$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS145429.roa File: AS145429.roa (raw, json) Hash identifier: kDeL4bXkROxMWGKegt2drfazeaUX0nueoU4fF78fkRE= Subject key identifier: D4:A1:2B:1D:8C:7E:36:23:DA:47:30:7B:86:BD:5B:4A:F9:A3:DF:44 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 27EEF479CABB9712E6F90A9B5B50FA117EC040CF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS145429.roa Signing time: Wed 04 Mar 2026 06:19:23 +0000 ROA not before: Wed 04 Mar 2026 06:14:23 +0000 ROA not after: Wed 03 Mar 2027 06:19:23 +0000 asID: 145429 IP address blocks: 240a:aadb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:ee:f4:79:ca:bb:97:12:e6:f9:0a:9b:5b:50:fa:11:7e:c0:40:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:23 2026 GMT Not After : Mar 3 06:19:23 2027 GMT Subject: CN=D4A12B1D8C7E3623DA47307B86BD5B4AF9A3DF44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:31:20:03:66:56:a2:0c:3a:a4:6c:8c:b9:8a: 4b:f9:86:be:00:2d:4d:26:37:17:38:7c:d0:a5:25: e3:ea:02:22:54:3a:ef:52:e9:ff:37:92:c6:0e:e9: 02:95:f3:19:e5:02:f4:04:01:3f:c8:d1:6c:42:69: df:04:15:be:97:cc:c8:4e:c4:8a:1e:0b:ff:08:b5: 7c:98:5f:c9:13:5f:1f:f3:f8:9d:e3:11:c9:12:d5: 95:66:7f:d1:b6:f4:98:8e:eb:c5:34:7d:cc:f2:ed: e7:fb:94:3d:41:95:64:63:df:4c:0d:6c:58:11:77: 56:c1:5c:a4:68:b7:40:bf:f7:b4:34:77:ad:d1:ab: cd:22:98:c0:49:47:49:e2:96:71:3a:99:7e:67:7d: ba:f8:c5:f2:f6:42:34:0a:e3:04:3b:88:50:a1:f9: 3f:f5:a8:e4:c0:9e:a6:db:b3:f8:16:d9:e1:69:37: 3b:eb:a3:94:69:55:90:79:3e:ee:7d:0c:36:af:8c: 2a:2a:ab:56:6c:5c:65:c3:a2:8c:45:bb:b9:94:6f: 18:40:bc:63:7f:e9:91:33:f9:6d:aa:ce:5c:84:fe: 61:18:51:42:c6:3f:e5:b2:42:78:f2:25:53:b2:1c: c6:2f:f8:e9:0c:6f:35:70:6b:fe:57:ba:60:ca:ce: 5f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:A1:2B:1D:8C:7E:36:23:DA:47:30:7B:86:BD:5B:4A:F9:A3:DF:44 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS145429.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aadb::/32 Signature Algorithm: sha256WithRSAEncryption 01:87:6d:31:49:39:3e:73:08:9c:2d:97:d2:82:89:2d:54:a7: db:fc:db:09:b7:1a:ab:f8:f9:d5:88:46:79:06:cf:68:87:bf: 9d:ff:6f:ba:b2:e3:72:2b:f4:60:ef:c8:7a:41:fd:16:be:dd: 5b:b6:58:77:50:30:67:32:3a:b7:86:3e:3b:a1:5b:8c:95:2f: 11:04:30:d8:ef:ee:2d:e5:0f:4a:96:a8:9b:76:25:bc:86:19: 86:51:ed:21:e8:d9:d6:5e:7d:78:a1:bb:db:40:2f:9d:d7:00: 7a:b2:79:d4:1c:f5:76:ae:e9:4c:95:79:06:02:e2:61:10:19: c2:fd:ef:ad:41:96:89:19:78:54:b7:48:33:67:10:ec:23:40: 38:97:31:c8:c4:28:25:f0:cb:18:eb:b9:94:b1:86:a9:7e:3a: 7f:b0:aa:39:f9:fb:e8:6c:e8:ed:c0:83:52:57:ce:85:b0:ae: 33:06:f7:bb:98:d7:78:09:66:07:13:d8:69:06:5e:e0:2a:f9: 78:cc:55:4d:10:0d:bc:71:fd:8e:27:41:76:f6:c5:d0:5d:48: 81:ac:cd:be:9d:18:82:23:de:99:0b:0b:9d:85:9d:ed:19:01: 5a:f7:d7:71:47:47:31:48:2a:db:1f:d7:9c:a5:b1:87:4b:eb: 43:4f:2d:8b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJ+70ecq7lxLm+QqbW1D6EX7AQM8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyM1oX DTI3MDMwMzA2MTkyM1owMzExMC8GA1UEAxMoRDRBMTJCMUQ4QzdFMzYyM0RBNDcz MDdCODZCRDVCNEFGOUEzREY0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYxIANmVqIMOqRsjLmKS/mGvgAtTSY3Fzh80KUl4+oCIlQ671Lp/zeSxg7p ApXzGeUC9AQBP8jRbEJp3wQVvpfMyE7Eih4L/wi1fJhfyRNfH/P4neMRyRLVlWZ/ 0bb0mI7rxTR9zPLt5/uUPUGVZGPfTA1sWBF3VsFcpGi3QL/3tDR3rdGrzSKYwElH SeKWcTqZfmd9uvjF8vZCNArjBDuIUKH5P/Wo5MCeptuz+BbZ4Wk3O+ujlGlVkHk+ 7n0MNq+MKiqrVmxcZcOijEW7uZRvGEC8Y3/pkTP5barOXIT+YRhRQsY/5bJCePIl U7Icxi/46QxvNXBr/le6YMrOX00CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTUoSsd jH42I9pHMHuGvVtK+aPfRDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NTQyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qtswDQYJKoZIhvcNAQELBQADggEBAAGHbTFJOT5zCJwtl9KCiS1Up9v82wm3Gqv4 +dWIRnkGz2iHv53/b7qy43Ir9GDvyHpB/Ra+3Vu2WHdQMGcyOreGPjuhW4yVLxEE MNjv7i3lD0qWqJt2JbyGGYZR7SHo2dZefXihu9tAL53XAHqyedQc9Xau6UyVeQYC 4mEQGcL9761BlokZeFS3SDNnEOwjQDiXMcjEKCXwyxjruZSxhql+On+wqjn5++hs 6O3Ag1JXzoWwrjMG97uY13gJZgcT2GkGXuAq+XjMVU0QDbxx/Y4nQXb2xdBdSIGs zb6dGIIj3pkLC52Fne0ZAVr313FHRzFIKtsf15ylsYdL60NPLYs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:18 2026 by rpki-client