$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146324.roa File: AS146324.roa (raw, json) Hash identifier: rFUwG6LCil7e3YtnKdMFdR+psWFkB19Wx3pyX8h/5YU= Subject key identifier: DD:09:B7:0E:C3:6E:87:A3:CC:A4:3E:27:B8:B2:0F:1A:7D:D7:FA:AD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 798B440EB94E44C812B072239B2CE2028A86E769 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146324.roa Signing time: Wed 04 Mar 2026 06:34:15 +0000 ROA not before: Wed 04 Mar 2026 06:29:15 +0000 ROA not after: Wed 03 Mar 2027 06:34:15 +0000 asID: 146324 IP address blocks: 240a:ae5a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:8b:44:0e:b9:4e:44:c8:12:b0:72:23:9b:2c:e2:02:8a:86:e7:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:15 2026 GMT Not After : Mar 3 06:34:15 2027 GMT Subject: CN=DD09B70EC36E87A3CCA43E27B8B20F1A7DD7FAAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5b:96:bb:92:64:b8:d4:19:ba:6b:f3:77:77: 40:1e:bd:ac:e2:7c:ef:4c:09:a5:9c:ff:eb:26:cd: ae:49:da:b1:63:6c:66:57:09:d3:49:d4:6a:9a:3c: 98:da:df:3c:d0:d4:0d:b6:6e:37:c6:f5:00:21:f9: b7:62:5b:82:d9:83:42:bd:a5:7e:85:d0:66:e6:38: 76:4e:58:0d:3c:69:e4:6a:41:82:4c:3b:01:3b:05: e2:71:e8:c6:91:ea:ea:c9:f0:3c:d3:61:cf:cc:70: bd:24:69:31:06:15:8f:8d:6b:d8:0f:69:71:04:89: 0d:08:43:25:d9:49:8a:9a:35:c9:c3:cb:96:08:0f: 12:a7:b0:81:8a:41:73:71:f9:6b:e5:ef:e2:e7:e3: ea:f4:9b:87:87:7e:49:cd:59:25:27:7d:93:96:3a: eb:f9:43:14:0b:83:57:06:5b:c6:a5:00:32:62:b8: 61:7a:b2:61:c0:37:dc:7c:20:ed:d6:1a:dd:e3:78: d8:fd:35:ac:74:92:37:bf:25:92:74:3d:db:37:c4: 14:54:f0:88:6a:f3:94:85:76:cc:23:84:cb:31:00: d6:30:25:a6:1a:34:27:be:f2:13:31:60:0a:f5:91: 23:b6:53:06:e8:e3:f6:b7:02:ce:df:54:5a:ab:4b: db:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:09:B7:0E:C3:6E:87:A3:CC:A4:3E:27:B8:B2:0F:1A:7D:D7:FA:AD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146324.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae5a::/32 Signature Algorithm: sha256WithRSAEncryption 76:cf:37:f7:83:66:7d:cb:4c:7e:7f:ee:28:12:bb:b4:8b:2d: 3c:1b:e3:28:93:1e:e9:0a:89:db:2a:cc:19:19:99:83:91:aa: 40:d1:2e:6e:fd:ce:ec:1b:a5:34:25:a5:e6:ef:71:86:29:a4: b9:d0:8f:c6:b6:b4:2f:8c:20:96:23:52:33:3b:d6:83:a7:47: ab:7b:c5:b7:74:4b:60:23:44:76:ee:dc:1d:06:5a:9c:fc:8a: e8:5d:20:f6:e8:31:44:67:be:30:e1:9b:50:54:e9:e1:f5:f3: 9e:32:e8:71:7d:d1:b8:b9:59:4c:1c:92:fc:87:cc:4a:a7:a2: 38:93:30:90:54:4f:95:dc:60:2c:24:3e:97:d6:8e:f8:0e:cd: 2e:8b:92:cb:47:fc:ac:c9:7a:b9:0e:88:7d:ca:b9:f6:a1:7f: 49:0a:13:98:d7:d1:65:12:8a:1e:ec:61:35:71:8d:8c:d6:b1: 00:49:3c:25:95:4f:18:6d:ae:3a:71:fb:85:66:d0:3e:d3:f7: f9:6f:74:2c:bd:94:dd:68:e2:22:1e:11:14:e4:ea:d7:6f:7d: 90:21:4b:82:6c:0c:5c:04:80:36:7a:7d:84:b2:7e:82:ab:c6: 0f:b7:4a:ff:7c:4a:7e:c9:4c:f6:72:af:32:4a:a3:42:09:d8: 94:8a:21:35 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeYtEDrlORMgSsHIjmyziAoqG52kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxNVoX DTI3MDMwMzA2MzQxNVowMzExMC8GA1UEAxMoREQwOUI3MEVDMzZFODdBM0NDQTQz RTI3QjhCMjBGMUE3REQ3RkFBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMJblruSZLjUGbpr83d3QB69rOJ870wJpZz/6ybNrknasWNsZlcJ00nUapo8 mNrfPNDUDbZuN8b1ACH5t2JbgtmDQr2lfoXQZuY4dk5YDTxp5GpBgkw7ATsF4nHo xpHq6snwPNNhz8xwvSRpMQYVj41r2A9pcQSJDQhDJdlJipo1ycPLlggPEqewgYpB c3H5a+Xv4ufj6vSbh4d+Sc1ZJSd9k5Y66/lDFAuDVwZbxqUAMmK4YXqyYcA33Hwg 7dYa3eN42P01rHSSN78lknQ92zfEFFTwiGrzlIV2zCOEyzEA1jAlpho0J77yEzFg CvWRI7ZTBujj9rcCzt9UWqtL2w8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTdCbcO w26Ho8ykPie4sg8afdf6rTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjMyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rlowDQYJKoZIhvcNAQELBQADggEBAHbPN/eDZn3LTH5/7igSu7SLLTwb4yiTHukK idsqzBkZmYORqkDRLm79zuwbpTQlpebvcYYppLnQj8a2tC+MIJYjUjM71oOnR6t7 xbd0S2AjRHbu3B0GWpz8iuhdIPboMURnvjDhm1BU6eH1854y6HF90bi5WUwckvyH zEqnojiTMJBUT5XcYCwkPpfWjvgOzS6LkstH/KzJerkOiH3Kufahf0kKE5jX0WUS ih7sYTVxjYzWsQBJPCWVTxhtrjpx+4Vm0D7T9/lvdCy9lN1o4iIeERTk6tdvfZAh S4JsDFwEgDZ6fYSyfoKrxg+3Sv98Sn7JTPZyrzJKo0IJ2JSKITU= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:37 2026 by rpki-client