$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146325.roa File: AS146325.roa (raw, json) Hash identifier: Pa+dxLEo29Av0LttQjWZs9k/9FvwRUTyT6YMxRj7YFc= Subject key identifier: 02:50:6E:72:80:26:D7:C8:F1:98:C7:49:49:CE:DA:0E:1E:FA:CE:A5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6189079E939FA4D2270E48729553877D9A3C5705 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146325.roa Signing time: Wed 04 Mar 2026 06:34:27 +0000 ROA not before: Wed 04 Mar 2026 06:29:27 +0000 ROA not after: Wed 03 Mar 2027 06:34:27 +0000 asID: 146325 IP address blocks: 240a:ae5b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:89:07:9e:93:9f:a4:d2:27:0e:48:72:95:53:87:7d:9a:3c:57:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:27 2026 GMT Not After : Mar 3 06:34:27 2027 GMT Subject: CN=02506E728026D7C8F198C74949CEDA0E1EFACEA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f9:41:31:3b:7f:ac:8c:f5:a1:2b:1a:fe:44: ad:af:a8:30:7d:f2:59:71:b1:fd:c2:67:f6:a8:57: 2d:58:8d:a3:98:47:f7:ef:f2:42:f3:4f:f7:6f:9a: d4:a6:59:27:cc:6c:b6:97:7a:77:0e:c3:4d:12:50: 72:7b:f9:8b:ac:27:9e:b1:5d:1f:30:15:3b:be:fb: 8e:eb:a0:87:33:aa:c9:9a:8a:b7:a8:a4:d7:1d:91: 29:72:29:9a:fa:10:8f:f2:34:0e:19:f8:5b:e3:30: dc:fc:0d:15:1a:9a:d0:d6:0e:4e:fb:0a:98:78:97: 96:80:c8:69:45:35:f2:76:0a:f7:3e:26:5a:8c:01: b4:68:7f:54:c8:64:44:ce:0b:c9:88:fe:c0:d5:b5: 25:d8:ef:a4:11:44:74:b1:8b:80:6b:ef:0a:3d:fb: 25:c5:d1:a3:78:27:9b:a6:d8:6c:0a:29:b6:0a:85: a7:14:40:89:6b:1d:d5:d7:fc:aa:fd:0f:2f:e8:9f: 83:8f:b8:e7:2e:62:a3:47:d0:1f:c0:27:e3:fb:f1: 30:27:bb:8a:58:de:38:05:47:42:72:d8:d2:5c:c5: b6:4b:13:d6:38:e2:53:f3:f2:a3:50:db:b8:2e:8d: 82:26:a4:71:00:11:94:28:8c:26:09:91:86:4f:94: d4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:50:6E:72:80:26:D7:C8:F1:98:C7:49:49:CE:DA:0E:1E:FA:CE:A5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146325.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae5b::/32 Signature Algorithm: sha256WithRSAEncryption 8c:d4:f8:b4:c6:bd:80:a1:b0:b2:cd:8f:7c:98:f6:a5:43:1b: 1f:32:8c:7c:61:6a:5d:ba:07:d0:e1:1e:f3:27:33:07:6b:01: d9:15:af:2a:7d:4f:a2:1d:4b:7e:87:44:e2:57:b2:4c:03:c6: 43:9a:60:b9:98:e6:15:c6:83:90:c7:1f:6a:fb:0d:35:b2:e9: d1:f4:5e:e8:2a:ed:79:7a:7b:c4:13:bb:59:b4:e8:0c:64:ff: b7:76:77:b5:85:ba:21:c4:e4:12:60:0c:0f:7c:a0:35:e9:44: eb:ac:30:ed:7a:39:0c:49:90:17:4b:a4:5e:77:00:6c:e8:98: 28:78:e7:34:e0:ca:1d:17:01:91:df:af:24:b9:d0:a3:12:da: c4:ac:75:ae:0d:7d:b1:bf:54:97:aa:b8:db:f8:2c:2f:b9:5b: c1:7c:21:6e:84:29:a9:f7:52:d9:f6:74:21:da:c1:e1:4a:dc: 03:c7:0f:b6:e3:98:3f:47:e0:c5:93:9e:cb:80:ec:0a:84:29: f5:b2:9e:96:b0:6e:85:2c:eb:51:b8:2c:7b:4d:93:f3:60:46: e9:14:94:80:60:c1:ff:43:96:f9:94:91:5e:7e:05:b7:e7:74: b2:c9:86:ba:04:5b:4e:27:89:42:15:8b:6a:33:23:96:63:2d: 76:8b:3b:79 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYYkHnpOfpNInDkhylVOHfZo8VwUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkyN1oX DTI3MDMwMzA2MzQyN1owMzExMC8GA1UEAxMoMDI1MDZFNzI4MDI2RDdDOEYxOThD NzQ5NDlDRURBMEUxRUZBQ0VBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALb5QTE7f6yM9aErGv5Era+oMH3yWXGx/cJn9qhXLViNo5hH9+/yQvNP92+a 1KZZJ8xstpd6dw7DTRJQcnv5i6wnnrFdHzAVO777juughzOqyZqKt6ik1x2RKXIp mvoQj/I0Dhn4W+Mw3PwNFRqa0NYOTvsKmHiXloDIaUU18nYK9z4mWowBtGh/VMhk RM4LyYj+wNW1JdjvpBFEdLGLgGvvCj37JcXRo3gnm6bYbAoptgqFpxRAiWsd1df8 qv0PL+ifg4+45y5io0fQH8An4/vxMCe7iljeOAVHQnLY0lzFtksT1jjiU/Pyo1Db uC6NgiakcQARlCiMJgmRhk+U1EUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQCUG5y gCbXyPGYx0lJztoOHvrOpTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjMyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rlswDQYJKoZIhvcNAQELBQADggEBAIzU+LTGvYChsLLNj3yY9qVDGx8yjHxhal26 B9DhHvMnMwdrAdkVryp9T6IdS36HROJXskwDxkOaYLmY5hXGg5DHH2r7DTWy6dH0 Xugq7Xl6e8QTu1m06Axk/7d2d7WFuiHE5BJgDA98oDXpROusMO16OQxJkBdLpF53 AGzomCh45zTgyh0XAZHfryS50KMS2sSsda4NfbG/VJequNv4LC+5W8F8IW6EKan3 Utn2dCHaweFK3APHD7bjmD9H4MWTnsuA7AqEKfWynpawboUs61G4LHtNk/NgRukU lIBgwf9DlvmUkV5+BbfndLLJhroEW04niUIVi2ozI5ZjLXaLO3k= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:43 2026 by rpki-client