$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146008.roa File: AS146008.roa (raw, json) Hash identifier: 0o3Ir6F3ihq4nPnzi7plmOHNfuRlB8gOXWR05EjhBbM= Subject key identifier: 88:49:BC:B7:BA:5D:DA:AB:37:97:FB:09:EE:4B:5F:26:94:8C:6A:77 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3B90CDF7CC9BD1F22845D2B53FA426C27FBAA11B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146008.roa Signing time: Wed 04 Mar 2026 06:30:51 +0000 ROA not before: Wed 04 Mar 2026 06:25:51 +0000 ROA not after: Wed 03 Mar 2027 06:30:51 +0000 asID: 146008 IP address blocks: 240a:ad1e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:90:cd:f7:cc:9b:d1:f2:28:45:d2:b5:3f:a4:26:c2:7f:ba:a1:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:25:51 2026 GMT Not After : Mar 3 06:30:51 2027 GMT Subject: CN=8849BCB7BA5DDAAB3797FB09EE4B5F26948C6A77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:10:89:9f:3a:9c:9c:cd:61:90:21:14:1e:0b: 66:fe:90:f7:1d:3f:e2:90:fd:5e:b7:08:39:c4:0e: b8:da:b1:d5:25:af:86:e0:de:4d:61:77:39:ea:20: 7f:76:35:83:37:cd:e5:4d:31:83:a6:70:be:96:91: d2:b6:e6:e6:7a:d9:4e:c4:b1:2a:46:a6:cb:db:07: d4:8b:69:ab:61:af:da:fc:17:20:c1:e1:79:8e:58: 53:ae:5b:19:dc:24:8d:56:e3:02:a3:94:b1:65:86: d6:cc:8c:05:1b:fa:09:7d:6b:ab:01:ba:7c:bd:4c: 9d:dc:04:ce:3b:37:fc:ae:e1:b7:78:99:61:14:f7: e0:06:06:17:97:7d:7c:57:ce:11:47:1b:e2:bb:b4: aa:15:49:49:02:45:50:96:83:c8:78:6c:90:67:1e: 81:49:5f:33:42:0b:96:a5:ef:0d:3e:74:a4:e8:d7: 86:50:b2:0b:a3:1b:70:b8:af:c5:b0:91:83:7f:a3: f1:a0:48:22:55:da:b3:cb:1e:46:d7:2c:d1:c4:16: 68:6a:18:9b:ef:fe:39:c1:ca:9e:80:52:df:f8:20: 63:e9:dc:8e:d9:ff:9e:0c:56:da:39:0f:d8:44:21: bb:fd:91:96:5d:36:47:39:78:ef:d9:5b:82:bd:22: d3:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:49:BC:B7:BA:5D:DA:AB:37:97:FB:09:EE:4B:5F:26:94:8C:6A:77 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146008.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad1e::/32 Signature Algorithm: sha256WithRSAEncryption d9:69:8e:01:3b:5c:a6:9c:b8:9d:5d:e3:9e:74:f8:f1:48:6f: 51:a0:c3:c3:3c:ac:16:69:a5:55:ea:c4:c9:58:3f:3e:0c:81: b6:54:53:55:ae:d4:60:1f:ff:18:36:ff:37:38:13:02:8e:a1: fb:1d:ae:a2:9b:47:69:28:2c:78:ec:e3:2f:3b:e7:3e:5f:35: 71:91:31:78:6a:c8:b6:7a:6f:f0:3d:9b:91:85:43:b5:c9:2a: 65:bf:17:ac:59:62:ed:58:ef:bf:ce:e8:56:89:2e:33:81:f9: 61:c4:e8:de:31:75:32:47:2c:23:72:d1:1c:ed:82:87:23:8c: 40:1a:eb:9d:ba:2e:62:69:af:28:7b:f2:fb:92:8e:e6:dc:ab: 61:c9:b8:86:b7:1f:cf:94:e7:fb:fb:1a:20:89:db:1d:dc:23: 07:f4:87:50:89:7f:31:6f:12:e9:e2:ee:6c:23:14:3e:b4:8c: 8e:3c:bf:14:2a:c4:ca:90:74:4a:eb:0f:d2:de:97:c6:17:3d: 30:de:36:94:5a:f0:b0:bf:29:a4:e2:f0:8f:03:25:63:8a:18: db:70:01:33:83:41:9b:32:ff:f1:a6:f4:c9:fd:93:26:96:04: e4:ea:9f:44:5b:ef:a4:42:8a:5e:0d:7b:53:e7:39:43:02:e1: be:59:ab:2b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUO5DN98yb0fIoRdK1P6Qmwn+6oRswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjU1MVoX DTI3MDMwMzA2MzA1MVowMzExMC8GA1UEAxMoODg0OUJDQjdCQTVEREFBQjM3OTdG QjA5RUU0QjVGMjY5NDhDNkE3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANUQiZ86nJzNYZAhFB4LZv6Q9x0/4pD9XrcIOcQOuNqx1SWvhuDeTWF3Oeog f3Y1gzfN5U0xg6ZwvpaR0rbm5nrZTsSxKkamy9sH1Itpq2Gv2vwXIMHheY5YU65b GdwkjVbjAqOUsWWG1syMBRv6CX1rqwG6fL1MndwEzjs3/K7ht3iZYRT34AYGF5d9 fFfOEUcb4ru0qhVJSQJFUJaDyHhskGcegUlfM0ILlqXvDT50pOjXhlCyC6MbcLiv xbCRg3+j8aBIIlXas8seRtcs0cQWaGoYm+/+OcHKnoBS3/ggY+ncjtn/ngxW2jkP 2EQhu/2Rll02Rzl479lbgr0i060CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSISby3 ul3aqzeX+wnuS18mlIxqdzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjAwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rR4wDQYJKoZIhvcNAQELBQADggEBANlpjgE7XKacuJ1d4550+PFIb1Ggw8M8rBZp pVXqxMlYPz4MgbZUU1Wu1GAf/xg2/zc4EwKOofsdrqKbR2koLHjs4y875z5fNXGR MXhqyLZ6b/A9m5GFQ7XJKmW/F6xZYu1Y77/O6FaJLjOB+WHE6N4xdTJHLCNy0Rzt gocjjEAa6526LmJpryh78vuSjubcq2HJuIa3H8+U5/v7GiCJ2x3cIwf0h1CJfzFv Euni7mwjFD60jI48vxQqxMqQdErrD9Lel8YXPTDeNpRa8LC/KaTi8I8DJWOKGNtw ATODQZsy//Gm9Mn9kyaWBOTqn0Rb76RCil4Ne1PnOUMC4b5Zqys= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:56 2026 by rpki-client