$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145426.roa File: AS145426.roa (raw, json) Hash identifier: T+htsw1LOU4bZt28MLBISVg9QtL7j2vWXigdyJW3O54= Subject key identifier: 50:8E:D9:6D:B4:C2:7A:A9:95:F3:51:68:20:42:E9:02:6A:B8:BC:11 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0793FF0930FD43000924B36BD40F73E36CFC2064 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145426.roa Signing time: Wed 04 Mar 2026 06:21:12 +0000 ROA not before: Wed 04 Mar 2026 06:16:12 +0000 ROA not after: Wed 03 Mar 2027 06:21:12 +0000 asID: 145426 IP address blocks: 240a:aad8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:93:ff:09:30:fd:43:00:09:24:b3:6b:d4:0f:73:e3:6c:fc:20:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:12 2026 GMT Not After : Mar 3 06:21:12 2027 GMT Subject: CN=508ED96DB4C27AA995F351682042E9026AB8BC11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:dc:95:e9:bb:01:f9:f2:e5:6a:75:04:54:02: c6:eb:b4:07:8e:6c:22:ef:f3:ad:2d:70:77:50:d8: 00:5f:9b:1c:0f:33:d4:48:b9:52:c6:a9:9d:c0:f0: da:33:15:6f:a7:a7:6f:cb:ff:e8:aa:d5:54:fc:35: 8e:1f:6c:b0:b6:b7:99:f6:57:de:ae:00:34:2c:63: af:bb:d6:1d:fa:a1:ee:72:cd:b6:49:fe:85:da:ef: 5d:39:f0:26:60:76:bf:9f:d2:e8:f6:44:0a:16:d9: 4f:1f:13:8c:aa:1e:e9:5f:53:53:9c:02:9f:5a:77: 9c:f4:b8:73:b6:fe:8f:f3:66:26:a0:5e:22:77:d7: 15:bc:b2:c7:ad:47:81:a1:87:15:b1:c1:97:da:27: e7:91:25:56:79:3c:13:f5:c3:24:34:93:40:9b:7f: 1a:b6:39:50:9b:01:1d:60:98:18:7a:28:a0:d5:64: 27:0d:67:68:34:e3:32:ef:4e:c6:3a:90:92:58:97: 4d:78:8e:fa:b2:93:12:c7:05:81:a0:e5:7b:7b:62: e2:bf:6a:12:2b:24:89:f5:ea:e5:0a:eb:bd:d4:00: 07:3f:47:a8:db:6f:34:5b:5c:9a:c4:b3:ee:05:01: be:a9:da:d2:61:3a:e6:40:9c:d3:e1:1b:bc:f0:68: f1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:8E:D9:6D:B4:C2:7A:A9:95:F3:51:68:20:42:E9:02:6A:B8:BC:11 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145426.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aad8::/32 Signature Algorithm: sha256WithRSAEncryption a4:9a:e5:ff:e4:da:6b:48:cd:a9:59:03:94:42:a8:b9:70:d1: 88:25:76:93:67:1c:c0:6e:72:c2:8b:0c:2d:eb:b5:e1:56:12: 01:d4:c6:71:56:ba:7d:a0:ae:9d:86:af:96:72:59:f2:0b:87: 21:ce:92:99:f3:86:d8:86:b7:98:99:98:51:cc:1a:92:fb:9f: a4:1a:34:56:7a:d2:ee:8a:bf:d6:71:db:de:9c:75:50:f6:a7: 04:52:bf:e4:f0:b1:28:3a:09:f0:0d:55:22:a8:50:fb:22:97: 89:69:5c:f5:fb:b1:ac:9f:a7:c4:b7:93:c1:69:2b:fa:77:6e: c2:f1:91:8d:cd:d3:26:24:e3:b8:28:5b:08:77:8b:d5:9f:46: bc:06:a8:af:4e:f2:41:f6:4d:bd:87:eb:70:d7:3e:20:6c:32: dc:cd:cb:40:46:a3:0b:76:78:3f:f0:0d:30:1f:f4:af:11:e8: f2:b9:37:a5:c9:13:5c:6e:73:a2:ab:0e:62:97:c5:be:98:ba: ec:c2:8d:68:27:d6:b5:ec:4c:50:ee:90:11:c9:5c:77:db:5d: 55:0d:0f:d4:56:1e:26:2e:70:85:8a:60:08:c1:c4:36:14:50: c1:1b:1c:93:5c:6d:15:2d:8a:88:b4:c6:02:52:2c:8b:83:3d: 76:90:31:7d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUB5P/CTD9QwAJJLNr1A9z42z8IGQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYxMloX DTI3MDMwMzA2MjExMlowMzExMC8GA1UEAxMoNTA4RUQ5NkRCNEMyN0FBOTk1RjM1 MTY4MjA0MkU5MDI2QUI4QkMxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOnclem7Afny5Wp1BFQCxuu0B45sIu/zrS1wd1DYAF+bHA8z1Ei5UsapncDw 2jMVb6enb8v/6KrVVPw1jh9ssLa3mfZX3q4ANCxjr7vWHfqh7nLNtkn+hdrvXTnw JmB2v5/S6PZEChbZTx8TjKoe6V9TU5wCn1p3nPS4c7b+j/NmJqBeInfXFbyyx61H gaGHFbHBl9on55ElVnk8E/XDJDSTQJt/GrY5UJsBHWCYGHoooNVkJw1naDTjMu9O xjqQkliXTXiO+rKTEscFgaDle3ti4r9qEiskifXq5QrrvdQABz9HqNtvNFtcmsSz 7gUBvqna0mE65kCc0+EbvPBo8fUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRQjtlt tMJ6qZXzUWggQukCari8ETAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQyNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qtgwDQYJKoZIhvcNAQELBQADggEBAKSa5f/k2mtIzalZA5RCqLlw0YgldpNnHMBu csKLDC3rteFWEgHUxnFWun2grp2Gr5ZyWfILhyHOkpnzhtiGt5iZmFHMGpL7n6Qa NFZ60u6Kv9Zx296cdVD2pwRSv+TwsSg6CfANVSKoUPsil4lpXPX7sayfp8S3k8Fp K/p3bsLxkY3N0yYk47goWwh3i9WfRrwGqK9O8kH2Tb2H63DXPiBsMtzNy0BGowt2 eD/wDTAf9K8R6PK5N6XJE1xuc6KrDmKXxb6YuuzCjWgn1rXsTFDukBHJXHfbXVUN D9RWHiYucIWKYAjBxDYUUMEbHJNcbRUtioi0xgJSLIuDPXaQMX0= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:33 2026 by rpki-client