$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146255.roa File: AS146255.roa (raw, json) Hash identifier: trSSXoIE3vL4DBjVufX58wfMB7DdKj0s+BiW2e6t7yk= Subject key identifier: C9:6E:B9:D1:BD:E6:43:3A:0E:76:99:37:A0:D9:CE:34:94:75:26:38 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3EB0CA48B14C17001FE3A5429F62B42E62CC5BCD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146255.roa Signing time: Wed 04 Mar 2026 06:34:12 +0000 ROA not before: Wed 04 Mar 2026 06:29:12 +0000 ROA not after: Wed 03 Mar 2027 06:34:12 +0000 asID: 146255 IP address blocks: 240a:ae15::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:b0:ca:48:b1:4c:17:00:1f:e3:a5:42:9f:62:b4:2e:62:cc:5b:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:12 2026 GMT Not After : Mar 3 06:34:12 2027 GMT Subject: CN=C96EB9D1BDE6433A0E769937A0D9CE3494752638 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:9c:23:5a:ae:d9:b1:4a:1a:19:4c:31:db:37: 96:ce:f3:0b:53:77:76:1c:94:61:5d:a8:5c:ba:40: 51:f5:b6:bc:5c:85:ae:a6:36:6f:61:08:b7:61:1f: f3:cd:97:48:e7:88:d5:f5:66:26:23:3e:89:33:da: 7e:51:93:cc:71:23:93:bf:74:c1:25:63:7f:24:ab: e0:fa:c5:8b:1a:a3:c9:07:c2:c7:24:fd:c1:11:9d: 75:6d:c1:66:73:d6:07:dc:7f:1e:5f:bd:a9:71:6b: 6d:8b:f5:56:ab:24:9e:0a:e3:00:43:5a:b3:33:f5: dc:a2:b6:56:be:0b:ba:f4:45:9b:fd:ec:48:ad:f6: 1b:79:59:9e:29:e8:82:51:6a:a3:cd:4a:ac:f6:18: f6:2e:4c:68:ad:56:52:33:fb:73:3e:56:b3:c8:e7: 67:84:25:9a:4a:ec:84:61:54:08:9d:b5:2d:e3:8c: db:de:30:8e:df:04:ba:99:55:43:51:b2:ae:37:52: 6f:ea:ef:3f:df:19:3d:ac:f7:4f:51:02:1d:83:bb: 37:68:f0:b3:8c:48:26:18:02:3a:ea:ec:85:3c:a0: 1f:80:cc:a0:f3:90:fa:b1:34:d7:66:67:8d:98:83: 59:ba:fa:4d:8f:5e:2a:06:50:9b:11:f8:90:62:98: ab:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:6E:B9:D1:BD:E6:43:3A:0E:76:99:37:A0:D9:CE:34:94:75:26:38 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146255.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae15::/32 Signature Algorithm: sha256WithRSAEncryption 44:36:98:fc:3c:3b:ce:c4:89:7e:0c:13:18:9c:fe:e2:b3:ec: 29:b3:0b:c3:c5:f2:eb:88:b5:3a:8b:fe:25:29:85:5a:11:9f: 57:c8:fa:17:7e:7a:2d:11:2e:1b:a4:7f:ca:51:05:de:e4:5d: d6:b9:10:ea:68:89:75:64:2d:cc:07:e8:12:56:94:06:f2:37: 3c:25:10:fb:27:81:93:84:e0:17:19:b9:fe:32:36:49:5a:09: 9f:81:0d:24:45:cd:7f:8e:b9:07:f5:c3:5c:b8:27:57:52:25: 8e:c6:87:a8:5f:30:93:02:89:19:8e:14:71:f6:64:bb:c9:40: b2:42:b8:8a:8b:b5:3c:80:48:a4:da:09:37:c7:bf:ac:83:57: 80:6f:3a:eb:fb:f9:9b:a1:76:dc:23:23:be:b2:87:b7:2e:eb: b5:fc:d5:72:f7:f4:6b:db:f6:c6:52:0e:f3:26:cb:97:4a:54: 93:b1:60:1b:bf:35:ec:ad:8c:d7:3d:52:ee:4d:ae:cd:f4:e5: 81:f5:15:4f:0b:d5:c9:28:9d:97:a3:55:aa:9b:16:2e:f8:ec: 76:b9:33:63:ac:b1:64:a4:a5:c2:78:12:cc:8b:9f:c0:d1:87: eb:d5:8c:96:e8:66:7c:19:44:d2:d9:3e:47:61:1f:0e:51:cc: 46:58:dd:18 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPrDKSLFMFwAf46VCn2K0LmLMW80wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxMloX DTI3MDMwMzA2MzQxMlowMzExMC8GA1UEAxMoQzk2RUI5RDFCREU2NDMzQTBFNzY5 OTM3QTBEOUNFMzQ5NDc1MjYzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANCcI1qu2bFKGhlMMds3ls7zC1N3dhyUYV2oXLpAUfW2vFyFrqY2b2EIt2Ef 882XSOeI1fVmJiM+iTPaflGTzHEjk790wSVjfySr4PrFixqjyQfCxyT9wRGddW3B ZnPWB9x/Hl+9qXFrbYv1VqskngrjAENaszP13KK2Vr4LuvRFm/3sSK32G3lZnino glFqo81KrPYY9i5MaK1WUjP7cz5Ws8jnZ4QlmkrshGFUCJ21LeOM294wjt8EuplV Q1GyrjdSb+rvP98ZPaz3T1ECHYO7N2jws4xIJhgCOurshTygH4DMoPOQ+rE012Zn jZiDWbr6TY9eKgZQmxH4kGKYq98CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTJbrnR veZDOg52mTeg2c40lHUmODAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rhUwDQYJKoZIhvcNAQELBQADggEBAEQ2mPw8O87EiX4MExic/uKz7CmzC8PF8uuI tTqL/iUphVoRn1fI+hd+ei0RLhukf8pRBd7kXda5EOpoiXVkLcwH6BJWlAbyNzwl EPsngZOE4BcZuf4yNklaCZ+BDSRFzX+OuQf1w1y4J1dSJY7Gh6hfMJMCiRmOFHH2 ZLvJQLJCuIqLtTyASKTaCTfHv6yDV4BvOuv7+ZuhdtwjI76yh7cu67X81XL39Gvb 9sZSDvMmy5dKVJOxYBu/NeytjNc9Uu5Nrs305YH1FU8L1ckonZejVaqbFi747Ha5 M2OssWSkpcJ4EsyLn8DRh+vVjJboZnwZRNLZPkdhHw5RzEZY3Rg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:28 2026 by rpki-client