$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145428.roa File: AS145428.roa (raw, json) Hash identifier: VzOExn0yXZ8/GMN1PVvHsHVgeTJsUAC69vhEZKQLsHc= Subject key identifier: 32:16:8B:0D:5F:95:BD:16:A7:D7:5D:38:ED:56:93:7B:3C:E1:C3:0C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 50FF072BB32EF6E59055C32D4EDE0B971E99897B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145428.roa Signing time: Wed 04 Mar 2026 06:21:27 +0000 ROA not before: Wed 04 Mar 2026 06:16:27 +0000 ROA not after: Wed 03 Mar 2027 06:21:27 +0000 asID: 145428 IP address blocks: 240a:aada::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:ff:07:2b:b3:2e:f6:e5:90:55:c3:2d:4e:de:0b:97:1e:99:89:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:16:27 2026 GMT Not After : Mar 3 06:21:27 2027 GMT Subject: CN=32168B0D5F95BD16A7D75D38ED56937B3CE1C30C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:89:02:84:6d:6c:28:52:63:2b:d1:6f:b4:f8: 4a:5b:bd:4f:f9:b4:cc:97:db:55:f7:5d:5e:e9:9e: 2e:2f:57:16:bf:38:46:98:28:e7:2c:44:d0:d7:c6: 83:e3:2a:d7:bf:46:96:84:97:35:27:73:34:d0:32: 0c:62:c8:ef:59:a5:08:60:86:b4:1a:2d:b6:f4:ee: a4:dd:85:20:59:1d:1e:10:04:1f:23:a3:8f:64:db: a8:57:90:9c:4c:b8:df:6b:34:7d:11:a1:87:e7:20: ba:1a:2b:0a:19:d7:15:f0:89:8c:63:40:e3:d8:13: 17:a1:98:36:a6:d1:dc:55:25:37:55:79:aa:b2:12: b7:f5:15:c3:f4:d1:b6:37:91:80:6e:9e:25:c7:62: 47:37:17:ee:40:9c:4d:5d:41:db:45:34:10:b7:c2: a3:78:09:67:df:67:76:65:ab:63:9f:f3:05:7b:1a: 6b:f8:da:59:a7:0a:a2:74:f1:56:b9:5e:85:cb:11: d3:d9:32:9e:80:75:dd:87:4e:f8:a5:53:bc:9f:9c: 5e:01:29:76:37:7c:f9:b3:27:cc:a4:3d:93:74:b8: 88:b3:07:c7:92:9b:f1:89:c0:7b:66:fb:9a:ea:08: d7:2c:6e:32:6d:bb:ae:57:45:c6:3b:ba:ac:ee:67: 0a:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:16:8B:0D:5F:95:BD:16:A7:D7:5D:38:ED:56:93:7B:3C:E1:C3:0C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145428.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aada::/32 Signature Algorithm: sha256WithRSAEncryption 70:67:94:87:a1:59:30:1a:81:4a:7a:1b:a5:e8:60:66:42:a6: d7:18:07:2d:30:93:59:05:7a:36:4e:ce:d6:16:3e:78:eb:18: 35:6e:83:aa:53:5c:4a:45:da:8d:30:a4:4d:02:b2:f8:c0:b2: 1d:5b:db:45:17:43:c9:ae:5c:e2:95:19:17:b6:2c:7d:8d:86: e6:63:e8:da:db:bb:73:ef:a8:0b:ad:ea:62:4f:d1:ee:ed:80: 62:72:1e:ff:04:3b:9c:6d:ac:3a:34:82:85:bd:50:93:7a:54: d9:be:2d:57:82:8d:4e:51:6f:47:74:7d:60:a4:45:90:ab:7a: 7d:6c:5f:91:1f:e7:8d:c7:54:e0:73:f3:f8:ed:b3:ab:df:36: c6:ee:5f:e4:65:66:69:8f:67:eb:a2:b6:70:1e:8e:73:7d:6f: ea:2b:4c:b0:b9:93:72:97:4a:5d:b1:41:e6:d6:6d:00:3f:42: b4:fe:b1:f7:dd:46:87:48:8f:82:30:8e:37:df:53:bd:8e:b0: c6:bb:db:e5:11:6d:9e:c5:0d:3e:b5:ed:50:55:77:e7:ad:3e: a8:c7:83:89:09:ab:4c:1d:de:5c:56:c4:d6:1c:e2:04:c2:c9: 4d:84:9d:d0:b1:12:53:cb:15:c6:c2:c9:6b:18:94:08:69:c4: a8:c0:f7:26 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUP8HK7Mu9uWQVcMtTt4Llx6ZiXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTYyN1oX DTI3MDMwMzA2MjEyN1owMzExMC8GA1UEAxMoMzIxNjhCMEQ1Rjk1QkQxNkE3RDc1 RDM4RUQ1NjkzN0IzQ0UxQzMwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqJAoRtbChSYyvRb7T4Slu9T/m0zJfbVfddXumeLi9XFr84Rpgo5yxE0NfG g+Mq179GloSXNSdzNNAyDGLI71mlCGCGtBottvTupN2FIFkdHhAEHyOjj2TbqFeQ nEy432s0fRGhh+cguhorChnXFfCJjGNA49gTF6GYNqbR3FUlN1V5qrISt/UVw/TR tjeRgG6eJcdiRzcX7kCcTV1B20U0ELfCo3gJZ99ndmWrY5/zBXsaa/jaWacKonTx VrlehcsR09kynoB13YdO+KVTvJ+cXgEpdjd8+bMnzKQ9k3S4iLMHx5Kb8YnAe2b7 muoI1yxuMm27rldFxju6rO5nCh0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQyFosN X5W9FqfXXTjtVpN7POHDDDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qtowDQYJKoZIhvcNAQELBQADggEBAHBnlIehWTAagUp6G6XoYGZCptcYBy0wk1kF ejZOztYWPnjrGDVug6pTXEpF2o0wpE0CsvjAsh1b20UXQ8muXOKVGRe2LH2NhuZj 6Nrbu3PvqAut6mJP0e7tgGJyHv8EO5xtrDo0goW9UJN6VNm+LVeCjU5Rb0d0fWCk RZCren1sX5Ef543HVOBz8/jts6vfNsbuX+RlZmmPZ+uitnAejnN9b+orTLC5k3KX Sl2xQebWbQA/QrT+sffdRodIj4IwjjffU72OsMa72+URbZ7FDT617VBVd+etPqjH g4kJq0wd3lxWxNYc4gTCyU2EndCxElPLFcbCyWsYlAhpxKjA9yY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:21 2026 by rpki-client