$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145339.roa File: AS145339.roa (raw, json) Hash identifier: 85+k2osb02owPrb4VG8XtZCDwIPzxBV3rw/FfdhtMtI= Subject key identifier: CF:91:7D:36:7E:ED:D9:4F:15:E8:51:C5:FB:F8:14:30:32:DB:64:35 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2E7AB4691CAF9ED7E62D7BBECAEA1A00D5AD91F9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145339.roa Signing time: Wed 04 Mar 2026 06:20:22 +0000 ROA not before: Wed 04 Mar 2026 06:15:22 +0000 ROA not after: Wed 03 Mar 2027 06:20:22 +0000 asID: 145339 IP address blocks: 240a:aa81::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:7a:b4:69:1c:af:9e:d7:e6:2d:7b:be:ca:ea:1a:00:d5:ad:91:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:22 2026 GMT Not After : Mar 3 06:20:22 2027 GMT Subject: CN=CF917D367EEDD94F15E851C5FBF8143032DB6435 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a8:51:b3:7d:1e:67:f3:9b:10:35:30:d0:e9: 6a:17:ef:91:91:b5:fc:8a:c9:86:33:5d:b6:19:f5: 63:70:dd:7b:57:60:84:b1:7b:f7:4b:ff:61:e8:e9: 4d:55:20:49:f1:74:ed:a7:b6:55:20:ed:9b:b6:a1: 99:7f:05:3e:2d:87:3d:db:87:86:39:ae:23:d2:0d: 39:6c:35:f5:20:d2:34:c4:e1:22:95:30:fd:91:c8: 7d:aa:d7:7b:52:fa:82:86:d6:f7:23:02:97:c3:05: 10:4f:4e:0b:46:fc:e5:f2:c8:37:7a:95:58:9b:16: 0c:12:07:03:07:cc:6e:b5:a9:c1:92:34:b5:25:f2: 96:54:30:d5:54:20:7d:8e:e0:fb:21:f7:c1:dd:63: 10:79:06:ac:d2:cb:7d:b5:99:ed:aa:aa:32:3d:85: cc:5e:9d:73:0f:52:e7:e7:05:0f:2f:ce:58:d5:9c: fd:24:ba:ad:a6:82:ff:0a:5f:d4:5d:94:21:dc:7e: 38:c7:8c:e9:e3:19:dc:66:25:df:9e:34:6a:9e:2c: 32:b2:3c:1a:e9:14:8c:28:ed:ec:df:7b:07:14:25: 5d:7c:e3:5a:fc:e0:cb:9e:28:59:95:60:e0:88:84: 2a:35:05:5e:e1:98:e2:5d:6a:29:9f:01:ef:79:59: 52:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:91:7D:36:7E:ED:D9:4F:15:E8:51:C5:FB:F8:14:30:32:DB:64:35 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aa81::/32 Signature Algorithm: sha256WithRSAEncryption 2a:6f:cf:f2:ee:c2:0f:30:c5:29:66:35:b5:64:33:83:59:a7: 2d:e6:4e:32:96:c4:f2:17:b4:e7:c2:8f:f1:02:c7:6d:7f:4d: 10:c1:d3:0d:b8:2c:65:d6:9b:f9:6a:5c:c9:b4:e5:36:87:51: 10:a7:64:1a:9e:2f:25:4d:82:ab:e3:f7:73:b7:13:3c:f5:46: e9:94:e7:5f:9a:4b:b0:6c:b9:f5:47:e6:36:c4:99:0a:c1:42: bf:de:b8:78:3d:61:95:78:b0:52:22:e5:89:2f:d1:86:c1:3b: a8:c8:e5:f1:57:e0:2a:72:31:04:04:14:38:3c:f3:86:20:43: 71:b3:b5:17:98:b0:7d:97:b7:6e:02:38:16:d9:9e:b7:7b:23: 6b:19:07:1a:d2:f1:b6:49:be:78:4b:27:46:c1:68:d5:90:37: 07:6b:bf:5c:d2:b3:4d:55:15:60:b4:82:a1:08:da:a7:63:06: de:d6:ea:7b:ad:24:5c:df:84:2e:3f:7b:c2:df:b0:a6:75:ec: 43:08:e7:29:b0:25:d5:73:3e:2e:01:f0:92:3a:13:a1:e7:4f: cb:e0:d8:89:cf:a7:26:b1:2d:4b:43:86:93:1d:67:0d:ff:e8: 1e:ea:5f:bf:ef:6a:90:03:cc:77:c4:cc:a2:b2:79:27:8b:e0: a6:c5:1d:d8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULnq0aRyvntfmLXu+yuoaANWtkfkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTUyMloX DTI3MDMwMzA2MjAyMlowMzExMC8GA1UEAxMoQ0Y5MTdEMzY3RUVERDk0RjE1RTg1 MUM1RkJGODE0MzAzMkRCNjQzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANCoUbN9HmfzmxA1MNDpahfvkZG1/IrJhjNdthn1Y3Dde1dghLF790v/Yejp TVUgSfF07ae2VSDtm7ahmX8FPi2HPduHhjmuI9INOWw19SDSNMThIpUw/ZHIfarX e1L6gobW9yMCl8MFEE9OC0b85fLIN3qVWJsWDBIHAwfMbrWpwZI0tSXyllQw1VQg fY7g+yH3wd1jEHkGrNLLfbWZ7aqqMj2FzF6dcw9S5+cFDy/OWNWc/SS6raaC/wpf 1F2UIdx+OMeM6eMZ3GYl3540ap4sMrI8GukUjCjt7N97BxQlXXzjWvzgy54oWZVg 4IiEKjUFXuGY4l1qKZ8B73lZUisCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTPkX02 fu3ZTxXoUcX7+BQwMttkNTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTMzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qoEwDQYJKoZIhvcNAQELBQADggEBACpvz/Luwg8wxSlmNbVkM4NZpy3mTjKWxPIX tOfCj/ECx21/TRDB0w24LGXWm/lqXMm05TaHURCnZBqeLyVNgqvj93O3Ezz1RumU 51+aS7BsufVH5jbEmQrBQr/euHg9YZV4sFIi5Ykv0YbBO6jI5fFX4CpyMQQEFDg8 84YgQ3GztReYsH2Xt24COBbZnrd7I2sZBxrS8bZJvnhLJ0bBaNWQNwdrv1zSs01V FWC0gqEI2qdjBt7W6nutJFzfhC4/e8LfsKZ17EMI5ymwJdVzPi4B8JI6E6HnT8vg 2InPpyaxLUtDhpMdZw3/6B7qX7/vapADzHfEzKKyeSeL4KbFHdg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:05 2026 by rpki-client