$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145119.roa File: AS145119.roa (raw, json) Hash identifier: QMNlwJ8zxxpXtxNpWOz19wFDYbju3Yb1xZ8+Qd/tRC8= Subject key identifier: F3:86:CD:BD:AC:80:D2:BE:B5:E0:DB:A4:B4:FD:50:A0:1C:72:C1:C3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 03B77FCAFE026C319A04FBC3837A4BFB820B7C24 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145119.roa Signing time: Wed 04 Mar 2026 06:22:24 +0000 ROA not before: Wed 04 Mar 2026 06:17:24 +0000 ROA not after: Wed 03 Mar 2027 06:22:24 +0000 asID: 145119 IP address blocks: 240a:a9a5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:b7:7f:ca:fe:02:6c:31:9a:04:fb:c3:83:7a:4b:fb:82:0b:7c:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:24 2026 GMT Not After : Mar 3 06:22:24 2027 GMT Subject: CN=F386CDBDAC80D2BEB5E0DBA4B4FD50A01C72C1C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:61:05:87:d8:81:91:39:b3:fa:49:54:cd:25: 02:f3:22:6d:e2:d9:16:f0:6c:9a:bf:cb:57:4c:4b: 7c:c9:10:f6:1f:e3:83:c7:8a:b3:e9:50:5c:d8:08: 28:05:f4:76:2e:43:b4:da:fd:73:8f:98:86:e6:4c: 8c:41:c2:50:1a:56:7f:fb:6b:6e:0e:f5:de:9b:dc: f9:3a:ae:20:6a:fa:27:29:b5:e4:f5:fb:f5:4a:8d: 94:40:ee:8f:f7:78:d2:38:5b:7e:ae:c1:ba:44:af: ad:ff:72:45:47:43:1a:4a:35:b2:d3:6d:52:3f:d6: 14:12:c5:17:f7:9c:c5:29:1d:0f:4d:fb:04:3b:89: 87:c2:41:bd:61:76:be:c1:ee:e6:c9:19:48:39:36: 27:b4:0e:7f:1b:83:3e:ec:f9:f8:b2:35:d6:be:85: 1d:32:38:14:ef:37:46:fa:a4:78:7f:c8:97:b2:00: 0d:ff:ac:7c:48:d2:6b:b4:97:3a:2c:25:ea:84:47: 33:dd:f0:2f:c2:58:a6:eb:91:4e:1a:ba:8f:5e:94: 77:b7:42:98:8f:a6:40:9d:8a:c0:96:76:f1:35:c7: 7f:3e:26:bb:ed:31:19:e9:20:56:15:04:99:5b:31: cd:d6:f7:4b:f6:69:f9:87:61:3c:4a:b0:1b:2b:e1: a0:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:86:CD:BD:AC:80:D2:BE:B5:E0:DB:A4:B4:FD:50:A0:1C:72:C1:C3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145119.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9a5::/32 Signature Algorithm: sha256WithRSAEncryption 2c:d2:6f:d9:f9:be:96:ee:2e:5a:94:7c:52:2a:25:70:30:b0: 60:c0:a7:84:af:04:90:cb:f7:b9:72:03:62:06:2a:7a:b7:3c: 36:2f:fb:f5:49:e9:8f:03:33:6f:ac:66:6c:a0:7a:bb:2d:bb: d1:21:36:ae:c7:a0:ed:45:1b:19:52:15:ed:2e:ae:2b:ef:a2: fe:7a:1b:b6:5a:ae:99:58:2a:d8:0a:cb:8a:65:21:09:76:b2: 77:fa:f6:c5:79:40:a4:41:b4:75:a1:fa:93:25:77:1b:73:6a: 23:aa:38:56:a0:f0:be:87:ca:41:d8:a0:e9:01:f1:57:14:e5: 7e:ca:27:f2:a3:8b:68:1e:2e:7b:3b:45:aa:28:37:9e:08:d8: ca:5c:23:9c:6c:af:ed:ac:49:90:71:5a:2f:4b:d5:81:dc:87: 69:11:08:96:5b:0f:df:3d:f3:f0:e5:39:a6:66:9a:8e:b6:b9: 07:c0:b0:11:b3:36:36:fa:e4:4f:58:3d:f0:c8:31:f6:e1:58: 01:20:cb:cc:53:3b:3a:52:37:03:2a:85:7f:23:94:3b:58:13: c7:27:ed:f6:e1:17:3f:e3:61:5e:a8:9a:b1:05:0d:5d:8b:70: ed:22:a5:37:02:69:ff:fd:02:d8:d7:bf:ee:85:69:bd:c9:ac: 31:f8:6a:7b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA7d/yv4CbDGaBPvDg3pL+4ILfCQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTcyNFoX DTI3MDMwMzA2MjIyNFowMzExMC8GA1UEAxMoRjM4NkNEQkRBQzgwRDJCRUI1RTBE QkE0QjRGRDUwQTAxQzcyQzFDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1hBYfYgZE5s/pJVM0lAvMibeLZFvBsmr/LV0xLfMkQ9h/jg8eKs+lQXNgI KAX0di5DtNr9c4+YhuZMjEHCUBpWf/trbg713pvc+TquIGr6Jym15PX79UqNlEDu j/d40jhbfq7BukSvrf9yRUdDGko1stNtUj/WFBLFF/ecxSkdD037BDuJh8JBvWF2 vsHu5skZSDk2J7QOfxuDPuz5+LI11r6FHTI4FO83RvqkeH/Il7IADf+sfEjSa7SX Oiwl6oRHM93wL8JYpuuRThq6j16Ud7dCmI+mQJ2KwJZ28TXHfz4mu+0xGekgVhUE mVsxzdb3S/Zp+YdhPEqwGyvhoPsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTzhs29 rIDSvrXg26S0/VCgHHLBwzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTExOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qaUwDQYJKoZIhvcNAQELBQADggEBACzSb9n5vpbuLlqUfFIqJXAwsGDAp4SvBJDL 97lyA2IGKnq3PDYv+/VJ6Y8DM2+sZmygerstu9EhNq7HoO1FGxlSFe0urivvov56 G7ZarplYKtgKy4plIQl2snf69sV5QKRBtHWh+pMldxtzaiOqOFag8L6HykHYoOkB 8VcU5X7KJ/Kji2geLns7RaooN54I2MpcI5xsr+2sSZBxWi9L1YHch2kRCJZbD989 8/DlOaZmmo62uQfAsBGzNjb65E9YPfDIMfbhWAEgy8xTOzpSNwMqhX8jlDtYE8cn 7fbhFz/jYV6omrEFDV2LcO0ipTcCaf/9AtjXv+6Fab3JrDH4ans= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:51 2026 by rpki-client