$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146487.roa File: AS146487.roa (raw, json) Hash identifier: 0Wr9LzefcJxHtA4YT1eI/HoCtgsxxnAZB8PQKwk1Fss= Subject key identifier: 51:14:C7:9B:F7:33:02:BC:DB:28:08:FF:96:3B:8C:17:9E:EB:D1:BF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 26EDEB136071CE09FB8D6975B64ECB09E6284B30 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146487.roa Signing time: Wed 04 Mar 2026 06:33:59 +0000 ROA not before: Wed 04 Mar 2026 06:28:59 +0000 ROA not after: Wed 03 Mar 2027 06:33:59 +0000 asID: 146487 IP address blocks: 240a:aefd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:ed:eb:13:60:71:ce:09:fb:8d:69:75:b6:4e:cb:09:e6:28:4b:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:59 2026 GMT Not After : Mar 3 06:33:59 2027 GMT Subject: CN=5114C79BF73302BCDB2808FF963B8C179EEBD1BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:85:d0:d9:c0:bd:da:8f:1e:df:47:57:de:f5: 8d:b7:c0:ee:a5:bb:c0:24:15:78:76:af:07:00:f6: a7:fb:74:46:94:a3:a9:9f:ae:f9:9a:b2:ee:70:58: 19:73:20:8d:21:c0:49:ac:ec:b8:9b:32:cf:9f:a3: eb:c0:f0:ba:58:c3:65:cf:b6:98:fb:2b:fb:54:e7: da:d0:28:3b:18:c2:51:40:79:eb:aa:32:b3:84:a9: 5f:f4:b0:a7:c7:23:8e:9c:48:32:5f:b2:0a:91:91: 17:9f:f5:1a:2b:87:94:a4:8a:6d:97:f8:b3:6e:f7: 67:8c:e0:a7:16:2c:1a:44:e0:2b:5d:99:c4:7c:bf: 20:a2:e5:4e:bc:10:e5:3b:c7:6e:b2:be:4b:ed:32: 40:00:9a:ee:9d:29:e1:88:d3:e0:8e:44:1d:12:ec: 1d:9a:d1:43:3b:37:20:e0:36:1c:e0:c9:b6:4f:05: a3:db:23:f6:fd:f5:c9:f1:1b:cc:da:e8:14:38:9b: 62:b3:af:18:60:ca:b7:c2:55:35:28:cb:32:a5:86: f9:87:5f:85:3a:01:6f:38:9d:1b:a4:7c:c0:b7:b3: 83:cd:39:d4:64:b3:14:b5:f2:90:8f:3c:34:30:7a: 13:79:dc:76:c5:72:5d:f1:18:94:1a:8e:99:cd:87: 61:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:14:C7:9B:F7:33:02:BC:DB:28:08:FF:96:3B:8C:17:9E:EB:D1:BF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146487.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aefd::/32 Signature Algorithm: sha256WithRSAEncryption 5f:ef:d2:2c:88:a3:a6:c4:f7:56:95:f1:c0:0f:80:bd:c2:de: 79:0a:0a:72:9c:ba:e6:44:28:84:81:fd:60:bb:a3:58:68:e1: 34:15:3c:69:9a:7d:e8:d0:9c:b9:cd:db:45:b0:82:75:d1:d7: d5:03:f1:2f:d8:42:60:ca:07:c9:50:71:75:48:1c:a7:44:ea: e3:e3:b0:4f:13:d1:1a:be:7d:e3:17:ba:8f:03:d2:b7:b1:b2: d1:da:50:b8:16:37:bb:85:27:bc:36:91:c0:e4:54:e0:89:15: bd:75:fc:21:87:f1:be:0a:ac:f5:67:9a:a8:8d:cf:14:9e:66: 61:29:a4:aa:d5:b3:bf:af:16:43:d3:1d:da:98:3e:02:9a:b3: 94:82:25:0c:ad:9f:b7:28:ee:4e:bc:0f:ee:b9:e2:d9:2c:0b: a9:34:99:e0:a5:c5:44:07:cf:da:50:e3:f6:de:f5:f6:93:d9: a0:5c:9f:3b:a0:47:0b:d5:9c:a5:57:66:23:33:c7:96:62:79: 61:3f:92:79:12:c9:d3:14:8a:b4:8d:ac:21:03:94:de:a3:be: cf:8f:ce:a2:38:e4:3f:6d:ea:f7:0c:b4:75:33:33:a9:1e:79: ef:a0:e9:61:fa:3e:3a:0e:fd:c6:1b:e5:57:cd:f6:56:1b:24: e2:14:50:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJu3rE2Bxzgn7jWl1tk7LCeYoSzAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1OVoX DTI3MDMwMzA2MzM1OVowMzExMC8GA1UEAxMoNTExNEM3OUJGNzMzMDJCQ0RCMjgw OEZGOTYzQjhDMTc5RUVCRDFCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOWF0NnAvdqPHt9HV971jbfA7qW7wCQVeHavBwD2p/t0RpSjqZ+u+Zqy7nBY GXMgjSHASazsuJsyz5+j68DwuljDZc+2mPsr+1Tn2tAoOxjCUUB566oys4SpX/Sw p8cjjpxIMl+yCpGRF5/1GiuHlKSKbZf4s273Z4zgpxYsGkTgK12ZxHy/IKLlTrwQ 5TvHbrK+S+0yQACa7p0p4YjT4I5EHRLsHZrRQzs3IOA2HODJtk8Fo9sj9v31yfEb zNroFDibYrOvGGDKt8JVNSjLMqWG+YdfhToBbzidG6R8wLezg8051GSzFLXykI88 NDB6E3ncdsVyXfEYlBqOmc2HYT8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRRFMeb 9zMCvNsoCP+WO4wXnuvRvzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rv0wDQYJKoZIhvcNAQELBQADggEBAF/v0iyIo6bE91aV8cAPgL3C3nkKCnKcuuZE KISB/WC7o1ho4TQVPGmafejQnLnN20WwgnXR19UD8S/YQmDKB8lQcXVIHKdE6uPj sE8T0Rq+feMXuo8D0rexstHaULgWN7uFJ7w2kcDkVOCJFb11/CGH8b4KrPVnmqiN zxSeZmEppKrVs7+vFkPTHdqYPgKas5SCJQytn7co7k68D+654tksC6k0meClxUQH z9pQ4/be9faT2aBcnzugRwvVnKVXZiMzx5ZieWE/knkSydMUirSNrCEDlN6jvs+P zqI45D9t6vcMtHUzM6keee+g6WH6PjoO/cYb5VfN9lYbJOIUUCk= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:25 2026 by rpki-client