$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145259.roa File: AS145259.roa (raw, json) Hash identifier: WdqQ6xPLVPYmHgQ2+MpLGman0Qv+0OfpQRHO9MJEV9Q= Subject key identifier: 45:2A:80:34:A7:F1:4F:63:60:0D:D6:6D:D4:7F:BA:CB:44:36:C5:BC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3A633BBE05EE9A9B072F7E210CA5166449FC7C32 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145259.roa Signing time: Wed 04 Mar 2026 06:19:36 +0000 ROA not before: Wed 04 Mar 2026 06:14:36 +0000 ROA not after: Wed 03 Mar 2027 06:19:36 +0000 asID: 145259 IP address blocks: 240a:aa31::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:63:3b:be:05:ee:9a:9b:07:2f:7e:21:0c:a5:16:64:49:fc:7c:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:36 2026 GMT Not After : Mar 3 06:19:36 2027 GMT Subject: CN=452A8034A7F14F63600DD66DD47FBACB4436C5BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3d:aa:30:d4:fc:0f:65:d8:9c:00:f5:0c:0b: 81:d6:a0:09:f3:17:2b:e9:34:60:2d:bf:76:f4:f3: c1:69:8d:a1:fb:05:db:40:65:e4:c5:94:10:9f:af: 4d:8a:e2:4e:bb:bd:38:2b:b8:f3:2a:c7:4d:33:16: e2:70:26:ec:ed:84:89:ef:11:fd:dc:35:87:7e:8d: 0b:80:04:44:c9:b7:c7:86:b7:8e:60:14:a7:d2:c1: 5c:4e:95:30:9a:9f:f8:c4:14:db:bc:66:80:13:80: bf:aa:2b:9d:cf:80:a7:0b:ba:37:a9:ee:83:ee:63: 78:7a:13:1b:43:71:a4:db:ab:ca:a3:6d:90:36:b9: 48:6b:95:f3:71:07:7f:a8:cb:28:e0:64:55:66:c3: 44:c6:69:d8:0f:80:f4:b9:a7:e9:9b:07:6d:09:af: 8c:89:3b:36:d1:88:cd:65:4c:eb:31:8f:5a:78:7a: c0:12:fd:21:53:10:b7:68:ca:0b:9f:76:b8:e6:de: e5:d6:b9:cd:a2:a3:c4:96:1d:ea:26:4a:8a:e0:72: 79:1a:56:3c:05:56:e4:bc:b8:ea:89:cd:00:8a:51: 32:5a:78:91:0d:fd:c7:02:9a:9e:ec:3f:8e:ba:a3: 74:c4:26:0a:51:24:30:c7:7f:bd:68:be:93:87:cf: 7a:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:2A:80:34:A7:F1:4F:63:60:0D:D6:6D:D4:7F:BA:CB:44:36:C5:BC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145259.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa31::/32 Signature Algorithm: sha256WithRSAEncryption ba:5d:1c:bd:d6:c5:9f:7c:26:4f:01:a1:83:60:09:dc:ce:be: 71:11:7e:69:9c:a4:6b:85:96:bf:87:8a:18:77:b9:1c:55:2e: 63:2c:f4:71:b8:4b:b0:c6:29:34:47:c5:cf:06:a2:73:53:d8: 5c:bc:42:4d:2d:f1:7f:63:05:96:fb:9f:0f:c3:49:cb:a2:bf: 8b:c3:0d:f7:c0:bb:29:c5:76:ca:2a:ac:22:a3:ef:f2:ec:c4: 19:ad:37:9a:a1:3f:6c:4a:9d:e0:df:ef:8e:35:3f:e1:19:0a: eb:d2:57:01:93:8c:99:59:28:41:6b:d4:82:ab:b5:ce:23:a9: 63:29:f5:7e:a0:0d:6b:c3:07:57:31:a3:44:98:10:16:68:82: c0:f2:5f:6e:5d:f4:a6:45:22:51:94:b2:8a:72:0b:fd:b4:03: a4:cf:d0:5d:1b:b2:aa:89:81:94:1d:9e:2e:04:78:69:e0:78: fd:5e:28:d0:8b:ad:6f:9a:dc:be:9d:fc:8f:0c:c1:e7:cd:42: 99:d8:60:61:5d:fb:7b:4f:aa:03:52:5e:d3:ea:5c:f0:95:0f: 27:7a:72:8f:35:1c:f6:bb:cc:77:f6:10:68:d1:6f:5a:69:3a: c2:16:85:df:48:5b:e9:83:c1:d3:d2:1c:80:f5:bd:2b:65:0f: 7e:78:d8:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOmM7vgXumpsHL34hDKUWZEn8fDIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzNloX DTI3MDMwMzA2MTkzNlowMzExMC8GA1UEAxMoNDUyQTgwMzRBN0YxNEY2MzYwMERE NjZERDQ3RkJBQ0I0NDM2QzVCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKM9qjDU/A9l2JwA9QwLgdagCfMXK+k0YC2/dvTzwWmNofsF20Bl5MWUEJ+v TYriTru9OCu48yrHTTMW4nAm7O2Eie8R/dw1h36NC4AERMm3x4a3jmAUp9LBXE6V MJqf+MQU27xmgBOAv6ornc+Apwu6N6nug+5jeHoTG0NxpNuryqNtkDa5SGuV83EH f6jLKOBkVWbDRMZp2A+A9Lmn6ZsHbQmvjIk7NtGIzWVM6zGPWnh6wBL9IVMQt2jK C592uObe5da5zaKjxJYd6iZKiuByeRpWPAVW5Ly46onNAIpRMlp4kQ39xwKanuw/ jrqjdMQmClEkMMd/vWi+k4fPehECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRFKoA0 p/FPY2AN1m3Uf7rLRDbFvDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTI1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qjEwDQYJKoZIhvcNAQELBQADggEBALpdHL3WxZ98Jk8BoYNgCdzOvnERfmmcpGuF lr+Hihh3uRxVLmMs9HG4S7DGKTRHxc8GonNT2Fy8Qk0t8X9jBZb7nw/DScuiv4vD DffAuynFdsoqrCKj7/LsxBmtN5qhP2xKneDf7441P+EZCuvSVwGTjJlZKEFr1IKr tc4jqWMp9X6gDWvDB1cxo0SYEBZogsDyX25d9KZFIlGUsopyC/20A6TP0F0bsqqJ gZQdni4EeGngeP1eKNCLrW+a3L6d/I8MwefNQpnYYGFd+3tPqgNSXtPqXPCVDyd6 co81HPa7zHf2EGjRb1ppOsIWhd9IW+mDwdPSHID1vStlD3542O4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:22 2026 by rpki-client