$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145120.roa File: AS145120.roa (raw, json) Hash identifier: 2TrGadPFphlWyzUU58vt04eO43pPb/YbWaNgutAuDa8= Subject key identifier: 2B:19:BD:7D:F1:48:0E:98:BC:22:11:4B:75:41:30:FE:C1:2C:FE:1D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 76F65D35CD05F066878336DB2F7863000C6C6592 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145120.roa Signing time: Wed 04 Mar 2026 06:19:20 +0000 ROA not before: Wed 04 Mar 2026 06:14:20 +0000 ROA not after: Wed 03 Mar 2027 06:19:20 +0000 asID: 145120 IP address blocks: 240a:a9a6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:f6:5d:35:cd:05:f0:66:87:83:36:db:2f:78:63:00:0c:6c:65:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:20 2026 GMT Not After : Mar 3 06:19:20 2027 GMT Subject: CN=2B19BD7DF1480E98BC22114B754130FEC12CFE1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fc:0c:e8:b9:c7:8e:04:45:0a:68:28:f2:93: fd:fe:e0:96:29:06:76:58:0a:be:80:86:2d:5d:52: cf:48:0f:af:5b:05:70:0c:7a:75:9f:af:d7:da:b2: cf:f0:7a:03:04:65:62:51:4c:f5:3d:7b:75:b6:7b: ec:64:0b:ee:58:14:5c:de:ad:97:72:c2:64:85:32: 15:8b:e6:bf:a2:bf:05:6b:3f:86:a8:70:42:14:ba: c0:86:88:a8:c5:61:f3:28:5e:3e:22:d7:1b:37:70: 5d:63:97:b2:dc:0b:d5:18:47:7f:23:67:e5:9c:29: 21:dc:df:db:35:ff:0b:c2:94:ee:55:43:51:6f:d2: 55:0a:96:10:63:6d:4a:ae:dc:22:2b:e2:90:9f:6a: e6:be:c3:f9:5f:36:18:8d:98:86:1d:5c:fd:f1:27: ff:49:a5:27:0c:14:af:9c:6e:65:5b:c4:c5:37:a8: 30:14:1d:63:50:49:a3:19:45:50:50:5f:5a:40:f4: 9d:9e:36:34:49:65:fb:6f:e6:1c:ca:87:40:32:c2: 6e:b8:e6:09:a5:c0:98:89:14:d2:01:1b:d9:cd:9f: b2:10:37:7b:77:17:b7:e9:84:03:34:81:f3:6f:77: 1d:7f:45:09:76:8e:aa:27:8e:66:06:3f:b8:6c:90: 0d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:19:BD:7D:F1:48:0E:98:BC:22:11:4B:75:41:30:FE:C1:2C:FE:1D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145120.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9a6::/32 Signature Algorithm: sha256WithRSAEncryption aa:81:f4:de:b6:93:65:bb:32:b8:20:ef:49:f4:bc:6e:ea:ce: a0:01:94:c6:7a:d6:48:bd:5d:8f:40:45:dd:9b:91:73:8e:0e: 4a:1f:bd:b5:6f:1d:e3:87:d2:fd:a0:44:e8:88:4f:7d:16:5a: d6:93:89:d1:d3:2b:81:21:be:71:bc:20:f8:3f:4e:23:d9:c6: d2:e5:45:89:02:7e:dd:65:4b:ca:c8:bd:f6:29:b2:28:b3:bb: 9f:20:02:51:bd:07:07:78:02:30:50:1b:40:9b:86:fc:93:ad: 02:f1:04:30:36:97:55:a2:0c:1a:ec:fe:40:f5:4b:6e:95:08: d2:e7:6d:b6:79:8a:ff:e4:e3:fb:f8:df:59:04:48:8d:df:af: 6b:97:4e:57:a5:8e:de:97:ca:df:5c:bf:a2:4b:13:d7:f0:a8: b3:50:2e:d2:aa:57:bd:a1:d5:79:bc:47:6d:f4:62:56:95:20: 89:98:5a:57:bb:19:2a:ca:4a:95:3f:b2:95:e0:db:b6:31:89: 9f:75:b9:b6:18:11:3e:64:11:15:71:6c:51:52:3d:cf:e8:0b: 55:78:de:cf:5b:8c:9d:97:d9:e6:3a:06:35:ad:c8:f0:fc:3d: ed:08:5d:76:ce:a7:ed:6d:5b:90:ff:41:d6:d3:ba:5e:8a:a7: 7c:40:e0:38 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdvZdNc0F8GaHgzbbL3hjAAxsZZIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyMFoX DTI3MDMwMzA2MTkyMFowMzExMC8GA1UEAxMoMkIxOUJEN0RGMTQ4MEU5OEJDMjIx MTRCNzU0MTMwRkVDMTJDRkUxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/8DOi5x44ERQpoKPKT/f7glikGdlgKvoCGLV1Sz0gPr1sFcAx6dZ+v19qy z/B6AwRlYlFM9T17dbZ77GQL7lgUXN6tl3LCZIUyFYvmv6K/BWs/hqhwQhS6wIaI qMVh8yhePiLXGzdwXWOXstwL1RhHfyNn5ZwpIdzf2zX/C8KU7lVDUW/SVQqWEGNt Sq7cIivikJ9q5r7D+V82GI2Yhh1c/fEn/0mlJwwUr5xuZVvExTeoMBQdY1BJoxlF UFBfWkD0nZ42NEll+2/mHMqHQDLCbrjmCaXAmIkU0gEb2c2fshA3e3cXt+mEAzSB 8293HX9FCXaOqieOZgY/uGyQDTMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQrGb19 8UgOmLwiEUt1QTD+wSz+HTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qaYwDQYJKoZIhvcNAQELBQADggEBAKqB9N62k2W7Mrgg70n0vG7qzqABlMZ61ki9 XY9ARd2bkXOODkofvbVvHeOH0v2gROiIT30WWtaTidHTK4EhvnG8IPg/TiPZxtLl RYkCft1lS8rIvfYpsiizu58gAlG9Bwd4AjBQG0CbhvyTrQLxBDA2l1WiDBrs/kD1 S26VCNLnbbZ5iv/k4/v431kESI3fr2uXTleljt6Xyt9cv6JLE9fwqLNQLtKqV72h 1Xm8R230YlaVIImYWle7GSrKSpU/spXg27YxiZ91ubYYET5kERVxbFFSPc/oC1V4 3s9bjJ2X2eY6BjWtyPD8Pe0IXXbOp+1tW5D/QdbTul6Kp3xA4Dg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:47 2026 by rpki-client