$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145408.roa File: AS145408.roa (raw, json) Hash identifier: cGC2cxrRKToayjWJsixa74Cl6OryBEWMiwY5H+UsbHw= Subject key identifier: D8:50:E3:B1:6B:B8:7D:EB:B3:86:81:E0:FA:3D:0A:72:ED:F9:B9:9B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5DB7240AAB601EA83237E39B8B88D303004F4F94 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145408.roa Signing time: Wed 04 Mar 2026 06:21:28 +0000 ROA not before: Wed 04 Mar 2026 06:16:28 +0000 ROA not after: Wed 03 Mar 2027 06:21:28 +0000 asID: 145408 IP address blocks: 240a:aac6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:b7:24:0a:ab:60:1e:a8:32:37:e3:9b:8b:88:d3:03:00:4f:4f:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:28 2026 GMT Not After : Mar 3 06:21:28 2027 GMT Subject: CN=D850E3B16BB87DEBB38681E0FA3D0A72EDF9B99B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:16:b8:ad:99:f3:f7:61:90:0a:c9:cd:9e:c0: f6:cc:a9:90:68:96:bc:00:53:5d:36:19:c8:86:0e: ee:f9:14:28:2d:35:5d:8f:cf:c7:6a:6a:9a:2d:b7: b6:55:f5:a0:28:5a:1f:be:4a:24:2c:40:9e:ef:d6: cc:20:11:3f:ec:83:5f:4e:31:58:63:ad:25:e3:ed: dc:aa:37:bc:c3:ef:6e:ea:b1:55:ac:38:97:69:dc: a8:16:fc:2c:55:ee:be:fc:be:50:29:ad:fe:10:25: ad:91:ab:3d:aa:14:0f:88:fb:91:cf:a8:a5:fd:49: 3d:a7:a0:08:5a:14:4c:0f:b2:2d:99:1d:04:66:91: 62:88:f0:00:21:e1:71:e0:07:16:85:64:7b:47:45: 8b:25:ea:3a:ce:5b:35:12:12:3b:13:bc:27:56:53: 19:b4:48:2f:45:03:41:f1:9d:31:27:57:34:1a:e7: 36:9c:0f:c7:27:82:52:ed:37:57:b2:fa:bd:bf:6c: ca:e9:48:4d:57:03:bb:c0:c9:96:09:c5:96:c6:67: f2:d1:34:8e:1f:5d:fa:52:dc:03:2f:78:62:40:b7: 16:03:4a:5d:01:6a:18:09:fa:90:8c:36:89:53:c8: e7:22:90:31:b1:9f:72:4e:14:b7:fe:dd:1c:ff:40: 90:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:50:E3:B1:6B:B8:7D:EB:B3:86:81:E0:FA:3D:0A:72:ED:F9:B9:9B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145408.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aac6::/32 Signature Algorithm: sha256WithRSAEncryption d9:2d:54:d9:c9:04:13:cd:0a:5e:04:f1:7f:1c:85:8d:5e:1c: 4b:bd:d5:c0:0a:27:65:84:1e:35:7b:ce:ac:e7:c4:28:bc:2a: 78:24:3b:7f:bb:b5:09:b2:38:4a:68:0f:65:75:c3:2e:00:63: fc:b4:22:4e:82:16:5d:96:37:eb:f5:33:ee:fd:92:06:86:ad: 59:d0:35:a9:43:89:7f:8d:2c:a0:6a:f3:fd:9f:08:d4:9f:93: b6:a7:73:70:cc:c1:db:1d:3a:24:f2:a4:b9:37:03:62:13:4c: f2:86:25:5a:f4:78:b6:b2:3f:13:5e:56:5e:8d:f3:d7:c8:1b: b8:df:84:46:ce:d2:cd:da:d6:68:bc:47:be:6d:58:d7:23:66: 68:82:e7:81:34:32:5f:83:28:7d:68:c9:b7:9e:45:a9:c1:92: e4:f9:b8:c6:e5:28:11:aa:7f:31:bf:ef:0c:f5:94:62:14:f1: c2:bf:83:40:1b:8e:a9:f8:68:c8:a0:2e:e1:96:71:c0:7b:65: d0:9c:05:a5:04:ca:52:07:26:13:b4:0e:ad:fc:52:a4:98:c2: dd:8c:17:11:b6:97:33:de:0f:3d:d9:49:fb:45:65:17:ad:60: 5c:82:47:b7:7f:59:ef:bd:ac:5d:9e:23:07:d0:0e:b7:97:97: 4d:9e:9b:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXbckCqtgHqgyN+Obi4jTAwBPT5QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyOFoX DTI3MDMwMzA2MjEyOFowMzExMC8GA1UEAxMoRDg1MEUzQjE2QkI4N0RFQkIzODY4 MUUwRkEzRDBBNzJFREY5Qjk5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQWuK2Z8/dhkArJzZ7A9sypkGiWvABTXTYZyIYO7vkUKC01XY/Px2pqmi23 tlX1oChaH75KJCxAnu/WzCARP+yDX04xWGOtJePt3Ko3vMPvbuqxVaw4l2ncqBb8 LFXuvvy+UCmt/hAlrZGrPaoUD4j7kc+opf1JPaegCFoUTA+yLZkdBGaRYojwACHh ceAHFoVke0dFiyXqOs5bNRISOxO8J1ZTGbRIL0UDQfGdMSdXNBrnNpwPxyeCUu03 V7L6vb9syulITVcDu8DJlgnFlsZn8tE0jh9d+lLcAy94YkC3FgNKXQFqGAn6kIw2 iVPI5yKQMbGfck4Ut/7dHP9AkFMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTYUOOx a7h967OGgeD6PQpy7fm5mzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qsYwDQYJKoZIhvcNAQELBQADggEBANktVNnJBBPNCl4E8X8chY1eHEu91cAKJ2WE HjV7zqznxCi8KngkO3+7tQmyOEpoD2V1wy4AY/y0Ik6CFl2WN+v1M+79kgaGrVnQ NalDiX+NLKBq8/2fCNSfk7anc3DMwdsdOiTypLk3A2ITTPKGJVr0eLayPxNeVl6N 89fIG7jfhEbO0s3a1mi8R75tWNcjZmiC54E0Ml+DKH1oybeeRanBkuT5uMblKBGq fzG/7wz1lGIU8cK/g0Abjqn4aMigLuGWccB7ZdCcBaUEylIHJhO0Dq38UqSYwt2M FxG2lzPeDz3ZSftFZRetYFyCR7d/We+9rF2eIwfQDreXl02em5g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:07 2026 by rpki-client