$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145069.roa File: AS145069.roa (raw, json) Hash identifier: YGsc4p8I7ekY7NJMN+jIXrEsw2VusxVbuXGNLOdURrM= Subject key identifier: 69:DF:94:2E:73:F0:CB:29:FE:E1:E8:FA:32:46:EC:F8:76:47:B1:DC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 091D747F74CEF024586067FA16C09D042884A237 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145069.roa Signing time: Wed 04 Mar 2026 06:20:44 +0000 ROA not before: Wed 04 Mar 2026 06:15:44 +0000 ROA not after: Wed 03 Mar 2027 06:20:44 +0000 asID: 145069 IP address blocks: 240a:a973::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:1d:74:7f:74:ce:f0:24:58:60:67:fa:16:c0:9d:04:28:84:a2:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:44 2026 GMT Not After : Mar 3 06:20:44 2027 GMT Subject: CN=69DF942E73F0CB29FEE1E8FA3246ECF87647B1DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:42:f8:5e:79:fb:8c:af:1a:08:f2:aa:d5:2a: 2a:24:e1:46:82:26:88:e5:c2:b9:9d:ba:26:8e:c9: 3a:48:e3:1b:9f:bc:01:a7:90:c8:16:58:b9:97:3c: f1:e4:88:5a:a7:87:f2:39:07:b8:ad:e7:fe:58:ba: 37:14:6c:ca:69:aa:82:8a:d2:be:60:ea:52:1f:3d: 56:27:bf:e4:2f:ce:5c:59:57:93:9a:66:dc:f2:7f: d4:e5:4b:1b:85:e1:2f:89:f7:66:64:10:f5:92:f5: 8c:27:37:71:be:3e:50:8c:1e:4d:ce:ab:25:62:75: 09:62:2d:07:c7:e6:81:37:d4:ab:96:ba:6c:0c:81: a7:e0:d3:6d:01:ac:6c:d6:18:c0:c3:9f:56:c7:c0: d2:0b:0c:30:a7:ac:dc:a2:35:07:98:30:6b:90:d8: 74:f7:b1:82:d3:6e:27:21:37:5c:75:2f:94:3e:0a: 48:8b:0c:c6:1f:de:f9:41:64:4d:18:c5:c4:5d:90: ab:3a:ea:5c:c2:66:77:25:30:19:0e:a4:17:31:2c: 5b:15:02:0b:6d:a1:a4:bd:98:4c:fd:85:b2:e9:a0: c2:1f:48:6f:e7:ca:0d:72:d3:97:97:5c:cc:11:9d: 1b:23:f8:c5:b8:65:7d:9e:c8:b9:74:07:cf:46:00: 8f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:DF:94:2E:73:F0:CB:29:FE:E1:E8:FA:32:46:EC:F8:76:47:B1:DC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145069.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a973::/32 Signature Algorithm: sha256WithRSAEncryption 27:89:f3:8e:57:96:28:c0:98:de:b2:d0:55:80:b2:2a:b0:45: 15:35:cc:a8:18:eb:70:bd:40:af:9a:40:50:64:24:66:ce:5d: 41:a7:dd:76:94:d1:d3:c4:ec:16:12:3f:dc:cf:90:3c:d6:fa: be:62:7a:c7:1e:f7:ab:6b:9d:08:97:a7:73:7e:76:79:16:ad: c4:cf:4a:b3:ec:3c:e6:90:47:e6:96:00:37:83:b1:b6:68:37: d1:c1:ea:69:45:27:c3:3d:44:39:7a:d6:84:93:8b:58:2b:72: 95:4f:51:8d:3c:3f:0e:4b:92:1a:fd:2b:93:8f:b3:ce:77:2c: 20:da:18:2b:b1:ad:e3:6d:64:da:b4:71:37:5b:56:9a:e4:24: 0f:1b:17:c7:10:01:3c:41:0d:38:5b:57:76:10:21:69:3b:3e: 0b:fd:75:e0:12:88:6d:b4:30:10:27:d4:61:5a:99:23:5f:03: 2b:3c:f7:96:28:60:ba:7d:7a:54:55:8d:2b:03:c0:48:3d:10: 51:63:77:7c:85:d1:24:44:6b:ce:bc:18:39:80:89:be:79:48: 4b:ab:69:2f:af:d1:b8:1a:b8:2d:26:9d:b1:a8:8b:2a:7a:51: a8:8a:e2:5a:a5:44:dd:5f:63:75:c7:6f:13:e7:f1:0b:6b:8e: 2a:66:25:15 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCR10f3TO8CRYYGf6FsCdBCiEojcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU0NFoX DTI3MDMwMzA2MjA0NFowMzExMC8GA1UEAxMoNjlERjk0MkU3M0YwQ0IyOUZFRTFF OEZBMzI0NkVDRjg3NjQ3QjFEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALJC+F55+4yvGgjyqtUqKiThRoImiOXCuZ26Jo7JOkjjG5+8AaeQyBZYuZc8 8eSIWqeH8jkHuK3n/li6NxRsymmqgorSvmDqUh89Vie/5C/OXFlXk5pm3PJ/1OVL G4XhL4n3ZmQQ9ZL1jCc3cb4+UIweTc6rJWJ1CWItB8fmgTfUq5a6bAyBp+DTbQGs bNYYwMOfVsfA0gsMMKes3KI1B5gwa5DYdPexgtNuJyE3XHUvlD4KSIsMxh/e+UFk TRjFxF2QqzrqXMJmdyUwGQ6kFzEsWxUCC22hpL2YTP2Fsumgwh9Ib+fKDXLTl5dc zBGdGyP4xbhlfZ7IuXQHz0YAj1cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRp35Qu c/DLKf7h6PoyRuz4dkex3DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTA2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qXMwDQYJKoZIhvcNAQELBQADggEBACeJ845XlijAmN6y0FWAsiqwRRU1zKgY63C9 QK+aQFBkJGbOXUGn3XaU0dPE7BYSP9zPkDzW+r5iesce96trnQiXp3N+dnkWrcTP SrPsPOaQR+aWADeDsbZoN9HB6mlFJ8M9RDl61oSTi1grcpVPUY08Pw5Lkhr9K5OP s853LCDaGCuxreNtZNq0cTdbVprkJA8bF8cQATxBDThbV3YQIWk7Pgv9deASiG20 MBAn1GFamSNfAys895YoYLp9elRVjSsDwEg9EFFjd3yF0SREa868GDmAib55SEur aS+v0bgauC0mnbGoiyp6UaiK4lqlRN1fY3XHbxPn8QtrjipmJRU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:39 2026 by rpki-client