$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146453.roa File: AS146453.roa (raw, json) Hash identifier: pxhANd1HQXMareipAQMknPSfIihhSz9PRVlubwEgvs4= Subject key identifier: 37:F8:6A:A0:96:F0:27:DB:E8:04:2F:6C:2C:22:EE:3F:86:F5:74:5D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 67632735006F5128E814EBCD910D0F13EA359F2A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146453.roa Signing time: Wed 04 Mar 2026 06:34:08 +0000 ROA not before: Wed 04 Mar 2026 06:29:08 +0000 ROA not after: Wed 03 Mar 2027 06:34:08 +0000 asID: 146453 IP address blocks: 240a:aedb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:63:27:35:00:6f:51:28:e8:14:eb:cd:91:0d:0f:13:ea:35:9f:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:08 2026 GMT Not After : Mar 3 06:34:08 2027 GMT Subject: CN=37F86AA096F027DBE8042F6C2C22EE3F86F5745D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:53:42:30:e7:74:74:b9:a2:d1:ff:92:23:c3: 21:ea:75:55:8f:22:b9:67:71:e3:18:89:63:99:df: b8:74:a5:78:3c:8f:66:f6:45:4d:27:9f:38:22:a3: d9:8f:74:61:46:c3:f6:40:c1:14:60:3e:88:c6:74: 9d:76:25:7e:09:32:d3:9d:f8:a1:b2:07:6b:e3:c3: a9:13:83:4f:19:ce:c8:55:69:64:e6:87:5b:db:d5: c4:eb:2f:a4:44:eb:15:41:f9:78:f3:8e:fb:d7:61: 03:85:e2:b4:15:3f:a3:f0:45:e1:0b:4c:37:b5:a0: 6d:0c:7b:46:87:d0:94:64:ce:cf:85:57:e4:ba:61: ba:dc:8c:5c:d5:1e:f2:0f:12:0c:ab:96:f0:9d:0e: af:f0:c9:8a:99:72:dd:4e:71:9a:97:96:8d:8b:53: 5c:d3:79:36:01:fd:30:09:0d:69:48:d3:6a:99:d6: 53:ed:28:d1:8f:b4:9d:e7:8b:d1:0e:4f:ba:76:56: 99:aa:3b:6f:46:75:e2:e2:ca:00:d8:a1:d9:41:54: 9d:5a:31:7b:e6:7c:7c:26:99:c1:60:f1:24:8b:ca: 77:95:fa:84:05:46:f6:2c:eb:74:ad:f6:8c:28:ae: d0:06:d3:72:70:24:d2:79:c5:08:cc:d4:c1:3f:7d: f8:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:F8:6A:A0:96:F0:27:DB:E8:04:2F:6C:2C:22:EE:3F:86:F5:74:5D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146453.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aedb::/32 Signature Algorithm: sha256WithRSAEncryption 94:bb:d4:42:4b:33:a5:11:ed:3d:10:f9:41:8d:30:c3:ab:b0: db:fe:aa:69:37:65:e8:16:b1:ec:a6:1c:c7:42:f8:a7:66:7c: f0:ad:90:9c:67:67:39:78:98:2c:9a:67:0a:81:88:60:7f:ff: fc:58:5e:65:7b:a9:af:1a:64:20:4a:5b:ab:bd:3f:fa:5f:89: 64:51:1c:db:d2:a8:ba:6c:c9:e9:67:d4:73:68:c7:16:e7:d4: af:56:f4:4f:85:c5:98:8b:32:79:65:5a:3b:b1:3a:10:f6:7a: e2:0d:c4:55:c2:bd:a5:15:b6:2b:c6:3c:0c:42:9f:ba:59:20: ff:ba:c2:cd:8d:f7:77:e9:73:23:75:63:3e:11:bc:0d:8b:9e: 39:47:ec:27:f2:af:26:80:bc:ab:55:85:5b:43:a2:5c:c6:ec: 69:83:6a:b0:e2:58:98:9f:c1:bb:e6:96:7b:7f:31:76:20:7d: 6c:b1:49:64:60:cc:50:b1:15:52:c6:cc:91:99:4e:1f:a3:aa: 95:0c:3a:c5:1a:d9:2e:c0:4f:b4:16:fa:05:f7:46:6f:cd:64: eb:14:ae:52:aa:17:b2:7a:0e:a8:42:b8:9f:9d:97:80:19:85: 5c:00:71:6b:69:6d:34:a0:9f:9f:7c:4e:18:17:be:b6:30:d5: 14:51:c5:2b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZ2MnNQBvUSjoFOvNkQ0PE+o1nyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkwOFoX DTI3MDMwMzA2MzQwOFowMzExMC8GA1UEAxMoMzdGODZBQTA5NkYwMjdEQkU4MDQy RjZDMkMyMkVFM0Y4NkY1NzQ1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlTQjDndHS5otH/kiPDIep1VY8iuWdx4xiJY5nfuHSleDyPZvZFTSefOCKj 2Y90YUbD9kDBFGA+iMZ0nXYlfgky0534obIHa+PDqRODTxnOyFVpZOaHW9vVxOsv pETrFUH5ePOO+9dhA4XitBU/o/BF4QtMN7WgbQx7RofQlGTOz4VX5LphutyMXNUe 8g8SDKuW8J0Or/DJiply3U5xmpeWjYtTXNN5NgH9MAkNaUjTapnWU+0o0Y+0neeL 0Q5PunZWmao7b0Z14uLKANih2UFUnVoxe+Z8fCaZwWDxJIvKd5X6hAVG9izrdK32 jCiu0AbTcnAk0nnFCMzUwT99+HECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ3+Gqg lvAn2+gEL2wsIu4/hvV0XTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rtswDQYJKoZIhvcNAQELBQADggEBAJS71EJLM6UR7T0Q+UGNMMOrsNv+qmk3ZegW seymHMdC+KdmfPCtkJxnZzl4mCyaZwqBiGB///xYXmV7qa8aZCBKW6u9P/pfiWRR HNvSqLpsyeln1HNoxxbn1K9W9E+FxZiLMnllWjuxOhD2euINxFXCvaUVtivGPAxC n7pZIP+6ws2N93fpcyN1Yz4RvA2LnjlH7CfyryaAvKtVhVtDolzG7GmDarDiWJif wbvmlnt/MXYgfWyxSWRgzFCxFVLGzJGZTh+jqpUMOsUa2S7AT7QW+gX3Rm/NZOsU rlKqF7J6DqhCuJ+dl4AZhVwAcWtpbTSgn598ThgXvrYw1RRRxSs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:40 2026 by rpki-client