$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145979.roa File: AS145979.roa (raw, json) Hash identifier: mgvrsFR9omTrYLWsG48vtunc232+J0EOE2mUH9BWXrY= Subject key identifier: 72:F8:38:0B:77:61:58:41:40:04:BB:AE:1C:7E:FF:20:01:49:6C:F9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 29FB577D96F9C4CCA7D19F66545387B8E0D63466 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145979.roa Signing time: Wed 04 Mar 2026 06:30:34 +0000 ROA not before: Wed 04 Mar 2026 06:25:34 +0000 ROA not after: Wed 03 Mar 2027 06:30:34 +0000 asID: 145979 IP address blocks: 240a:ad01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:fb:57:7d:96:f9:c4:cc:a7:d1:9f:66:54:53:87:b8:e0:d6:34:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:34 2026 GMT Not After : Mar 3 06:30:34 2027 GMT Subject: CN=72F8380B776158414004BBAE1C7EFF2001496CF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:77:14:bd:82:9e:d9:12:6d:28:e3:65:ec:33: 2a:f6:4b:fa:84:72:34:cf:a0:e9:74:c8:ba:7c:2a: 54:35:b9:97:57:cf:69:ab:68:5d:b8:fe:43:52:bc: d9:a1:32:03:31:49:be:24:d1:10:e4:6c:c8:f1:93: 7c:ae:ae:9b:5d:9d:98:f0:e2:7c:07:6f:31:c6:94: b5:62:7a:98:97:6a:89:d9:12:5e:de:72:30:10:12: 54:76:c2:ad:2c:ad:6d:eb:21:94:68:44:9c:db:05: 7e:d6:fd:c5:87:6a:73:ad:92:bc:be:21:ec:f9:7a: db:14:49:d5:66:0a:ab:80:63:97:38:4d:05:c7:8f: d0:c5:b1:db:83:28:8e:cc:90:b0:b5:90:3a:58:ae: ad:5d:3d:c3:2e:d1:42:2f:9b:27:1f:8f:d0:ee:6b: b8:6b:97:c1:b4:fc:9d:2a:8e:0b:9c:9f:6c:95:14: 52:bd:9d:7c:cf:aa:54:59:8c:e5:e5:d8:2f:cb:60: a3:31:9c:bf:d3:72:67:1d:10:32:b5:f1:8e:6f:27: 28:1d:e8:a8:3c:b4:62:ee:67:4f:9d:37:d1:88:15: 2c:c1:90:c0:4f:98:f8:07:fe:19:7d:60:58:a5:ea: 74:c3:15:cc:a3:0b:d9:ae:1d:18:a7:00:24:0f:d4: 43:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:F8:38:0B:77:61:58:41:40:04:BB:AE:1C:7E:FF:20:01:49:6C:F9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145979.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad01::/32 Signature Algorithm: sha256WithRSAEncryption b6:3b:3b:53:84:95:d9:23:6c:d3:e8:26:ad:ee:b7:57:95:a0: 90:90:92:a9:a7:6f:54:b2:bd:e5:82:03:2c:36:20:f3:cd:f8: 6d:9e:0c:b2:43:2f:11:ff:d3:40:c7:02:2d:23:dd:c8:d2:de: 43:5c:d2:5d:90:a9:85:49:a4:ae:6a:ce:5e:96:43:45:9d:66: 26:e7:f4:15:97:b3:80:ad:6f:fc:39:07:67:52:10:a2:47:5d: 74:7f:7f:44:6c:1c:06:16:fa:3f:f6:d6:ec:22:a0:57:0e:77: 42:8e:80:b4:08:e9:c6:78:1a:09:6c:db:4d:ea:a3:4a:ff:8c: 41:30:0b:45:c1:ab:e1:a2:6d:b3:ed:6c:60:44:16:98:b1:94: 32:a9:a4:6e:e8:56:15:53:7b:92:15:66:2e:5b:1b:54:68:e2: 67:20:eb:ab:09:b2:03:1b:fc:bf:2d:98:15:b6:fe:0a:d3:d9: 8a:82:ec:26:75:bc:1d:a9:a2:0f:6f:f6:28:e3:6f:4e:a7:eb: 6c:62:b5:67:cd:61:0f:64:5b:be:33:e8:d5:4b:76:88:39:a5: 9a:91:cb:38:63:8a:7c:9b:90:97:6c:67:9a:ee:3c:88:e0:ce: b8:5b:65:a2:be:cb:39:25:6a:ff:d4:31:78:eb:65:4f:43:22: 50:ea:01:3a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKftXfZb5xMyn0Z9mVFOHuODWNGYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjUzNFoX DTI3MDMwMzA2MzAzNFowMzExMC8GA1UEAxMoNzJGODM4MEI3NzYxNTg0MTQwMDRC QkFFMUM3RUZGMjAwMTQ5NkNGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZ3FL2CntkSbSjjZewzKvZL+oRyNM+g6XTIunwqVDW5l1fPaatoXbj+Q1K8 2aEyAzFJviTREORsyPGTfK6um12dmPDifAdvMcaUtWJ6mJdqidkSXt5yMBASVHbC rSytbeshlGhEnNsFftb9xYdqc62SvL4h7Pl62xRJ1WYKq4BjlzhNBceP0MWx24Mo jsyQsLWQOliurV09wy7RQi+bJx+P0O5ruGuXwbT8nSqOC5yfbJUUUr2dfM+qVFmM 5eXYL8tgozGcv9NyZx0QMrXxjm8nKB3oqDy0Yu5nT5030YgVLMGQwE+Y+Af+GX1g WKXqdMMVzKML2a4dGKcAJA/UQ9kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRy+DgL d2FYQUAEu64cfv8gAUls+TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTk3OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rQEwDQYJKoZIhvcNAQELBQADggEBALY7O1OEldkjbNPoJq3ut1eVoJCQkqmnb1Sy veWCAyw2IPPN+G2eDLJDLxH/00DHAi0j3cjS3kNc0l2QqYVJpK5qzl6WQ0WdZibn 9BWXs4Ctb/w5B2dSEKJHXXR/f0RsHAYW+j/21uwioFcOd0KOgLQI6cZ4Ggls203q o0r/jEEwC0XBq+GibbPtbGBEFpixlDKppG7oVhVTe5IVZi5bG1Ro4mcg66sJsgMb /L8tmBW2/grT2YqC7CZ1vB2pog9v9ijjb06n62xitWfNYQ9kW74z6NVLdog5pZqR yzhjinybkJdsZ5ruPIjgzrhbZaK+yzklav/UMXjrZU9DIlDqATo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:28 2026 by rpki-client