$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145949.roa File: AS145949.roa (raw, json) Hash identifier: LA7NHM+RfIlJGEDwC/S6LGMFUywvKWvMd6uHDuklPbc= Subject key identifier: B1:48:AA:84:4B:EA:C8:2D:D0:6A:A0:90:3D:A1:BB:D3:C5:E7:9C:A8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0CD5C775ECB0A6F2C8DDCD350DA4A7BA3E35706E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145949.roa Signing time: Wed 04 Mar 2026 06:30:07 +0000 ROA not before: Wed 04 Mar 2026 06:25:07 +0000 ROA not after: Wed 03 Mar 2027 06:30:07 +0000 asID: 145949 IP address blocks: 240a:ace3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:d5:c7:75:ec:b0:a6:f2:c8:dd:cd:35:0d:a4:a7:ba:3e:35:70:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:07 2026 GMT Not After : Mar 3 06:30:07 2027 GMT Subject: CN=B148AA844BEAC82DD06AA0903DA1BBD3C5E79CA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:bb:d9:7e:8c:b4:58:35:dd:08:a1:15:ca:54: 67:cd:66:74:59:d6:19:cf:6a:1d:d3:da:7c:e7:a6: bf:97:b3:aa:19:da:ff:98:22:76:b5:ac:2e:dc:3c: 55:aa:43:6b:0c:bb:96:69:62:9a:70:d7:16:fa:99: 39:d3:81:92:7b:6b:27:95:89:6c:ee:e3:37:ff:a9: 2e:3c:4e:a3:7d:6f:b1:23:67:d8:ea:6a:3c:28:e2: 95:e7:15:e1:55:42:d0:c5:17:a6:ae:9e:0c:41:fc: 45:c1:5f:26:24:28:8d:6a:fd:c9:85:dd:93:43:7c: 49:fc:7a:fa:22:5a:99:89:64:c9:37:5d:6d:10:7d: 30:25:15:98:8e:7e:12:6f:42:4d:a9:09:e1:f9:73: 00:44:02:77:6d:49:5b:fa:06:78:3b:cd:d3:05:3e: b9:70:fd:b0:cd:7f:76:2f:8b:fc:8f:b5:d9:c3:b4: e4:70:bb:4d:ac:1a:ea:4b:b3:90:31:55:f3:63:35: 92:11:25:7e:a9:12:da:cd:97:ca:89:fa:d9:34:55: 2f:bd:ac:98:42:0c:89:11:bf:2c:62:2c:27:d7:62: f6:97:51:e0:24:5c:3f:1a:20:09:d5:83:0b:48:be: b7:34:de:70:64:27:8b:8e:ce:93:b1:1b:5f:6b:9b: d8:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:48:AA:84:4B:EA:C8:2D:D0:6A:A0:90:3D:A1:BB:D3:C5:E7:9C:A8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145949.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ace3::/32 Signature Algorithm: sha256WithRSAEncryption 4c:5f:d5:24:dd:f0:e6:9f:65:4b:e9:70:5a:af:ec:1b:fb:d4: 66:fb:22:d9:57:f3:5f:ff:d6:55:a3:d1:12:a9:41:fa:9a:78: 01:7f:ab:6f:42:d0:e4:73:4b:80:3a:9a:b1:b5:bc:2b:41:34: e6:2d:86:ba:3a:e6:c0:94:b5:cb:98:cf:ab:ff:7b:64:18:9f: c3:f1:19:52:ca:6c:8c:62:67:52:bb:3a:11:73:5c:ef:ea:c7: 05:92:96:d2:e2:a8:24:6d:40:fd:f4:ea:10:86:c4:0d:72:c2: e0:ec:02:9e:a3:56:af:84:58:14:53:e4:4f:75:fd:fa:2f:ac: d9:ec:16:d2:90:03:99:eb:e2:c4:dc:f5:eb:86:c6:20:e1:1e: 0c:4c:b0:f5:88:b8:d4:08:fa:99:ac:a7:f5:99:b6:89:4e:ef: c2:44:a8:4e:54:77:57:b0:3f:71:c6:3b:9e:49:9e:b8:28:a9: 72:9e:1a:88:ab:b6:cc:e2:18:df:fd:bb:7a:14:4a:15:0a:3c: cf:95:aa:6c:ec:5b:98:53:ce:b0:e8:9c:b3:c0:89:07:cf:d9: 2f:b1:de:01:36:81:e5:be:dd:13:10:2e:6f:eb:17:63:15:4f: f2:66:bc:df:01:c3:13:99:0e:16:7c:5c:96:a5:6e:96:d1:25: 06:16:76:cd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDNXHdeywpvLI3c01DaSnuj41cG4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUwN1oX DTI3MDMwMzA2MzAwN1owMzExMC8GA1UEAxMoQjE0OEFBODQ0QkVBQzgyREQwNkFB MDkwM0RBMUJCRDNDNUU3OUNBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPq72X6MtFg13QihFcpUZ81mdFnWGc9qHdPafOemv5ezqhna/5gidrWsLtw8 VapDawy7lmlimnDXFvqZOdOBkntrJ5WJbO7jN/+pLjxOo31vsSNn2OpqPCjilecV 4VVC0MUXpq6eDEH8RcFfJiQojWr9yYXdk0N8Sfx6+iJamYlkyTddbRB9MCUVmI5+ Em9CTakJ4flzAEQCd21JW/oGeDvN0wU+uXD9sM1/di+L/I+12cO05HC7Tawa6kuz kDFV82M1khElfqkS2s2Xyon62TRVL72smEIMiRG/LGIsJ9di9pdR4CRcPxogCdWD C0i+tzTecGQni47Ok7EbX2ub2A0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSxSKqE S+rILdBqoJA9obvTxeecqDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk0OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rOMwDQYJKoZIhvcNAQELBQADggEBAExf1STd8OafZUvpcFqv7Bv71Gb7ItlX81// 1lWj0RKpQfqaeAF/q29C0ORzS4A6mrG1vCtBNOYthro65sCUtcuYz6v/e2QYn8Px GVLKbIxiZ1K7OhFzXO/qxwWSltLiqCRtQP306hCGxA1ywuDsAp6jVq+EWBRT5E91 /fovrNnsFtKQA5nr4sTc9euGxiDhHgxMsPWIuNQI+pmsp/WZtolO78JEqE5Ud1ew P3HGO55JnrgoqXKeGoirtsziGN/9u3oUShUKPM+VqmzsW5hTzrDonLPAiQfP2S+x 3gE2geW+3RMQLm/rF2MVT/JmvN8BwxOZDhZ8XJalbpbRJQYWds0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:31 2026 by rpki-client