$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145219.roa File: AS145219.roa (raw, json) Hash identifier: YIEXUGKrtGyx8kVFViwuGYibTdY39NlZNqDrmuy8mJc= Subject key identifier: 85:29:56:42:CF:74:D3:A5:CE:D1:B6:AE:A1:CE:CC:6B:41:EF:D2:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7CEB81E58E3118EC3EFDA2D694A9E1512E17FE1D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145219.roa Signing time: Wed 04 Mar 2026 06:19:51 +0000 ROA not before: Wed 04 Mar 2026 06:14:51 +0000 ROA not after: Wed 03 Mar 2027 06:19:51 +0000 asID: 145219 IP address blocks: 240a:aa09::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:eb:81:e5:8e:31:18:ec:3e:fd:a2:d6:94:a9:e1:51:2e:17:fe:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:51 2026 GMT Not After : Mar 3 06:19:51 2027 GMT Subject: CN=85295642CF74D3A5CED1B6AEA1CECC6B41EFD2F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cf:e9:b6:9f:ce:74:7e:e7:f9:f7:99:0a:e3: 6f:17:66:9d:5c:d3:35:3d:b6:64:55:e1:22:3e:81: ef:d1:d0:b5:97:9d:22:dd:9b:22:b3:e1:e9:64:77: 5b:f6:53:09:dd:4c:d1:49:22:d4:79:7e:b1:75:49: 39:59:26:3b:b2:ec:c4:00:fc:7c:a7:36:3d:96:fa: 13:ca:67:d8:52:d4:81:77:56:cd:94:6a:9d:d2:a5: 8b:5d:42:51:d5:ec:7e:ba:e3:90:c4:f5:87:5d:07: 15:e9:12:05:93:da:4e:4f:ba:1d:84:f3:ad:6b:81: 94:1e:59:4f:c3:13:f3:0d:96:f1:80:6c:e3:2d:78: 7d:9f:a0:00:ef:b2:f9:47:01:7b:30:1b:c4:f0:84: a6:09:7c:da:42:17:25:39:c8:dd:24:4e:24:bf:75: 78:e3:f7:31:ed:a9:d9:fc:ef:76:27:c8:ed:a9:8b: b3:43:4b:31:25:da:36:9e:1c:19:7c:35:ec:62:6c: b8:53:d2:9a:39:2a:67:25:ca:7a:87:48:b3:9e:6a: 40:76:10:20:1a:1c:e7:d0:1c:49:22:94:a7:ab:ce: 17:00:02:32:9c:c0:f6:2a:23:0d:55:36:13:9e:03: a9:95:7f:59:01:4b:81:4b:f5:1f:79:7a:cf:79:12: 8f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:29:56:42:CF:74:D3:A5:CE:D1:B6:AE:A1:CE:CC:6B:41:EF:D2:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145219.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa09::/32 Signature Algorithm: sha256WithRSAEncryption 87:6e:25:83:23:a7:ca:43:c5:3c:c9:50:10:c7:05:8b:4c:49: 5f:1f:71:8a:b6:f9:76:2e:65:37:50:52:37:f5:59:fc:b5:4f: dc:93:e3:cc:3e:0f:fb:ff:e2:1e:f9:69:a9:55:f3:7a:00:10: c8:04:a9:81:3d:29:72:93:15:76:c5:a9:f2:79:75:0e:6c:f5: 26:56:64:b1:8c:e2:35:a8:99:e6:bb:77:45:33:6b:be:b6:db: d7:bb:f6:60:33:11:ab:1b:d8:03:10:68:9f:18:02:79:59:bd: 2a:4a:35:de:43:3b:6b:52:fc:c1:f5:cf:e0:5d:a8:d6:e7:3e: bd:ca:d0:98:6b:59:1b:81:d7:e6:2a:f2:5c:ff:3c:56:0f:75: 70:08:c3:7d:b7:3c:9a:bd:cc:66:e9:66:cf:ab:9e:d1:b9:9f: b7:82:ff:6a:03:d2:9c:c3:d5:c2:b1:bb:91:be:a8:75:da:81: ce:76:55:c7:d6:6e:4c:21:e7:2d:cc:a7:55:fe:8b:07:75:e9: f3:01:42:36:12:48:ed:e4:df:3f:bb:16:6d:81:ea:c7:3b:a8: 52:a6:8b:96:54:35:db:41:33:51:38:2a:94:b6:51:db:4a:7e: 3f:79:ce:c4:00:3f:0a:06:2a:48:04:60:94:00:a4:43:a2:40: e3:a2:59:48 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfOuB5Y4xGOw+/aLWlKnhUS4X/h0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQ1MVoX DTI3MDMwMzA2MTk1MVowMzExMC8GA1UEAxMoODUyOTU2NDJDRjc0RDNBNUNFRDFC NkFFQTFDRUNDNkI0MUVGRDJGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMrP6bafznR+5/n3mQrjbxdmnVzTNT22ZFXhIj6B79HQtZedIt2bIrPh6WR3 W/ZTCd1M0Uki1Hl+sXVJOVkmO7LsxAD8fKc2PZb6E8pn2FLUgXdWzZRqndKli11C UdXsfrrjkMT1h10HFekSBZPaTk+6HYTzrWuBlB5ZT8MT8w2W8YBs4y14fZ+gAO+y +UcBezAbxPCEpgl82kIXJTnI3SROJL91eOP3Me2p2fzvdifI7amLs0NLMSXaNp4c GXw17GJsuFPSmjkqZyXKeodIs55qQHYQIBoc59AcSSKUp6vOFwACMpzA9iojDVU2 E54DqZV/WQFLgUv1H3l6z3kSj6ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSFKVZC z3TTpc7Rtq6hzsxrQe/S9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTIxOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qgkwDQYJKoZIhvcNAQELBQADggEBAIduJYMjp8pDxTzJUBDHBYtMSV8fcYq2+XYu ZTdQUjf1Wfy1T9yT48w+D/v/4h75aalV83oAEMgEqYE9KXKTFXbFqfJ5dQ5s9SZW ZLGM4jWomea7d0Uza76229e79mAzEasb2AMQaJ8YAnlZvSpKNd5DO2tS/MH1z+Bd qNbnPr3K0JhrWRuB1+Yq8lz/PFYPdXAIw323PJq9zGbpZs+rntG5n7eC/2oD0pzD 1cKxu5G+qHXagc52VcfWbkwh5y3Mp1X+iwd16fMBQjYSSO3k3z+7Fm2B6sc7qFKm i5ZUNdtBM1E4KpS2UdtKfj95zsQAPwoGKkgEYJQApEOiQOOiWUg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:54 2026 by rpki-client