$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145129.roa File: AS145129.roa (raw, json) Hash identifier: 6J9KbkxS+A9TNuUv7UdLZzy4Ya5Okn4JL5jzqJchUfk= Subject key identifier: 7D:7A:CD:79:23:FF:CE:7E:86:92:71:43:8F:D0:AB:EF:AA:2B:91:5E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5972FDFD84A7F3E0770FE4DEFEA5D9A731CABF94 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145129.roa Signing time: Wed 04 Mar 2026 06:21:25 +0000 ROA not before: Wed 04 Mar 2026 06:16:25 +0000 ROA not after: Wed 03 Mar 2027 06:21:25 +0000 asID: 145129 IP address blocks: 240a:a9af::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:72:fd:fd:84:a7:f3:e0:77:0f:e4:de:fe:a5:d9:a7:31:ca:bf:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:25 2026 GMT Not After : Mar 3 06:21:25 2027 GMT Subject: CN=7D7ACD7923FFCE7E869271438FD0ABEFAA2B915E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:39:ff:90:2e:c8:13:0c:12:47:60:ad:65:44: 4a:f3:c3:9f:b7:19:82:4a:25:d5:db:90:4b:a6:be: 5e:fb:fd:cd:3a:a2:b6:b2:c2:d9:c1:0c:1c:7d:a3: 20:33:38:fb:34:82:54:35:16:b9:a4:88:a8:1c:ae: e7:2c:b3:40:cc:a0:55:f9:c0:cf:9d:1a:0d:06:2f: 94:54:e4:42:97:c4:f0:7f:da:7a:f3:45:a1:8a:47: fb:f3:e7:79:3f:98:07:bf:b2:70:76:19:14:db:9b: a2:d2:1f:93:49:01:4b:e1:a9:5d:c1:cd:4b:d1:44: f8:cd:3c:a4:66:77:0e:31:88:1c:af:e4:ae:5e:09: 6a:46:65:1f:29:d2:64:c7:f8:09:2c:71:8a:bf:fb: bb:e9:70:c4:1e:4a:1e:c0:88:b2:4c:41:01:2c:04: b9:82:86:16:21:7f:5b:9b:5c:90:b4:4b:a4:54:cf: 83:74:e5:f9:f1:ff:2e:20:9a:06:8e:ea:34:7f:4a: fb:cd:99:7a:82:14:4d:31:51:53:88:dc:a1:99:08: bf:b8:c7:86:a0:d6:1e:8b:04:1b:7a:dd:61:df:37: 31:d3:cf:85:33:63:b2:59:e5:d4:5d:6a:59:8a:e3: 0d:f9:95:5a:6f:2e:d3:ea:fa:5e:d0:3d:9c:8b:f8: a9:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:7A:CD:79:23:FF:CE:7E:86:92:71:43:8F:D0:AB:EF:AA:2B:91:5E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145129.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9af::/32 Signature Algorithm: sha256WithRSAEncryption ac:54:eb:63:3f:f7:01:bb:86:bf:5d:dc:92:bd:fd:81:22:df: 7c:b2:ce:0a:cc:4a:96:29:68:08:0a:8b:82:c6:79:21:67:81: 0b:31:82:d2:68:8d:ba:a2:09:68:c3:15:0c:e7:6c:76:d0:a2: a3:e1:16:11:1d:53:98:dd:a6:bc:08:ca:ca:c5:7d:8e:b4:fd: 80:c0:2b:01:2f:de:3e:96:44:89:e1:78:91:4a:98:e5:d0:a1: e4:81:13:89:71:98:67:32:ae:0c:88:0b:e1:74:c3:c9:02:43: ee:c0:96:8c:c9:f3:20:07:21:e2:7e:5e:b8:9a:ce:15:c3:f8: 94:2c:71:38:75:97:23:03:49:6d:03:04:a7:a8:48:cd:b9:80: 44:51:6f:ae:92:03:4a:dd:2e:3c:bc:16:27:48:20:05:60:e4: 04:7b:7e:cf:9b:68:c0:4d:3b:aa:64:10:14:54:c8:06:a5:44: 3c:31:ff:3f:1d:0d:46:23:48:10:aa:3e:03:70:ed:57:9d:08: 14:7e:b5:f9:b0:43:f4:a9:ab:ff:1f:b9:98:c7:47:f0:d9:9a: f0:93:25:2c:b3:34:9a:b0:57:d7:d3:ab:3d:d3:ef:87:3e:bd: 0a:64:9b:42:6a:dd:b5:49:1d:a4:c7:59:d8:97:13:38:54:42: f0:ac:c3:c1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWXL9/YSn8+B3D+Te/qXZpzHKv5QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyNVoX DTI3MDMwMzA2MjEyNVowMzExMC8GA1UEAxMoN0Q3QUNENzkyM0ZGQ0U3RTg2OTI3 MTQzOEZEMEFCRUZBQTJCOTE1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM85/5AuyBMMEkdgrWVESvPDn7cZgkol1duQS6a+Xvv9zTqitrLC2cEMHH2j IDM4+zSCVDUWuaSIqByu5yyzQMygVfnAz50aDQYvlFTkQpfE8H/aevNFoYpH+/Pn eT+YB7+ycHYZFNubotIfk0kBS+GpXcHNS9FE+M08pGZ3DjGIHK/krl4JakZlHynS ZMf4CSxxir/7u+lwxB5KHsCIskxBASwEuYKGFiF/W5tckLRLpFTPg3Tl+fH/LiCa Bo7qNH9K+82ZeoIUTTFRU4jcoZkIv7jHhqDWHosEG3rdYd83MdPPhTNjslnl1F1q WYrjDfmVWm8u0+r6XtA9nIv4qdkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR9es15 I//OfoaScUOP0KvvqiuRXjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTEyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qa8wDQYJKoZIhvcNAQELBQADggEBAKxU62M/9wG7hr9d3JK9/YEi33yyzgrMSpYp aAgKi4LGeSFngQsxgtJojbqiCWjDFQznbHbQoqPhFhEdU5jdprwIysrFfY60/YDA KwEv3j6WRInheJFKmOXQoeSBE4lxmGcyrgyIC+F0w8kCQ+7AlozJ8yAHIeJ+Xria zhXD+JQscTh1lyMDSW0DBKeoSM25gERRb66SA0rdLjy8FidIIAVg5AR7fs+baMBN O6pkEBRUyAalRDwx/z8dDUYjSBCqPgNw7VedCBR+tfmwQ/Spq/8fuZjHR/DZmvCT JSyzNJqwV9fTqz3T74c+vQpkm0Jq3bVJHaTHWdiXEzhUQvCsw8E= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:28 2026 by rpki-client