$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145421.roa File: AS145421.roa (raw, json) Hash identifier: /VesABZGrAF4XXYUs7VEyb3GrS6S5ddrVq9+qzRBVOg= Subject key identifier: FC:D8:5C:55:E3:66:E8:3D:EE:EE:C5:21:6D:C4:6A:96:46:7C:17:6C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 411D4AC9BC5C91215489EDBE7B3FE3987452F8C7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145421.roa Signing time: Wed 04 Mar 2026 06:22:33 +0000 ROA not before: Wed 04 Mar 2026 06:17:33 +0000 ROA not after: Wed 03 Mar 2027 06:22:33 +0000 asID: 145421 IP address blocks: 240a:aad3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:1d:4a:c9:bc:5c:91:21:54:89:ed:be:7b:3f:e3:98:74:52:f8:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:17:33 2026 GMT Not After : Mar 3 06:22:33 2027 GMT Subject: CN=FCD85C55E366E83DEEEEC5216DC46A96467C176C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:3d:20:56:1b:b8:70:1d:ce:ab:7d:e2:a5:7e: 3a:31:0e:b7:67:3f:1f:ee:d1:82:fc:45:62:9b:96: 09:5e:0a:dc:0f:d5:67:33:4b:9a:ea:8a:b1:f5:3a: a6:53:cc:94:d5:50:ee:53:82:c1:90:c9:cf:79:a5: 3f:b0:07:53:51:c7:f4:89:2e:ea:a9:e1:7a:95:00: 91:ff:1d:35:c2:49:16:6d:12:d3:0d:fa:1e:21:46: 49:84:e3:c5:ba:43:1a:5d:d0:0a:c8:5d:27:c6:41: cb:ed:82:c8:73:ad:2d:f6:d0:04:d8:83:4c:31:2b: bb:c4:86:03:a4:64:6a:46:67:7f:51:3f:80:b3:bf: 1a:04:a9:48:2b:41:92:7b:de:bc:8b:ec:92:4e:8e: 61:f7:24:61:9e:59:bb:e8:06:df:43:9a:34:82:24: 31:a0:2f:f8:d8:91:fe:c4:fe:0a:42:3a:ce:33:57: 57:86:b8:9e:51:eb:aa:e8:06:4f:59:f2:5f:36:06: 79:e5:00:35:2a:a6:76:00:b0:7b:14:bb:96:46:6d: bc:2d:b5:95:7e:f8:fa:be:9a:fb:9e:7d:3a:98:63: e9:3e:e8:1d:7d:ac:f5:c1:0e:e9:77:c3:d4:95:5f: 5c:b6:8e:9e:01:ff:d2:a9:a6:6e:45:ed:26:15:9c: ef:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:D8:5C:55:E3:66:E8:3D:EE:EE:C5:21:6D:C4:6A:96:46:7C:17:6C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145421.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aad3::/32 Signature Algorithm: sha256WithRSAEncryption 9b:ce:43:ec:99:75:1a:65:5a:f4:3f:4d:fa:ec:ee:69:01:e8: 40:27:e0:1a:c7:a0:04:98:69:6e:11:36:cf:6f:7e:50:c0:9d: af:c4:8a:b8:8b:8b:2a:ce:22:19:b8:57:39:1d:ba:0c:45:a3: a3:bb:ee:d3:21:ef:92:1a:68:ba:d1:4e:42:50:9e:36:88:e9: ae:7b:00:24:2b:5c:58:40:66:6c:86:f8:23:be:68:ec:83:7a: b5:95:78:d9:41:89:b1:cc:03:97:ca:2d:e0:b4:31:ef:17:99: 10:0b:87:e4:f2:09:46:3d:d6:78:e7:97:cc:23:ac:34:b2:6c: 4b:30:b0:06:99:0e:ac:43:33:43:1f:d3:01:dd:2a:ea:21:94: 5e:0d:84:84:9d:b2:05:12:ba:c4:36:d4:b4:0b:85:3a:ec:73: ff:fa:3a:9c:7d:85:66:02:ce:f4:57:12:bc:81:df:8b:24:19: 1b:41:1a:39:b0:0f:f8:9c:a9:b8:1a:2e:90:3e:ec:70:50:61: b1:43:35:dd:e9:17:10:6b:70:16:f4:4b:4d:58:16:4f:95:c1: 3a:3d:c4:18:48:15:f1:01:7f:36:9a:e9:b5:d3:82:f7:ca:c4: 16:61:1f:fa:11:80:ad:f7:7d:6c:f3:67:2b:18:98:12:3d:08: c5:b1:88:be -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQR1KybxckSFUie2+ez/jmHRS+McwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTczM1oX DTI3MDMwMzA2MjIzM1owMzExMC8GA1UEAxMoRkNEODVDNTVFMzY2RTgzREVFRUVD NTIxNkRDNDZBOTY0NjdDMTc2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANc9IFYbuHAdzqt94qV+OjEOt2c/H+7RgvxFYpuWCV4K3A/VZzNLmuqKsfU6 plPMlNVQ7lOCwZDJz3mlP7AHU1HH9Iku6qnhepUAkf8dNcJJFm0S0w36HiFGSYTj xbpDGl3QCshdJ8ZBy+2CyHOtLfbQBNiDTDEru8SGA6RkakZnf1E/gLO/GgSpSCtB knvevIvskk6OYfckYZ5Zu+gG30OaNIIkMaAv+NiR/sT+CkI6zjNXV4a4nlHrqugG T1nyXzYGeeUANSqmdgCwexS7lkZtvC21lX74+r6a+559Ophj6T7oHX2s9cEO6XfD 1JVfXLaOngH/0qmmbkXtJhWc70MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT82FxV 42boPe7uxSFtxGqWRnwXbDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qtMwDQYJKoZIhvcNAQELBQADggEBAJvOQ+yZdRplWvQ/Tfrs7mkB6EAn4BrHoASY aW4RNs9vflDAna/EiriLiyrOIhm4VzkdugxFo6O77tMh75IaaLrRTkJQnjaI6a57 ACQrXFhAZmyG+CO+aOyDerWVeNlBibHMA5fKLeC0Me8XmRALh+TyCUY91njnl8wj rDSybEswsAaZDqxDM0Mf0wHdKuohlF4NhISdsgUSusQ21LQLhTrsc//6Opx9hWYC zvRXEryB34skGRtBGjmwD/icqbgaLpA+7HBQYbFDNd3pFxBrcBb0S01YFk+VwTo9 xBhIFfEBfzaa6bXTgvfKxBZhH/oRgK33fWzzZysYmBI9CMWxiL4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:37 2026 by rpki-client