$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146254.roa File: AS146254.roa (raw, json) Hash identifier: SRI/0Rut20v+JroHMtRsvhO148AfECe8dZpcS2eXJ+g= Subject key identifier: 98:E2:73:42:0A:80:E6:52:5C:57:C9:E6:CD:DB:40:8D:48:66:E9:F9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 14621F5A98B1F82CB78C8F129D5044B4833C0ED3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146254.roa Signing time: Wed 04 Mar 2026 06:34:27 +0000 ROA not before: Wed 04 Mar 2026 06:29:27 +0000 ROA not after: Wed 03 Mar 2027 06:34:27 +0000 asID: 146254 IP address blocks: 240a:ae14::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:62:1f:5a:98:b1:f8:2c:b7:8c:8f:12:9d:50:44:b4:83:3c:0e:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:27 2026 GMT Not After : Mar 3 06:34:27 2027 GMT Subject: CN=98E273420A80E6525C57C9E6CDDB408D4866E9F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:62:11:46:08:0b:d4:62:d7:b8:ba:d7:57:35: 69:31:16:dc:11:02:0a:99:89:94:d3:e9:53:03:b2: 95:22:fe:08:7b:75:2f:92:87:49:68:24:16:fe:d4: a4:4d:b0:57:7e:3d:f8:20:76:71:58:17:f3:7c:d0: 83:c0:e8:29:b7:3f:e6:a1:b3:88:d0:cb:5c:b1:4b: 83:cf:77:71:3b:f9:01:f0:6f:de:08:98:da:a2:0c: fc:c4:42:ab:61:45:dc:26:4b:3e:c0:f3:1f:c7:75: 0e:8f:7f:df:8d:7c:9f:5c:e5:69:62:c9:ea:d8:7b: ce:cb:d0:22:03:86:60:ac:1c:85:b4:b3:44:f3:3a: 81:c7:39:84:3f:b1:d6:c8:cf:57:c8:32:e8:d3:7c: 70:2a:f2:07:79:ef:c0:58:1d:fe:12:bb:62:81:93: 82:dc:ac:cb:cd:d2:12:c9:27:5f:54:a5:a8:e0:bd: ff:75:8b:63:50:49:28:5c:32:9c:23:ec:6b:1d:a6: 92:0b:48:93:a8:10:bd:a7:a4:a5:96:14:18:e4:61: 0c:f6:73:17:0b:2e:19:fa:a0:d5:58:cd:96:27:c3: cc:b4:9a:bc:9b:2d:b9:eb:f6:83:e1:ce:24:c8:9f: 5b:6b:22:3c:0d:06:91:12:f4:72:d2:e2:c9:c3:75: 50:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:E2:73:42:0A:80:E6:52:5C:57:C9:E6:CD:DB:40:8D:48:66:E9:F9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146254.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae14::/32 Signature Algorithm: sha256WithRSAEncryption 31:11:9e:12:ed:33:93:77:8c:f2:d3:36:d4:3a:d8:e4:29:7a: 97:02:9a:fe:f4:9c:21:c8:85:40:70:c3:c5:19:53:08:75:20: d1:8e:2e:5e:1b:8b:fe:f4:03:45:a2:fe:ef:2d:b8:03:c6:16: 9f:58:40:18:17:4a:ea:e5:b2:40:a4:2a:04:54:ae:7a:82:f1: 65:0e:40:93:a2:38:97:c9:1e:96:ef:93:fa:f1:70:95:15:33: 8d:a9:e3:02:87:88:23:63:e1:7b:bb:43:ae:97:d5:10:b6:d4: ed:9d:10:6c:b3:8d:23:93:73:c2:d2:5d:f6:ac:4b:bb:29:5d: c0:9d:d7:cd:a8:e5:ed:1f:27:ac:48:36:0f:46:90:f7:24:78: 06:c1:62:35:59:54:42:fc:0b:0c:c3:b0:3d:3b:a1:3b:14:bc: 32:b2:bb:07:c7:90:24:70:f4:c6:de:a9:85:92:97:4d:54:b4: ad:3b:5c:e0:23:0e:7f:00:01:26:3a:25:5a:63:df:23:04:a2: 80:2c:9f:a6:32:48:18:6c:db:b9:ad:f4:67:2b:a8:1d:1a:1c: ce:37:47:7b:0b:41:eb:5c:df:0d:a4:69:27:b9:66:a5:67:73: 87:90:20:b9:8e:32:75:d1:58:c1:6d:22:64:33:ff:4a:26:15: 29:0d:b2:9f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFGIfWpix+Cy3jI8SnVBEtIM8DtMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkyN1oX DTI3MDMwMzA2MzQyN1owMzExMC8GA1UEAxMoOThFMjczNDIwQTgwRTY1MjVDNTdD OUU2Q0REQjQwOEQ0ODY2RTlGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9iEUYIC9Ri17i611c1aTEW3BECCpmJlNPpUwOylSL+CHt1L5KHSWgkFv7U pE2wV349+CB2cVgX83zQg8DoKbc/5qGziNDLXLFLg893cTv5AfBv3giY2qIM/MRC q2FF3CZLPsDzH8d1Do9/3418n1zlaWLJ6th7zsvQIgOGYKwchbSzRPM6gcc5hD+x 1sjPV8gy6NN8cCryB3nvwFgd/hK7YoGTgtysy83SEsknX1SlqOC9/3WLY1BJKFwy nCPsax2mkgtIk6gQvaekpZYUGORhDPZzFwsuGfqg1VjNlifDzLSavJstuev2g+HO JMifW2siPA0GkRL0ctLiycN1UCcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSY4nNC CoDmUlxXyebN20CNSGbp+TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rhQwDQYJKoZIhvcNAQELBQADggEBADERnhLtM5N3jPLTNtQ62OQpepcCmv70nCHI hUBww8UZUwh1INGOLl4bi/70A0Wi/u8tuAPGFp9YQBgXSurlskCkKgRUrnqC8WUO QJOiOJfJHpbvk/rxcJUVM42p4wKHiCNj4Xu7Q66X1RC21O2dEGyzjSOTc8LSXfas S7spXcCd182o5e0fJ6xINg9GkPckeAbBYjVZVEL8CwzDsD07oTsUvDKyuwfHkCRw 9MbeqYWSl01UtK07XOAjDn8AASY6JVpj3yMEooAsn6YySBhs27mt9GcrqB0aHM43 R3sLQetc3w2kaSe5ZqVnc4eQILmOMnXRWMFtImQz/0omFSkNsp8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:00 2026 by rpki-client