$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146025.roa File: AS146025.roa (raw, json) Hash identifier: GUh+0KoaLhPf+larufngTgmIhFLPAEaywMTT7uZgYeo= Subject key identifier: A4:45:46:B9:7B:1E:D4:E6:C2:80:51:1D:AC:A5:77:33:5C:C9:45:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6B684DF3B285E9F82718ADEC341A8F93DCA45A0B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146025.roa Signing time: Wed 04 Mar 2026 06:33:58 +0000 ROA not before: Wed 04 Mar 2026 06:28:58 +0000 ROA not after: Wed 03 Mar 2027 06:33:58 +0000 asID: 146025 IP address blocks: 240a:ad2f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:68:4d:f3:b2:85:e9:f8:27:18:ad:ec:34:1a:8f:93:dc:a4:5a:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:58 2026 GMT Not After : Mar 3 06:33:58 2027 GMT Subject: CN=A44546B97B1ED4E6C280511DACA577335CC94597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:9e:25:67:aa:47:d0:13:0d:eb:65:39:36:a6: de:6c:00:c7:89:96:f0:09:f5:30:f4:12:0b:64:8b: 41:15:a1:ac:5a:e7:18:90:6d:9c:bd:14:e6:54:d1: bb:e9:8b:74:63:0b:e9:ec:13:74:81:e7:66:57:7e: 8c:23:e8:a1:6e:10:de:87:29:34:a8:db:27:e2:2d: fe:43:5f:59:dd:c8:1d:87:6a:ac:9a:77:c4:74:8a: d6:1b:2e:26:3e:31:00:e9:5a:4b:50:33:4f:6c:e1: e5:ef:47:b1:91:86:e9:69:09:32:32:87:86:8a:2f: dc:07:70:01:e6:ca:e2:69:9f:bf:4b:2a:6e:9a:9e: fc:c4:b1:5e:99:e2:37:bc:e2:81:f4:28:ab:8d:b0: b6:9f:c5:9f:40:ac:a5:07:88:e9:37:ee:d5:21:10: 90:92:65:2a:67:65:b5:d8:bc:77:2d:04:59:ea:65: 38:d2:4b:e1:d5:06:ad:30:5c:1a:4b:dd:c3:c5:0d: 32:cf:7d:de:bf:14:3c:46:ab:84:c5:34:c5:ba:7b: 6b:f6:46:a0:17:9d:3d:23:bd:2c:bf:57:3e:0c:ba: e5:b0:f4:c2:68:37:25:55:88:67:18:de:aa:ec:e3: 78:bb:25:4e:1a:51:65:2b:cf:3a:17:7d:26:15:d0: a3:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:45:46:B9:7B:1E:D4:E6:C2:80:51:1D:AC:A5:77:33:5C:C9:45:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad2f::/32 Signature Algorithm: sha256WithRSAEncryption 04:ff:1f:6c:96:48:f4:30:de:14:ed:5c:7e:a1:5e:69:da:79: 97:67:c3:e0:83:7e:86:32:d0:58:70:8b:bd:5c:45:b1:06:37: 4c:f3:2c:dd:cd:83:86:0c:af:67:34:3f:92:25:50:d0:8f:03: e7:d3:f9:33:f7:48:c1:47:e5:09:fc:4c:49:0b:0e:0f:28:74: e8:b9:38:e5:de:4f:52:2e:7f:fa:2d:b7:0b:99:f0:20:68:d9: 4c:18:14:95:ef:70:43:eb:55:98:4d:27:8a:4e:15:af:8c:cb: 72:15:87:44:2f:f1:7a:22:bd:3e:91:27:16:74:9d:3e:80:2b: a2:3e:7d:60:61:a3:df:db:df:4a:7d:a3:e0:e1:ca:0e:b5:2f: 53:7c:9a:c9:ab:2a:98:a6:fe:cc:f0:41:72:e4:24:c8:c8:ea: 69:0f:5a:71:6a:c2:e1:a2:b9:cc:fb:21:49:77:7c:c6:74:38: da:79:4b:b7:4f:37:96:26:61:d7:2b:80:ac:25:fc:4e:09:a4: f8:11:d1:43:13:14:2d:de:78:f2:bd:99:6d:a7:6b:00:4d:b7: 6a:c1:d9:cb:17:07:28:d2:fb:1a:f8:13:15:68:17:e1:ae:a4: d6:d6:ac:5c:3f:a9:2f:b1:d9:9c:5d:1e:0b:79:a3:d4:f7:bf: 72:91:0d:85 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUa2hN87KF6fgnGK3sNBqPk9ykWgswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1OFoX DTI3MDMwMzA2MzM1OFowMzExMC8GA1UEAxMoQTQ0NTQ2Qjk3QjFFRDRFNkMyODA1 MTFEQUNBNTc3MzM1Q0M5NDU5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI6eJWeqR9ATDetlOTam3mwAx4mW8An1MPQSC2SLQRWhrFrnGJBtnL0U5lTR u+mLdGML6ewTdIHnZld+jCPooW4Q3ocpNKjbJ+It/kNfWd3IHYdqrJp3xHSK1hsu Jj4xAOlaS1AzT2zh5e9HsZGG6WkJMjKHhoov3AdwAebK4mmfv0sqbpqe/MSxXpni N7zigfQoq42wtp/Fn0CspQeI6Tfu1SEQkJJlKmdltdi8dy0EWeplONJL4dUGrTBc Gkvdw8UNMs993r8UPEarhMU0xbp7a/ZGoBedPSO9LL9XPgy65bD0wmg3JVWIZxje quzjeLslThpRZSvPOhd9JhXQo+8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSkRUa5 ex7U5sKAUR2spXczXMlFlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjAyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rS8wDQYJKoZIhvcNAQELBQADggEBAAT/H2yWSPQw3hTtXH6hXmnaeZdnw+CDfoYy 0Fhwi71cRbEGN0zzLN3Ng4YMr2c0P5IlUNCPA+fT+TP3SMFH5Qn8TEkLDg8odOi5 OOXeT1Iuf/ottwuZ8CBo2UwYFJXvcEPrVZhNJ4pOFa+My3IVh0Qv8XoivT6RJxZ0 nT6AK6I+fWBho9/b30p9o+Dhyg61L1N8msmrKpim/szwQXLkJMjI6mkPWnFqwuGi ucz7IUl3fMZ0ONp5S7dPN5YmYdcrgKwl/E4JpPgR0UMTFC3eePK9mW2nawBNt2rB 2csXByjS+xr4ExVoF+GupNbWrFw/qS+x2ZxdHgt5o9T3v3KRDYU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:04 2026 by rpki-client