$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145959.roa File: AS145959.roa (raw, json) Hash identifier: rVj2abQKU0+uYIcFyaw7L89x1yWmuerP7CsyMyJoBhY= Subject key identifier: 56:70:E4:FB:FB:F4:6C:EA:67:9E:78:DE:DC:9F:80:7C:C9:58:D0:48 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A087C5FE7A568519AEE61236EBA81A4A2A2CD13 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145959.roa Signing time: Wed 04 Mar 2026 06:29:37 +0000 ROA not before: Wed 04 Mar 2026 06:24:37 +0000 ROA not after: Wed 03 Mar 2027 06:29:37 +0000 asID: 145959 IP address blocks: 240a:aced::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:08:7c:5f:e7:a5:68:51:9a:ee:61:23:6e:ba:81:a4:a2:a2:cd:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:24:37 2026 GMT Not After : Mar 3 06:29:37 2027 GMT Subject: CN=5670E4FBFBF46CEA679E78DEDC9F807CC958D048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:4f:35:85:42:8d:09:b6:e1:b5:fc:98:af:cb: 7f:03:4d:f2:80:ff:92:0c:1c:74:07:78:43:37:de: 10:3c:94:d3:01:b5:b9:d3:9f:38:ad:f9:a5:ce:e4: 9f:66:df:a2:c9:86:a9:c2:b4:15:48:35:f2:cb:97: af:bd:64:b5:7d:5c:90:fb:6f:90:6e:e9:56:4a:69: e8:24:fe:4b:34:ea:63:2c:8e:b3:8d:0c:2f:c4:06: e8:38:9a:07:93:cf:35:92:45:6a:28:04:43:10:14: 92:07:ed:d7:1e:ea:03:2c:0d:73:9a:0a:9f:44:13: 43:15:bc:7b:cd:c1:0b:5c:8b:a4:b4:ea:cf:3f:31: 94:b9:9c:33:14:b4:6a:d8:dd:04:87:0b:7a:a3:30: 1e:b5:94:ca:8b:da:66:de:36:ce:08:7b:4d:98:85: 0e:8f:4b:da:5d:7e:aa:68:35:4a:42:2d:b3:6d:d7: 88:87:5b:2d:21:44:80:88:40:d2:8f:3d:b0:1a:c3: bd:a6:15:4d:01:19:1a:19:e2:0c:b1:8b:02:57:b3: c5:3c:41:d0:98:a3:f0:1b:c5:99:42:8f:42:60:c9: 91:98:67:d2:64:f4:5c:ad:3b:13:17:86:ce:f0:6f: f6:cd:f6:a6:c7:60:70:35:47:70:53:56:71:6b:c0: bd:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:70:E4:FB:FB:F4:6C:EA:67:9E:78:DE:DC:9F:80:7C:C9:58:D0:48 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145959.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aced::/32 Signature Algorithm: sha256WithRSAEncryption a0:ec:78:c8:26:b9:f9:f3:c4:07:2f:49:f8:3b:5d:b7:7c:f8: cf:36:ad:5d:fa:d1:52:8a:3a:dc:8c:bf:78:a3:0d:0f:9b:d2: 66:a1:32:63:b7:2a:46:da:b3:cc:9e:04:0d:6c:fc:65:b5:3c: 47:89:de:29:bc:f5:73:98:3e:ef:8c:69:46:18:e4:f7:5a:14: b7:71:a3:06:41:ca:34:3b:38:4f:52:6c:3d:6b:f5:92:9c:f8: c2:8b:42:3e:d1:cd:71:c1:4f:a1:1b:40:f8:51:86:4f:c1:40: b9:a6:ca:b2:c2:8e:69:06:12:11:96:3e:1b:d1:66:ba:e8:cf: 45:c3:72:c0:33:93:be:a4:00:dd:d1:4b:04:b2:24:3c:4f:07: bc:89:72:fd:a5:00:69:bf:72:3c:8f:64:7b:4b:aa:25:af:1d: 68:e4:13:9a:33:15:43:01:b9:6b:bd:cf:99:0f:b2:96:7c:7d: e9:d1:2b:6e:ef:73:a1:2e:0f:cc:4e:bb:87:cc:e3:4a:26:5d: a6:c8:d1:2d:cb:53:a2:56:a8:09:4f:1d:9c:eb:cd:e5:8a:b0: 69:5a:09:8f:bf:09:90:6d:e9:b9:9d:8d:b7:8b:ed:e9:cb:7e: 8e:26:39:32:c1:2b:32:15:85:0c:1c:01:cc:26:3c:12:c0:d6: be:48:d5:77 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKgh8X+elaFGa7mEjbrqBpKKizRMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjQzN1oX DTI3MDMwMzA2MjkzN1owMzExMC8GA1UEAxMoNTY3MEU0RkJGQkY0NkNFQTY3OUU3 OERFREM5RjgwN0NDOTU4RDA0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMxPNYVCjQm24bX8mK/LfwNN8oD/kgwcdAd4QzfeEDyU0wG1udOfOK35pc7k n2bfosmGqcK0FUg18suXr71ktX1ckPtvkG7pVkpp6CT+SzTqYyyOs40ML8QG6Dia B5PPNZJFaigEQxAUkgft1x7qAywNc5oKn0QTQxW8e83BC1yLpLTqzz8xlLmcMxS0 atjdBIcLeqMwHrWUyovaZt42zgh7TZiFDo9L2l1+qmg1SkIts23XiIdbLSFEgIhA 0o89sBrDvaYVTQEZGhniDLGLAlezxTxB0Jij8BvFmUKPQmDJkZhn0mT0XK07ExeG zvBv9s32psdgcDVHcFNWcWvAvSECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRWcOT7 +/Rs6meeeN7cn4B8yVjQSDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rO0wDQYJKoZIhvcNAQELBQADggEBAKDseMgmufnzxAcvSfg7Xbd8+M82rV360VKK OtyMv3ijDQ+b0mahMmO3Kkbas8yeBA1s/GW1PEeJ3im89XOYPu+MaUYY5PdaFLdx owZByjQ7OE9SbD1r9ZKc+MKLQj7RzXHBT6EbQPhRhk/BQLmmyrLCjmkGEhGWPhvR Zrroz0XDcsAzk76kAN3RSwSyJDxPB7yJcv2lAGm/cjyPZHtLqiWvHWjkE5ozFUMB uWu9z5kPspZ8fenRK27vc6EuD8xOu4fM40omXabI0S3LU6JWqAlPHZzrzeWKsGla CY+/CZBt6bmdjbeL7enLfo4mOTLBKzIVhQwcAcwmPBLA1r5I1Xc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:08 2026 by rpki-client