$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145425.roa File: AS145425.roa (raw, json) Hash identifier: 5pxJ5c0pgdxvldf87zI+o3pKDBYTW0AhGSlrhAGla40= Subject key identifier: 56:A7:BD:77:1E:5A:9E:2F:38:EB:50:FF:44:31:78:3D:44:54:1C:C5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 78D90E3C604BFFCD2889A51ADAD50B5FE9EF61F6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145425.roa Signing time: Wed 04 Mar 2026 06:21:20 +0000 ROA not before: Wed 04 Mar 2026 06:16:20 +0000 ROA not after: Wed 03 Mar 2027 06:21:20 +0000 asID: 145425 IP address blocks: 240a:aad7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:d9:0e:3c:60:4b:ff:cd:28:89:a5:1a:da:d5:0b:5f:e9:ef:61:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:20 2026 GMT Not After : Mar 3 06:21:20 2027 GMT Subject: CN=56A7BD771E5A9E2F38EB50FF4431783D44541CC5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:06:71:36:67:b5:8c:aa:15:54:9c:a6:36:ff: ea:43:f8:26:e8:57:53:4f:43:68:d0:fa:9e:65:c5: ac:bd:fa:28:2b:86:24:fc:0c:ed:71:95:18:c8:d3: 3f:24:52:d9:b1:12:54:14:69:33:b0:f0:45:fd:c3: 0b:80:28:91:65:1e:87:e4:bb:01:1b:9a:bf:78:88: f6:8f:80:e3:b5:9a:07:9b:d9:d2:15:a6:4a:0d:c0: 54:07:4f:e6:52:b9:a3:9f:fd:1a:d8:e8:ea:50:d4: 08:e4:be:c6:75:ba:96:76:d2:c0:da:ef:ff:ff:da: 04:af:71:a0:6e:83:10:64:68:d5:ea:7d:71:74:a3: 15:25:bf:e0:fc:69:89:f4:15:78:9e:cd:60:5c:c7: 00:ea:17:08:80:ba:91:85:06:ef:e8:2d:b1:41:be: 33:e5:b1:37:53:44:4a:4a:e3:e0:0c:9d:f5:16:cb: 38:7a:19:05:96:c1:71:53:df:82:34:32:c4:fd:80: c4:0e:9e:a0:17:0f:bc:e2:9f:48:18:bc:d3:4e:4d: 4f:e6:32:e0:3e:51:22:3d:f2:09:c6:0c:d3:d0:b0: b8:4e:e0:09:22:92:29:9a:64:af:fa:62:02:b5:fe: b9:d9:85:b7:68:af:8c:7e:e5:57:45:5f:64:4f:1e: a4:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:A7:BD:77:1E:5A:9E:2F:38:EB:50:FF:44:31:78:3D:44:54:1C:C5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145425.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aad7::/32 Signature Algorithm: sha256WithRSAEncryption 10:7f:2c:50:14:ed:d9:b3:17:52:f3:f0:51:aa:1a:dc:ea:fe: 76:15:7d:d9:ea:b7:87:50:da:a3:1c:db:2c:f0:3b:e2:d8:7d: aa:4e:58:af:e8:4c:94:a5:aa:6f:b1:64:90:5c:d1:9a:e7:97: 36:05:61:3b:43:cc:7c:f0:e9:56:bd:3e:6a:68:ef:ce:04:39: 36:b7:93:38:f0:fe:b4:c3:37:f4:d7:d0:7e:3b:ec:7a:41:d2: 14:8f:57:cc:b0:d1:0e:26:be:65:73:c7:73:e1:8b:26:54:4c: 47:20:d8:26:1c:86:39:f9:e2:2f:62:25:dc:68:ba:80:bc:0d: a8:a6:a7:a9:a4:79:f5:48:95:66:aa:8c:51:ac:a0:a4:51:64: da:9f:09:85:c3:73:73:85:48:a3:63:d6:22:26:92:ff:34:c3: 1a:16:3f:ba:d5:6a:9d:b3:e0:46:01:03:37:4a:0d:e0:9f:e1: a3:c1:d6:42:72:da:ce:52:2f:c4:a1:a9:e4:d0:88:eb:3c:b7: 6f:22:d1:2d:38:80:06:54:0b:55:62:52:d3:43:09:34:22:6c: ae:f0:ae:b1:91:90:4c:23:a6:52:02:56:2b:8a:53:c5:01:d1: 40:fd:5c:15:cc:bd:19:57:36:18:c6:dc:fd:e7:a2:b9:b5:b7: 0f:63:a5:b9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeNkOPGBL/80oiaUa2tULX+nvYfYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyMFoX DTI3MDMwMzA2MjEyMFowMzExMC8GA1UEAxMoNTZBN0JENzcxRTVBOUUyRjM4RUI1 MEZGNDQzMTc4M0Q0NDU0MUNDNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOIGcTZntYyqFVScpjb/6kP4JuhXU09DaND6nmXFrL36KCuGJPwM7XGVGMjT PyRS2bESVBRpM7DwRf3DC4AokWUeh+S7ARuav3iI9o+A47WaB5vZ0hWmSg3AVAdP 5lK5o5/9Gtjo6lDUCOS+xnW6lnbSwNrv///aBK9xoG6DEGRo1ep9cXSjFSW/4Pxp ifQVeJ7NYFzHAOoXCIC6kYUG7+gtsUG+M+WxN1NESkrj4Ayd9RbLOHoZBZbBcVPf gjQyxP2AxA6eoBcPvOKfSBi8005NT+Yy4D5RIj3yCcYM09CwuE7gCSKSKZpkr/pi ArX+udmFt2ivjH7lV0VfZE8epLkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRWp713 HlqeLzjrUP9EMXg9RFQcxTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qtcwDQYJKoZIhvcNAQELBQADggEBABB/LFAU7dmzF1Lz8FGqGtzq/nYVfdnqt4dQ 2qMc2yzwO+LYfapOWK/oTJSlqm+xZJBc0ZrnlzYFYTtDzHzw6Va9Pmpo784EOTa3 kzjw/rTDN/TX0H477HpB0hSPV8yw0Q4mvmVzx3PhiyZUTEcg2CYchjn54i9iJdxo uoC8Daimp6mkefVIlWaqjFGsoKRRZNqfCYXDc3OFSKNj1iImkv80wxoWP7rVap2z 4EYBAzdKDeCf4aPB1kJy2s5SL8ShqeTQiOs8t28i0S04gAZUC1ViUtNDCTQibK7w rrGRkEwjplICViuKU8UB0UD9XBXMvRlXNhjG3P3norm1tw9jpbk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:26 2026 by rpki-client