$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145204.roa File: AS145204.roa (raw, json) Hash identifier: 6dFw3FGsr7RN8GjLtL+IAP7vhmRdmOogDs2pDAofe3o= Subject key identifier: 19:A9:AE:49:FC:99:E3:A6:29:DB:7E:28:35:BB:F4:D5:68:47:A3:53 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5739773374F6D03897094512460E82C1ED3C6A5F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145204.roa Signing time: Wed 04 Mar 2026 06:19:38 +0000 ROA not before: Wed 04 Mar 2026 06:14:38 +0000 ROA not after: Wed 03 Mar 2027 06:19:38 +0000 asID: 145204 IP address blocks: 240a:a9fa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:39:77:33:74:f6:d0:38:97:09:45:12:46:0e:82:c1:ed:3c:6a:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:38 2026 GMT Not After : Mar 3 06:19:38 2027 GMT Subject: CN=19A9AE49FC99E3A629DB7E2835BBF4D56847A353 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:5c:87:c0:a0:f5:74:47:41:8a:65:90:5d:25: 99:16:dd:ea:14:41:77:9e:d4:b3:85:e7:94:34:d5: 3b:3e:83:b8:e7:cd:19:a7:6a:be:6a:41:d3:51:9e: 3d:12:c8:8d:cd:7a:69:a0:d9:69:05:08:38:b5:b1: e5:f6:88:be:19:0c:50:40:30:ad:4f:05:57:65:18: 1b:e3:78:e1:93:c7:40:f5:1a:2d:be:ed:42:20:58: 25:3a:c0:3d:d7:8d:55:2e:cf:17:ad:b7:e5:5a:e6: 42:04:2f:97:d9:73:e0:8d:24:b2:44:86:b5:47:32: a8:a0:d8:d5:87:b2:de:42:2b:77:e7:2f:a2:c5:f5: 32:80:e9:98:f4:12:04:d5:2f:9c:cc:32:8f:86:50: 70:e8:32:a2:f0:cb:a4:30:6f:0f:31:37:36:ca:fe: 2d:1c:12:a1:9e:05:19:57:6d:8b:b5:55:92:b3:fe: 49:20:23:cf:1e:a4:13:34:91:87:e3:b4:00:1c:39: b1:76:0d:74:82:aa:f8:54:fc:fd:de:17:0c:3a:6a: 52:de:72:06:36:70:22:9c:30:dc:c6:5e:d2:32:e2: e3:62:c7:87:f4:22:15:b6:93:3a:d6:5f:a2:3f:f6: 20:cd:e6:a2:49:e0:46:dd:4d:90:e1:78:00:7c:01: 79:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:A9:AE:49:FC:99:E3:A6:29:DB:7E:28:35:BB:F4:D5:68:47:A3:53 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145204.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a9fa::/32 Signature Algorithm: sha256WithRSAEncryption 94:01:41:29:6d:51:05:d7:87:73:cf:af:83:c8:4e:38:da:40: 7c:41:53:5d:04:a5:36:ae:79:11:1c:c2:c2:11:9d:fa:40:00: d4:8c:f2:2b:4a:dc:ac:89:5c:6d:d9:29:71:ea:14:7a:49:8d: a6:83:ec:48:12:5e:e1:00:45:56:14:e7:21:b3:2b:98:eb:10: 27:f8:58:5a:d6:71:63:01:50:e1:4f:6b:a2:05:ea:92:bf:b0: 11:ba:cf:d8:4b:2f:f6:f9:d9:10:94:07:1f:6d:3a:71:eb:2f: 60:d8:c8:4c:3a:b4:68:40:91:2d:4b:c1:73:8d:99:fe:42:9c: f3:77:e0:7a:0a:fa:72:6b:04:1d:af:0f:a6:5a:04:7b:d9:73: 51:f7:69:e2:3b:83:2f:6a:5d:6d:e8:6d:a8:65:5d:20:4e:44: e1:86:a2:4c:5f:da:f8:7d:ef:69:86:3a:dd:16:d3:dc:c1:89: 66:4b:ea:f7:01:9f:13:bc:b9:31:09:18:e6:b5:36:b5:30:b1: cc:0a:b4:f1:69:77:8b:03:ef:29:5e:93:e5:d5:f4:92:4c:0f: 83:50:af:ef:7b:7c:f8:e3:c2:2a:e8:fd:b2:ee:d2:a4:16:c0: 10:64:f3:97:9b:f7:d0:10:b8:d0:0e:df:07:41:53:ae:97:76: 18:e1:58:31 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVzl3M3T20DiXCUUSRg6Cwe08al8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzOFoX DTI3MDMwMzA2MTkzOFowMzExMC8GA1UEAxMoMTlBOUFFNDlGQzk5RTNBNjI5REI3 RTI4MzVCQkY0RDU2ODQ3QTM1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJtch8Cg9XRHQYplkF0lmRbd6hRBd57Us4XnlDTVOz6DuOfNGadqvmpB01Ge PRLIjc16aaDZaQUIOLWx5faIvhkMUEAwrU8FV2UYG+N44ZPHQPUaLb7tQiBYJTrA PdeNVS7PF6235VrmQgQvl9lz4I0kskSGtUcyqKDY1Yey3kIrd+cvosX1MoDpmPQS BNUvnMwyj4ZQcOgyovDLpDBvDzE3Nsr+LRwSoZ4FGVdti7VVkrP+SSAjzx6kEzSR h+O0ABw5sXYNdIKq+FT8/d4XDDpqUt5yBjZwIpww3MZe0jLi42LHh/QiFbaTOtZf oj/2IM3mokngRt1NkOF4AHwBeQUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQZqa5J /Jnjpinbfig1u/TVaEejUzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qfowDQYJKoZIhvcNAQELBQADggEBAJQBQSltUQXXh3PPr4PITjjaQHxBU10EpTau eREcwsIRnfpAANSM8itK3KyJXG3ZKXHqFHpJjaaD7EgSXuEARVYU5yGzK5jrECf4 WFrWcWMBUOFPa6IF6pK/sBG6z9hLL/b52RCUBx9tOnHrL2DYyEw6tGhAkS1LwXON mf5CnPN34HoK+nJrBB2vD6ZaBHvZc1H3aeI7gy9qXW3obahlXSBOROGGokxf2vh9 72mGOt0W09zBiWZL6vcBnxO8uTEJGOa1NrUwscwKtPFpd4sD7ylek+XV9JJMD4NQ r+97fPjjwiro/bLu0qQWwBBk85eb99AQuNAO3wdBU66XdhjhWDE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:24 2026 by rpki-client