$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146153.roa File: AS146153.roa (raw, json) Hash identifier: 4+hN25A7WQyntV20OI3ep+g798L1GLe8tBTRXKVyhCc= Subject key identifier: EC:E2:35:26:20:73:0B:9C:03:99:F5:E7:03:9C:3B:F4:12:8F:37:01 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 76F9F07D210EFA4238453EAF7B8A8D1D8BAC7FD5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146153.roa Signing time: Wed 04 Mar 2026 06:34:00 +0000 ROA not before: Wed 04 Mar 2026 06:29:00 +0000 ROA not after: Wed 03 Mar 2027 06:34:00 +0000 asID: 146153 IP address blocks: 240a:adaf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:f9:f0:7d:21:0e:fa:42:38:45:3e:af:7b:8a:8d:1d:8b:ac:7f:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:00 2026 GMT Not After : Mar 3 06:34:00 2027 GMT Subject: CN=ECE2352620730B9C0399F5E7039C3BF4128F3701 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:9b:b8:df:55:1a:f5:ea:64:23:5c:9a:3c:15: a6:2a:b9:66:e5:5e:96:3e:32:c3:b8:3c:d1:c3:00: bb:75:72:e2:44:fb:76:ca:84:67:bd:6a:00:a3:d6: 81:b4:b0:bd:2e:90:41:4d:6d:6c:4b:2d:da:5a:7e: 0e:8a:8e:f9:09:12:ba:4a:8a:2f:62:30:b0:ad:7b: f8:47:b8:9a:a2:d3:71:ae:1b:6f:07:56:1f:a4:28: d1:31:86:fa:f5:4e:e5:6e:e0:08:9f:da:7b:e0:87: 77:c3:89:71:9c:52:8d:6f:4f:57:e3:71:dd:17:c6: 94:90:05:f7:fd:39:b6:97:fa:1e:bb:08:6b:97:1b: de:09:c1:9c:93:50:c7:ec:00:ad:a0:c1:7e:1c:54: ba:16:a6:a6:60:1c:22:12:01:1a:5e:28:32:aa:f4: c4:f2:3c:e1:a1:3a:8f:e2:f3:1f:02:86:e5:f0:77: e0:e0:b9:58:83:be:bd:df:21:3c:98:88:48:52:6e: 58:4d:ca:c1:f2:fb:e8:0d:2e:8c:b6:2f:48:3f:fc: 77:d7:80:e8:98:cc:31:3d:05:5c:cf:4d:0c:58:b8: 77:26:41:8a:3b:60:5f:b5:d0:1c:e6:66:ef:fb:71: 69:57:a7:a9:e9:07:3d:4f:a0:15:da:7d:4b:27:08: 9f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:E2:35:26:20:73:0B:9C:03:99:F5:E7:03:9C:3B:F4:12:8F:37:01 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146153.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:adaf::/32 Signature Algorithm: sha256WithRSAEncryption a8:31:79:9b:b5:ab:a9:49:8b:d1:ee:d2:bf:c9:9a:2e:56:c7: 07:3d:fa:b8:ce:0e:35:9f:81:75:79:dc:02:c1:ee:98:28:0b: f8:4c:65:b7:4f:ea:f6:2e:2d:ce:39:61:50:cb:5d:04:c7:ce: 93:24:22:59:3d:62:47:c8:29:d8:a6:f1:3b:23:45:69:71:b3: 72:3c:61:19:0b:3f:d7:a0:49:b8:49:6f:74:72:98:47:d0:e4: 8d:b3:91:04:bc:63:a7:2a:f8:58:7a:b3:57:8f:b5:8e:73:af: 96:6d:e4:50:70:30:3e:90:a5:ec:38:9f:f5:97:d6:37:5b:83: 51:b5:3c:77:21:5a:46:30:7f:18:d2:2b:89:58:4f:66:3d:66: ec:5f:08:71:77:cf:37:39:0a:ce:a2:24:a8:1a:52:03:48:67: df:af:e4:a1:1b:20:07:c7:b5:c0:1e:84:87:6f:4f:fe:9e:f8: 07:e8:d9:9b:c2:3e:1f:16:9a:d7:2f:c7:ae:88:26:2d:6c:c3: d2:aa:e9:8c:df:e4:d9:cd:0c:be:48:ad:19:57:3e:4b:94:45: 9f:3f:e0:28:c6:53:bd:61:2f:ab:55:66:44:df:07:fd:d7:c8: 26:bc:a7:f8:29:f5:76:5f:b9:a2:11:95:ad:0f:9a:cb:36:0a: 72:0a:8b:7f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdvnwfSEO+kI4RT6ve4qNHYusf9UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkwMFoX DTI3MDMwMzA2MzQwMFowMzExMC8GA1UEAxMoRUNFMjM1MjYyMDczMEI5QzAzOTlG NUU3MDM5QzNCRjQxMjhGMzcwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+buN9VGvXqZCNcmjwVpiq5ZuVelj4yw7g80cMAu3Vy4kT7dsqEZ71qAKPW gbSwvS6QQU1tbEst2lp+DoqO+QkSukqKL2IwsK17+Ee4mqLTca4bbwdWH6Qo0TGG +vVO5W7gCJ/ae+CHd8OJcZxSjW9PV+Nx3RfGlJAF9/05tpf6HrsIa5cb3gnBnJNQ x+wAraDBfhxUuhampmAcIhIBGl4oMqr0xPI84aE6j+LzHwKG5fB34OC5WIO+vd8h PJiISFJuWE3KwfL76A0ujLYvSD/8d9eA6JjMMT0FXM9NDFi4dyZBijtgX7XQHOZm 7/txaVenqekHPU+gFdp9SycIn70CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTs4jUm IHMLnAOZ9ecDnDv0Eo83ATAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjE1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ra8wDQYJKoZIhvcNAQELBQADggEBAKgxeZu1q6lJi9Hu0r/Jmi5Wxwc9+rjODjWf gXV53ALB7pgoC/hMZbdP6vYuLc45YVDLXQTHzpMkIlk9YkfIKdim8TsjRWlxs3I8 YRkLP9egSbhJb3RymEfQ5I2zkQS8Y6cq+Fh6s1ePtY5zr5Zt5FBwMD6Qpew4n/WX 1jdbg1G1PHchWkYwfxjSK4lYT2Y9ZuxfCHF3zzc5Cs6iJKgaUgNIZ9+v5KEbIAfH tcAehIdvT/6e+Afo2ZvCPh8Wmtcvx66IJi1sw9Kq6Yzf5NnNDL5IrRlXPkuURZ8/ 4CjGU71hL6tVZkTfB/3XyCa8p/gp9XZfuaIRla0Pmss2CnIKi38= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:35 2026 by rpki-client