$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146028.roa File: AS146028.roa (raw, json) Hash identifier: xXNNKYnTF+xpBO8wwoZ0IbGIQUez0ZhGEYQTRwCgO2Q= Subject key identifier: 7B:9C:6C:85:A8:38:25:4C:F1:50:76:1B:51:42:65:72:4F:9B:40:74 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7FA1F69BAA663A0924BC98BEDE5351988AC30C31 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146028.roa Signing time: Wed 04 Mar 2026 06:34:36 +0000 ROA not before: Wed 04 Mar 2026 06:29:36 +0000 ROA not after: Wed 03 Mar 2027 06:34:36 +0000 asID: 146028 IP address blocks: 240a:ad32::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:a1:f6:9b:aa:66:3a:09:24:bc:98:be:de:53:51:98:8a:c3:0c:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:36 2026 GMT Not After : Mar 3 06:34:36 2027 GMT Subject: CN=7B9C6C85A838254CF150761B514265724F9B4074 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:a3:dd:a8:3c:02:81:0f:ad:a9:3e:fb:8b:84: 7e:dd:5f:67:13:23:93:51:12:4c:ab:df:fd:d1:2c: a8:fe:21:51:a9:9d:8c:24:76:2c:98:32:a7:77:c6: 2f:35:82:a7:c7:e4:f8:84:50:27:9e:7d:c6:65:26: 59:6e:32:95:49:c5:cf:ec:5b:f6:6e:f4:7a:45:8b: 68:d1:b6:d5:0c:97:3c:fd:25:38:f3:b7:6a:a6:0f: 00:9a:74:87:06:e7:f6:3a:2a:e1:76:0d:e3:e7:88: d2:94:5a:98:b8:c6:34:db:fc:93:e5:fc:1c:04:4e: b9:ed:dd:64:92:46:b7:2d:44:b9:17:16:91:d4:82: 4b:81:e3:83:c4:e6:a8:71:d6:2f:91:0b:9b:bf:77: 79:99:76:75:87:95:71:4d:45:57:3e:0e:97:6e:96: a3:46:3b:3a:e8:3a:42:04:d9:f6:0f:53:ab:96:37: 45:02:87:75:8d:12:99:d1:6b:14:a2:21:63:2d:87: 56:eb:02:72:ac:a9:58:61:09:15:ee:8e:59:b9:ea: 13:fc:ab:fa:cf:04:2e:c3:49:93:5e:8b:c3:3d:01: af:18:1d:18:65:30:76:c4:3e:29:e6:3b:30:82:7f: 9f:4a:52:e5:03:40:51:f4:dd:cd:a1:4b:89:e8:75: d6:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:9C:6C:85:A8:38:25:4C:F1:50:76:1B:51:42:65:72:4F:9B:40:74 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146028.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad32::/32 Signature Algorithm: sha256WithRSAEncryption 9a:5d:2d:79:28:5a:46:29:02:0b:5e:3b:14:1a:8e:35:90:12: 48:a8:4a:35:4d:5d:3a:95:4a:42:7a:18:d2:4c:67:d9:04:37: f2:4b:e8:b2:a3:75:91:f8:5a:f9:ee:85:15:b8:0e:ec:f7:78: 31:59:25:59:6b:47:68:04:4f:92:2c:29:01:53:88:1e:a0:6c: 53:5b:6f:4e:11:12:ba:72:dd:d1:0b:f2:43:e2:bd:b5:bb:29: f0:3c:10:e3:46:79:cd:0f:46:63:c1:d8:d5:fb:82:82:9e:75: d6:f9:bb:9e:c9:fc:46:24:16:a6:21:bf:96:d3:a7:20:67:75: 68:b1:ac:dc:ba:e1:26:f1:e2:e2:b2:cd:72:8e:3e:fd:5b:9f: 12:02:d3:98:cc:4f:8d:da:a7:cd:fe:8a:de:3b:ad:e4:05:6f: b4:ed:23:78:0b:8c:88:c1:fc:c9:7b:42:7a:92:c5:a2:db:30: ee:63:61:0f:0f:62:0f:22:83:a7:5d:c5:a3:cb:2a:1a:3e:0b: 0c:dc:31:6c:80:0f:dc:91:2e:2e:73:e8:2a:ad:ef:5b:a7:a3: bc:6a:c3:17:58:b5:8b:7e:c1:48:fb:e0:6c:4f:ef:c4:60:36: 62:63:00:07:64:07:62:d0:1d:70:5e:ba:4a:a3:05:8f:1d:9f: 0a:06:29:cf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUf6H2m6pmOgkkvJi+3lNRmIrDDDEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzNloX DTI3MDMwMzA2MzQzNlowMzExMC8GA1UEAxMoN0I5QzZDODVBODM4MjU0Q0YxNTA3 NjFCNTE0MjY1NzI0RjlCNDA3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALej3ag8AoEPrak++4uEft1fZxMjk1ESTKvf/dEsqP4hUamdjCR2LJgyp3fG LzWCp8fk+IRQJ559xmUmWW4ylUnFz+xb9m70ekWLaNG21QyXPP0lOPO3aqYPAJp0 hwbn9joq4XYN4+eI0pRamLjGNNv8k+X8HAROue3dZJJGty1EuRcWkdSCS4Hjg8Tm qHHWL5ELm793eZl2dYeVcU1FVz4Ol26Wo0Y7Oug6QgTZ9g9Tq5Y3RQKHdY0SmdFr FKIhYy2HVusCcqypWGEJFe6OWbnqE/yr+s8ELsNJk16Lwz0BrxgdGGUwdsQ+KeY7 MIJ/n0pS5QNAUfTdzaFLieh11kkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR7nGyF qDglTPFQdhtRQmVyT5tAdDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjAyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rTIwDQYJKoZIhvcNAQELBQADggEBAJpdLXkoWkYpAgteOxQajjWQEkioSjVNXTqV SkJ6GNJMZ9kEN/JL6LKjdZH4WvnuhRW4Duz3eDFZJVlrR2gET5IsKQFTiB6gbFNb b04RErpy3dEL8kPivbW7KfA8EONGec0PRmPB2NX7goKeddb5u57J/EYkFqYhv5bT pyBndWixrNy64Sbx4uKyzXKOPv1bnxIC05jMT43ap83+it47reQFb7TtI3gLjIjB /Ml7QnqSxaLbMO5jYQ8PYg8ig6ddxaPLKho+CwzcMWyAD9yRLi5z6Cqt71uno7xq wxdYtYt+wUj74GxP78RgNmJjAAdkB2LQHXBeukqjBY8dnwoGKc8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:05 2026 by rpki-client