$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145410.roa File: AS145410.roa (raw, json) Hash identifier: djDqcJXUVCDK1Jmu8TM18RQRrPkzjrVY0Es5okusrFA= Subject key identifier: B6:49:E4:2A:A0:7D:64:A8:51:A6:4F:91:29:36:60:1D:1B:C9:B4:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 29F617B1824E2E56E1DAD675F925C10915B85B14 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145410.roa Signing time: Wed 04 Mar 2026 06:19:34 +0000 ROA not before: Wed 04 Mar 2026 06:14:34 +0000 ROA not after: Wed 03 Mar 2027 06:19:34 +0000 asID: 145410 IP address blocks: 240a:aac8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:f6:17:b1:82:4e:2e:56:e1:da:d6:75:f9:25:c1:09:15:b8:5b:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:34 2026 GMT Not After : Mar 3 06:19:34 2027 GMT Subject: CN=B649E42AA07D64A851A64F912936601D1BC9B4E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:af:cc:dd:7f:58:c3:6d:34:11:1f:2b:98:df: 8d:ad:5d:02:cc:e2:ff:a8:b2:27:18:0e:94:55:26: 42:a9:a8:26:be:c6:85:b3:34:53:c2:f2:4f:e1:4d: 1d:93:41:2c:4c:c4:a0:ff:d0:f7:fe:9b:26:84:d4: 42:7e:cb:5b:8f:38:df:90:49:e3:5d:3e:23:59:48: 06:c2:a4:86:8e:a1:a5:e9:b7:db:f6:57:3a:c4:28: 2f:1b:99:7d:93:7a:ed:8a:ed:5d:10:9c:5c:78:f6: 38:1a:78:c2:06:55:a7:b0:21:54:9b:fa:26:9e:00: 63:02:4e:4d:45:3e:fe:20:a5:87:89:2a:cd:1f:e2: 03:f2:48:84:68:32:41:e1:d4:3e:95:65:97:30:6a: 35:a3:42:e9:f8:e3:6d:f3:17:3f:2a:76:7d:93:dd: 94:b7:3e:2e:42:3c:87:9d:b1:4a:11:47:25:f7:c0: 01:1e:5d:47:de:81:61:af:f9:0f:25:c5:76:b1:7e: dd:ef:d0:ba:4e:92:83:6e:fc:ea:d1:9a:41:b6:5b: 01:71:3b:73:3d:e4:9b:4b:a6:ac:35:cd:e2:92:2b: 7d:e1:ef:a0:47:9d:7d:2a:df:bd:cf:e5:07:ae:7d: 94:28:32:ce:93:83:1f:1d:6d:ed:74:98:12:fe:a4: 44:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:49:E4:2A:A0:7D:64:A8:51:A6:4F:91:29:36:60:1D:1B:C9:B4:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145410.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aac8::/32 Signature Algorithm: sha256WithRSAEncryption 44:e5:49:f1:f7:e0:84:c3:76:ba:e7:5b:da:0e:4b:10:b1:1b: 71:87:69:c1:73:6f:92:a8:56:e9:fc:89:31:ac:c5:36:0f:cb: 09:ec:c0:61:50:ef:dd:04:0a:20:af:de:80:76:ef:bb:34:e2: d2:37:4d:6e:09:d1:42:dd:2e:c3:6f:ad:83:1c:4d:43:4e:1e: 77:c2:b9:0e:df:fe:71:95:85:1a:b6:7c:1b:a6:0d:14:24:c6: d5:c7:da:bb:d0:7a:7f:af:0b:bd:a9:05:c5:4d:23:14:e7:61: 8e:0f:8a:ef:79:0d:b4:ee:b1:98:16:59:ab:d2:94:69:47:b1: 05:0a:3b:46:ab:10:c3:ac:5d:4a:a7:a5:6e:a4:be:35:20:47: d7:dc:a4:0d:c4:b0:1f:20:bc:bc:3a:eb:ef:29:b3:e9:a0:c0: 97:aa:af:c2:1b:14:a6:83:ba:60:4d:f6:79:60:d6:d5:8b:b2: 5c:22:1f:fc:b3:d7:6e:d5:cf:3c:3b:7b:8f:34:cd:d6:e0:aa: a7:14:de:b0:75:e0:58:e3:d9:ff:ad:39:43:d6:4f:d3:6d:c9: ba:38:35:09:a6:ab:c1:5e:f7:b7:fa:56:2e:0c:cf:fe:d0:27: ed:e2:57:a4:49:0d:57:73:3e:df:1d:10:63:68:1a:71:11:f3: 06:7a:03:db -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKfYXsYJOLlbh2tZ1+SXBCRW4WxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQzNFoX DTI3MDMwMzA2MTkzNFowMzExMC8GA1UEAxMoQjY0OUU0MkFBMDdENjRBODUxQTY0 RjkxMjkzNjYwMUQxQkM5QjRFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6vzN1/WMNtNBEfK5jfja1dAszi/6iyJxgOlFUmQqmoJr7GhbM0U8LyT+FN HZNBLEzEoP/Q9/6bJoTUQn7LW48435BJ410+I1lIBsKkho6hpem32/ZXOsQoLxuZ fZN67YrtXRCcXHj2OBp4wgZVp7AhVJv6Jp4AYwJOTUU+/iClh4kqzR/iA/JIhGgy QeHUPpVllzBqNaNC6fjjbfMXPyp2fZPdlLc+LkI8h52xShFHJffAAR5dR96BYa/5 DyXFdrF+3e/Quk6Sg2786tGaQbZbAXE7cz3km0umrDXN4pIrfeHvoEedfSrfvc/l B659lCgyzpODHx1t7XSYEv6kRE8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS2SeQq oH1kqFGmT5EpNmAdG8m04jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQxMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qsgwDQYJKoZIhvcNAQELBQADggEBAETlSfH34ITDdrrnW9oOSxCxG3GHacFzb5Ko Vun8iTGsxTYPywnswGFQ790ECiCv3oB277s04tI3TW4J0ULdLsNvrYMcTUNOHnfC uQ7f/nGVhRq2fBumDRQkxtXH2rvQen+vC72pBcVNIxTnYY4Piu95DbTusZgWWavS lGlHsQUKO0arEMOsXUqnpW6kvjUgR9fcpA3EsB8gvLw66+8ps+mgwJeqr8IbFKaD umBN9nlg1tWLslwiH/yz127Vzzw7e480zdbgqqcU3rB14Fjj2f+tOUPWT9Ntybo4 NQmmq8Fe97f6Vi4Mz/7QJ+3iV6RJDVdzPt8dEGNoGnER8wZ6A9s= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:14 2026 by rpki-client