$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146251.roa File: AS146251.roa (raw, json) Hash identifier: nFVH/YFAQFlaUdFSN/sCGOSO25u187r5aLkZRA90Urc= Subject key identifier: 31:55:0D:58:78:17:2D:95:FA:62:39:56:FF:E6:07:08:AB:59:F6:A4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C1500B27D5D05C131A5816425FB0B67DA075E42 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146251.roa Signing time: Wed 04 Mar 2026 06:33:41 +0000 ROA not before: Wed 04 Mar 2026 06:28:41 +0000 ROA not after: Wed 03 Mar 2027 06:33:41 +0000 asID: 146251 IP address blocks: 240a:ae11::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:15:00:b2:7d:5d:05:c1:31:a5:81:64:25:fb:0b:67:da:07:5e:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:41 2026 GMT Not After : Mar 3 06:33:41 2027 GMT Subject: CN=31550D5878172D95FA623956FFE60708AB59F6A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d8:e2:d8:8c:29:51:18:87:d1:77:57:2b:a9: 64:58:9c:a4:fc:1f:f3:de:6d:eb:42:2d:2f:fc:da: 11:57:6f:de:3c:24:64:5f:cb:da:76:46:5b:9b:73: 4b:21:d6:59:e8:be:3d:3b:45:72:59:59:8a:6b:f8: 32:9a:1a:2d:58:8f:cb:f6:26:00:6e:42:d9:25:bf: 97:84:26:2e:e3:de:b4:8e:2e:e8:d2:b9:62:e0:90: 2f:e9:62:6d:cc:e5:58:4d:66:00:f7:6f:e0:c2:f8: b1:b2:cb:02:ed:bf:27:f2:72:7b:d7:13:eb:ed:6e: 99:64:c7:0f:23:ad:51:6f:77:42:9c:ae:31:ff:ee: 7a:fd:a0:ca:fc:23:1c:75:d0:99:86:18:1e:31:fe: 5b:df:b2:6e:88:c1:9a:56:39:e2:9d:fd:68:e9:51: 35:07:73:3d:0c:ec:f9:9c:4e:2d:0d:56:c8:9e:3d: 9b:ad:16:be:ae:c8:f7:35:f1:a9:ad:a9:6c:bd:57: c4:8d:c0:50:ed:03:67:13:9f:24:26:a9:65:83:52: 83:61:5b:fc:38:19:85:25:7f:c4:db:6f:c3:44:39: 28:09:2b:fe:e2:7d:fe:aa:7f:8a:1b:e0:ad:ab:c2: a6:6a:b5:87:af:8d:84:ca:db:38:83:8d:bf:01:34: ca:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:55:0D:58:78:17:2D:95:FA:62:39:56:FF:E6:07:08:AB:59:F6:A4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146251.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae11::/32 Signature Algorithm: sha256WithRSAEncryption b2:6e:80:eb:ba:2f:ab:08:4a:37:95:43:60:f3:5c:3c:4a:8f: 1b:d8:72:44:7c:53:2e:fd:48:1a:f6:e0:03:6d:0a:c1:16:99: 50:32:a8:47:2b:24:9d:60:da:73:d5:bd:9a:f7:3f:0c:5f:6e: 90:a0:68:df:73:c0:89:23:3c:1c:b4:88:7b:22:b1:3c:0d:9d: e0:ec:c2:68:7b:be:32:15:9f:d8:6b:1d:98:89:1e:ae:3e:f3: ec:f8:e7:e1:22:85:ec:66:aa:cd:0d:d3:15:4e:3e:7d:0c:7a: d6:7b:70:be:e4:22:bf:79:e8:de:1d:22:6d:25:42:36:f4:ba: 77:c1:af:17:0a:18:30:45:da:fe:85:b9:92:b9:c6:a1:00:f1: ca:87:9b:d2:38:20:45:d2:c5:b6:15:69:20:51:7c:e5:e3:2b: e9:eb:bd:f1:bb:30:95:09:91:d0:04:28:53:69:da:4d:52:14: 4d:03:fb:09:9a:73:76:60:62:e7:24:a0:ad:e1:72:bd:f5:29: a9:32:50:d2:ff:37:63:5b:b8:7f:66:8d:89:3f:76:ca:95:6c: c2:a9:5b:e4:e0:17:84:d8:df:6c:bb:c9:2a:2d:72:50:26:22: 48:37:d2:e8:f3:ab:cd:88:7c:83:87:f8:4c:6d:11:e7:e7:a0: be:4e:1e:a3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfBUAsn1dBcExpYFkJfsLZ9oHXkIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg0MVoX DTI3MDMwMzA2MzM0MVowMzExMC8GA1UEAxMoMzE1NTBENTg3ODE3MkQ5NUZBNjIz OTU2RkZFNjA3MDhBQjU5RjZBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKrY4tiMKVEYh9F3VyupZFicpPwf895t60ItL/zaEVdv3jwkZF/L2nZGW5tz SyHWWei+PTtFcllZimv4MpoaLViPy/YmAG5C2SW/l4QmLuPetI4u6NK5YuCQL+li bczlWE1mAPdv4ML4sbLLAu2/J/Jye9cT6+1umWTHDyOtUW93QpyuMf/uev2gyvwj HHXQmYYYHjH+W9+ybojBmlY54p39aOlRNQdzPQzs+ZxOLQ1WyJ49m60Wvq7I9zXx qa2pbL1XxI3AUO0DZxOfJCapZYNSg2Fb/DgZhSV/xNtvw0Q5KAkr/uJ9/qp/ihvg ravCpmq1h6+NhMrbOIONvwE0ypsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQxVQ1Y eBctlfpiOVb/5gcIq1n2pDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rhEwDQYJKoZIhvcNAQELBQADggEBALJugOu6L6sISjeVQ2DzXDxKjxvYckR8Uy79 SBr24ANtCsEWmVAyqEcrJJ1g2nPVvZr3PwxfbpCgaN9zwIkjPBy0iHsisTwNneDs wmh7vjIVn9hrHZiJHq4+8+z45+Eihexmqs0N0xVOPn0MetZ7cL7kIr956N4dIm0l Qjb0unfBrxcKGDBF2v6FuZK5xqEA8cqHm9I4IEXSxbYVaSBRfOXjK+nrvfG7MJUJ kdAEKFNp2k1SFE0D+wmac3ZgYuckoK3hcr31KakyUNL/N2NbuH9mjYk/dsqVbMKp W+TgF4TY32y7ySotclAmIkg30ujzq82IfIOH+ExtEefnoL5OHqM= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:44 2026 by rpki-client