15:04 +0000 ROA not after: Wed 03 Mar 2027 06:20:04 +0000 asID: 145061 IP address blocks: 240a:a96b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:18:27:c0:e6:cc:b2:0f:e2:2c:fa:68:69:59:9c:f3:79:68:d9:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:04 2026 GMT Not After : Mar 3 06:20:04 2027 GMT Subject: CN=AF46EC2C6A59282E5F65870F94323C90735BCFDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:57:82:9e:f6:14:c4:b3:87:3f:44:89:aa:44: 62:95:da:cb:25:99:17:00:c2:74:fa:3f:ae:5a:f4: 4c:18:25:c9:45:5e:e0:96:df:69:8e:38:ac:e5:40: c8:a1:36:bb:df:d8:31:8d:bc:37:6c:29:a9:2a:64: e9:d3:4d:42:b8:97:15:ab:f5:d9:02:7a:a0:f4:27: 82:5b:d6:3e:a0:e0:8f:ea:30:42:ee:12:1a:d4:66: 3e:df:be:c5:4b:51:34:4d:85:fe:d1:4d:f5:f5:03: ca:50:3a:43:2e:53:71:8d:c1:e9:25:9a:d5:74:71: 17:9b:f6:b2:fd:5e:31:bd:3b:91:e3:e0:c1:c1:b8: 64:57:73:65:04:02:62:2f:8e:61:11:8f:42:5d:f3: 48:24:f9:cd:6c:ca:d3:7e:70:66:3e:76:a3:6e:8d: 86:b4:e4:a0:b1:ac:56:8e:a9:bf:8c:a1:a9:a9:e4: 50:06:bc:28:39:2e:0a:7b:e0:5a:52:ff:0d:35:51: 1c:92:21:50:37:64:84:9e:9c:65:e5:c7:86:a4:f7: 74:9b:42:03:8b:1f:6a:5b:11:44:8f:50:cb:7e:c9: 78:1a:2f:48:da:71:a1:49:3e:79:b0:f3:58:a7:1a: c7:b9:e9:a2:30:9d:6a:3a:85:6e:32:c7:95:85:62: 7e:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:46:EC:2C:6A:59:28:2E:5F:65:87:0F:94:32:3C:90:73:5B:CF:DB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145061.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a96b::/32 Signature Algorithm: sha256WithRSAEncryption 4b:cf:3b:48:ee:aa:bc:4b:ae:33:21:04:48:cb:8d:8d:61:3f: 27:bb:b4:8e:49:70:7c:5b:6d:96:bc:8e:20:5d:87:e9:d0:a9: fb:2a:03:71:f0:d8:8b:9b:be:79:3f:ff:7a:22:1d:82:1d:e9: de:33:51:39:57:18:36:8f:84:1f:d8:fe:a5:ce:36:4b:5a:35: 7f:30:f0:21:bc:7a:e1:5f:46:aa:6f:b3:cd:a2:1b:6b:9d:bc: 81:ca:9a:b6:8d:54:50:5b:78:e9:cd:9c:53:48:df:61:22:f8: 1b:95:b3:88:8d:23:f8:e6:46:ad:80:ad:78:0b:db:33:3c:8c: 7b:4f:b9:3b:d9:22:b6:b3:a1:00:39:e0:76:41:9e:87:03:7f: cd:6d:55:bc:0d:34:e1:b8:7a:5e:87:cc:d7:9e:3e:11:36:3e: 21:b1:fb:69:2c:02:8b:17:72:6f:15:5c:3f:4e:65:b8:38:1f: da:e2:ee:13:0c:00:f1:46:cb:42:0a:81:b8:2f:ba:fe:67:0c: c7:23:d3:48:a9:92:48:eb:12:55:bc:1d:ff:03:41:ed:c6:2e: 10:f7:85:01:44:e4:0d:76:96:2d:f8:68:77:dd:f8:a5:3e:a7: c2:78:1d:94:bf:27:13:53:74:5d:ff:5c:15:95:13:0d:81:93: c6:f3:16:f3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUARgnwObMsg/iLPpoaVmc83lo2VEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUwNFoX DTI3MDMwMzA2MjAwNFowMzExMC8GA1UEAxMoQUY0NkVDMkM2QTU5MjgyRTVGNjU4 NzBGOTQzMjNDOTA3MzVCQ0ZEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKNXgp72FMSzhz9EiapEYpXayyWZFwDCdPo/rlr0TBglyUVe4JbfaY44rOVA yKE2u9/YMY28N2wpqSpk6dNNQriXFav12QJ6oPQnglvWPqDgj+owQu4SGtRmPt++ xUtRNE2F/tFN9fUDylA6Qy5TcY3B6SWa1XRxF5v2sv1eMb07kePgwcG4ZFdzZQQC Yi+OYRGPQl3zSCT5zWzK035wZj52o26NhrTkoLGsVo6pv4yhqankUAa8KDkuCnvg WlL/DTVRHJIhUDdkhJ6cZeXHhqT3dJtCA4sfalsRRI9Qy37JeBovSNpxoUk+ebDz WKcax7npojCdajqFbjLHlYVifisCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSvRuws alkoLl9lhw+UMjyQc1vP2zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qWswDQYJKoZIhvcNAQELBQADggEBAEvPO0juqrxLrjMhBEjLjY1hPye7tI5JcHxb bZa8jiBdh+nQqfsqA3Hw2Iubvnk//3oiHYId6d4zUTlXGDaPhB/Y/qXONktaNX8w 8CG8euFfRqpvs82iG2udvIHKmraNVFBbeOnNnFNI32Ei+BuVs4iNI/jmRq2ArXgL 2zM8jHtPuTvZIrazoQA54HZBnocDf81tVbwNNOG4el6HzNeePhE2PiGx+2ksAosX cm8VXD9OZbg4H9ri7hMMAPFGy0IKgbgvuv5nDMcj00ipkkjrElW8Hf8DQe3GLhD3 hQFE5A12li34aHfd+KU+p8J4HZS/JxNTdF3/XBWVEw2Bk8bzFvM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:59 2026 by rpki-client