$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145423.roa File: AS145423.roa (raw, json) Hash identifier: k/VQfZePqvSUw6+kZkDemy/weDGIUvTE65D4CbIOCy0= Subject key identifier: F8:40:37:BC:5C:4C:D4:D1:7F:8F:FB:F7:52:11:50:CF:9D:ED:75:67 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7AFE01A1E43CE57582002FD2AC435C14D8F7AA2E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145423.roa Signing time: Wed 04 Mar 2026 06:20:59 +0000 ROA not before: Wed 04 Mar 2026 06:15:59 +0000 ROA not after: Wed 03 Mar 2027 06:20:59 +0000 asID: 145423 IP address blocks: 240a:aad5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:fe:01:a1:e4:3c:e5:75:82:00:2f:d2:ac:43:5c:14:d8:f7:aa:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:15:59 2026 GMT Not After : Mar 3 06:20:59 2027 GMT Subject: CN=F84037BC5C4CD4D17F8FFBF7521150CF9DED7567 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:82:1c:14:42:e9:0d:8c:fe:71:91:a0:4c:40: 23:ef:f1:d2:49:2c:88:a3:fc:ea:72:3f:8d:f5:7d: ff:ee:ad:c0:1a:3e:fa:17:e6:2d:7b:65:ec:3d:cf: 8d:89:15:83:a5:23:83:63:36:16:b8:79:45:32:a6: 79:41:9f:f8:36:f7:86:0e:93:33:fc:91:05:16:f7: 6d:23:29:48:1b:0d:b5:73:4a:9a:84:07:94:1f:97: c4:6e:36:8c:ba:a3:2b:16:51:45:d5:72:6d:ad:9b: 82:d7:9c:55:f3:97:70:2e:5b:5c:08:91:98:70:a5: 76:72:d6:43:46:0e:f7:c9:e0:25:62:2c:61:d1:be: cd:8f:25:72:15:f3:ad:1b:86:d3:8f:e2:3d:79:09: 60:22:d8:23:4b:b0:92:f1:ea:3b:d6:56:11:36:55: c2:6c:70:c0:81:1d:0e:22:f1:f0:ff:fc:ac:7b:ab: 95:84:72:7c:ca:22:1d:b1:8a:5e:09:3f:66:15:39: 69:23:44:99:8f:aa:37:da:55:31:38:fb:8c:cb:e8: 61:6d:d7:85:6c:56:35:95:82:ca:db:eb:70:64:b9: 79:02:d7:85:18:94:ee:28:11:f3:c8:ff:09:28:40: ca:f9:81:7b:c0:7b:9b:ce:11:6e:dc:35:69:5a:94: 1d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:40:37:BC:5C:4C:D4:D1:7F:8F:FB:F7:52:11:50:CF:9D:ED:75:67 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aad5::/32 Signature Algorithm: sha256WithRSAEncryption 28:88:f4:b1:f3:54:86:78:eb:09:6e:1f:de:55:f1:6a:97:93: f2:1e:67:04:5a:30:37:7b:d8:a1:83:d1:5c:c2:d5:90:25:06: 57:fa:c4:93:c7:51:6d:72:95:0a:e5:f2:cc:e7:a1:86:22:da: bf:84:09:dc:1c:3f:2d:d0:92:a9:98:ff:f6:cc:7f:89:18:61: 0b:a5:22:4e:88:0d:f2:27:f6:b0:99:a4:93:06:28:cf:03:f8: ad:86:fa:8a:b1:59:05:b1:e8:c8:c1:bb:2e:6d:f2:05:b0:6e: f4:16:1c:d0:ff:77:fd:9e:e0:50:8e:6f:8b:b2:ce:66:e7:a5: d3:42:89:ab:29:77:eb:7c:23:04:8f:ad:db:80:f0:5b:b5:6d: 72:5a:fc:94:09:3e:4c:5f:62:0b:4c:21:9e:9c:7e:67:ae:ed: 0d:94:2b:a4:63:92:5a:ba:e9:d2:5c:5d:1b:d2:46:aa:34:9d: cc:59:b1:4f:66:27:74:d6:d6:02:41:68:c5:ea:aa:f4:ea:80: 5b:80:2c:9e:ae:65:74:64:cf:ce:69:c5:c0:f2:d2:70:a6:3d: 1c:f1:20:c3:a2:a4:62:5d:6d:2e:16:60:73:3b:02:0e:0f:1f: ec:71:f7:7b:f1:2c:dc:70:6b:e3:d1:95:48:40:66:27:80:4e: 5b:5e:fa:0b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUev4BoeQ85XWCAC/SrENcFNj3qi4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTU1OVoX DTI3MDMwMzA2MjA1OVowMzExMC8GA1UEAxMoRjg0MDM3QkM1QzRDRDREMTdGOEZG QkY3NTIxMTUwQ0Y5REVENzU2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuCHBRC6Q2M/nGRoExAI+/x0kksiKP86nI/jfV9/+6twBo++hfmLXtl7D3P jYkVg6Ujg2M2Frh5RTKmeUGf+Db3hg6TM/yRBRb3bSMpSBsNtXNKmoQHlB+XxG42 jLqjKxZRRdVyba2bgtecVfOXcC5bXAiRmHCldnLWQ0YO98ngJWIsYdG+zY8lchXz rRuG04/iPXkJYCLYI0uwkvHqO9ZWETZVwmxwwIEdDiLx8P/8rHurlYRyfMoiHbGK Xgk/ZhU5aSNEmY+qN9pVMTj7jMvoYW3XhWxWNZWCytvrcGS5eQLXhRiU7igR88j/ CShAyvmBe8B7m84Rbtw1aVqUHfcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT4QDe8 XEzU0X+P+/dSEVDPne11ZzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qtUwDQYJKoZIhvcNAQELBQADggEBACiI9LHzVIZ46wluH95V8WqXk/IeZwRaMDd7 2KGD0VzC1ZAlBlf6xJPHUW1ylQrl8sznoYYi2r+ECdwcPy3QkqmY//bMf4kYYQul Ik6IDfIn9rCZpJMGKM8D+K2G+oqxWQWx6MjBuy5t8gWwbvQWHND/d/2e4FCOb4uy zmbnpdNCiaspd+t8IwSPrduA8Fu1bXJa/JQJPkxfYgtMIZ6cfmeu7Q2UK6Rjklq6 6dJcXRvSRqo0ncxZsU9mJ3TW1gJBaMXqqvTqgFuALJ6uZXRkz85pxcDy0nCmPRzx IMOipGJdbS4WYHM7Ag4PH+xx93vxLNxwa+PRlUhAZieATlte+gs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:57 2026 by rpki-client