$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145109.roa File: AS145109.roa (raw, json) Hash identifier: 6kVf4KVLdU+QB9Q7Ed98wA7a+p3r3N123bLnql27jMI= Subject key identifier: 48:DE:28:01:6A:E7:C9:58:2B:99:38:0F:3E:61:B3:12:54:99:F3:3D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0C9635A7562B28E321D8330B60AFB13660B665DA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145109.roa Signing time: Wed 04 Mar 2026 06:22:29 +0000 ROA not before: Wed 04 Mar 2026 06:17:29 +0000 ROA not after: Wed 03 Mar 2027 06:22:29 +0000 asID: 145109 IP address blocks: 240a:a99b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:96:35:a7:56:2b:28:e3:21:d8:33:0b:60:af:b1:36:60:b6:65:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:29 2026 GMT Not After : Mar 3 06:22:29 2027 GMT Subject: CN=48DE28016AE7C9582B99380F3E61B3125499F33D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b1:4f:64:76:55:93:a0:b8:4f:18:0d:95:1b: 62:8d:ef:7d:c1:2d:ee:36:39:9f:09:3a:24:a6:e1: 9f:5a:9d:db:c1:89:19:75:a4:e1:1a:c6:49:28:d4: fe:20:67:0e:db:5a:d6:a7:17:64:54:fa:8b:cc:95: 3e:c7:c9:83:9e:f1:2b:d4:53:4c:82:c2:8d:84:29: 86:ef:03:34:cb:3e:75:7a:ac:82:49:05:3f:fe:b1: 06:b9:77:36:1e:5b:b1:e4:10:08:0c:64:95:1a:e5: 5a:44:ee:8b:e2:fb:ce:8a:eb:9a:6b:7d:ba:3c:cd: 8e:6f:50:5f:70:19:54:69:72:34:3d:78:6b:2c:c6: 33:e3:f1:39:77:64:bd:b6:3e:fe:67:1d:25:ec:cb: bc:48:32:00:f5:08:98:48:da:42:cc:52:8f:a3:4d: b4:c3:8d:92:c6:15:d5:51:a4:7f:bc:75:12:18:52: d3:33:77:3f:a5:08:f8:ab:a6:44:22:91:94:80:2e: a4:c4:f8:d1:5c:0f:93:ce:16:e3:b2:fd:5b:4c:b5: c9:b4:0f:ee:29:17:6d:b0:42:1d:6b:eb:38:83:10: cc:4c:47:cb:8c:5e:8a:71:2d:6c:7d:e3:b5:0c:11: 15:cc:64:3b:3d:c5:e1:e2:10:69:4b:bb:7f:0b:df: cf:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:DE:28:01:6A:E7:C9:58:2B:99:38:0F:3E:61:B3:12:54:99:F3:3D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145109.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a99b::/32 Signature Algorithm: sha256WithRSAEncryption 40:0b:6b:cc:87:77:ed:04:8f:50:c6:fa:59:75:05:13:61:f0: 90:0c:e1:e7:19:31:46:ab:17:d0:cd:8d:df:43:c1:4b:5b:09: 64:fb:90:af:ce:2e:19:06:33:63:c5:7d:b7:5a:a3:f9:21:79: ca:49:bc:41:5f:fa:78:53:1d:19:6d:40:f7:b3:35:87:8a:76: 0f:3c:51:88:3d:a6:ae:fe:af:3f:2f:46:e3:3a:4b:04:d8:f3: be:f2:81:75:03:d9:9f:8f:47:6e:99:bf:c9:48:dd:97:14:5d: 6f:26:1e:e6:ad:4d:15:34:9a:25:4f:73:ec:2f:d4:5e:ac:8b: 4f:5b:6c:a3:2b:04:02:ff:b7:33:3f:ce:f8:45:01:4f:55:27: 14:de:01:5b:46:16:40:a4:74:e4:0e:53:fb:b6:95:0b:ec:c0: 40:df:74:84:54:33:71:76:4f:ff:03:69:ff:56:ac:70:0e:4f: f8:99:da:82:b0:81:1d:4b:fa:3f:8b:a8:26:55:b7:33:28:da: 89:67:60:c3:58:a0:6c:7f:01:3d:2a:fc:b4:99:20:b7:a6:c2: 96:de:06:ab:da:66:c5:5a:e2:9d:bd:ee:79:29:a2:24:08:04: 22:4a:eb:cb:2b:be:45:ea:4f:3d:e5:a9:d5:4c:93:7c:4d:6d: d5:03:9d:4a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDJY1p1YrKOMh2DMLYK+xNmC2ZdowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyOVoX DTI3MDMwMzA2MjIyOVowMzExMC8GA1UEAxMoNDhERTI4MDE2QUU3Qzk1ODJCOTkz ODBGM0U2MUIzMTI1NDk5RjMzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJqxT2R2VZOguE8YDZUbYo3vfcEt7jY5nwk6JKbhn1qd28GJGXWk4RrGSSjU /iBnDtta1qcXZFT6i8yVPsfJg57xK9RTTILCjYQphu8DNMs+dXqsgkkFP/6xBrl3 Nh5bseQQCAxklRrlWkTui+L7zorrmmt9ujzNjm9QX3AZVGlyND14ayzGM+PxOXdk vbY+/mcdJezLvEgyAPUImEjaQsxSj6NNtMONksYV1VGkf7x1EhhS0zN3P6UI+Kum RCKRlIAupMT40VwPk84W47L9W0y1ybQP7ikXbbBCHWvrOIMQzExHy4xeinEtbH3j tQwRFcxkOz3F4eIQaUu7fwvfz/8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRI3igB aufJWCuZOA8+YbMSVJnzPTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qZswDQYJKoZIhvcNAQELBQADggEBAEALa8yHd+0Ej1DG+ll1BRNh8JAM4ecZMUar F9DNjd9DwUtbCWT7kK/OLhkGM2PFfbdao/khecpJvEFf+nhTHRltQPezNYeKdg88 UYg9pq7+rz8vRuM6SwTY877ygXUD2Z+PR26Zv8lI3ZcUXW8mHuatTRU0miVPc+wv 1F6si09bbKMrBAL/tzM/zvhFAU9VJxTeAVtGFkCkdOQOU/u2lQvswEDfdIRUM3F2 T/8Daf9WrHAOT/iZ2oKwgR1L+j+LqCZVtzMo2olnYMNYoGx/AT0q/LSZILemwpbe BqvaZsVa4p297nkpoiQIBCJK68srvkXqTz3lqdVMk3xNbdUDnUo= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:44 2026 by rpki-client