$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146029.roa File: AS146029.roa (raw, json) Hash identifier: 5APLcg55u0cqytVzjb3KH7s3Ma8UhjH/U7y+oUDOQJM= Subject key identifier: 43:3F:B7:E3:2A:9A:A8:3F:0F:F1:C4:D8:3A:25:62:1B:28:48:7E:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2FCAA10690BAB946448CFCD382FE68BA2BF19C2E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146029.roa Signing time: Wed 04 Mar 2026 06:34:55 +0000 ROA not before: Wed 04 Mar 2026 06:29:55 +0000 ROA not after: Wed 03 Mar 2027 06:34:55 +0000 asID: 146029 IP address blocks: 240a:ad33::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:ca:a1:06:90:ba:b9:46:44:8c:fc:d3:82:fe:68:ba:2b:f1:9c:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:55 2026 GMT Not After : Mar 3 06:34:55 2027 GMT Subject: CN=433FB7E32A9AA83F0FF1C4D83A25621B28487E34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:ca:59:58:07:94:15:1b:96:27:cc:63:56:5c: 17:3b:4f:d3:86:b2:c2:b6:28:be:d0:b5:3a:63:fb: 0c:74:34:16:d4:cf:78:0e:da:dd:fe:7a:b9:2d:96: 26:f6:db:f2:d1:e5:a7:3b:9c:51:6e:5c:d6:06:50: e4:11:b0:1f:5c:05:0f:e0:00:30:9d:39:7e:9b:f9: f5:f7:df:c9:d0:22:a8:03:e9:76:8e:a2:46:06:37: 0e:a8:f3:10:e5:47:c5:1e:9f:18:c0:80:55:4b:17: e2:61:e3:39:fc:97:10:84:97:3a:f1:9e:e7:11:45: 84:c8:64:99:c5:8e:1c:05:f2:af:5b:fd:88:e3:f6: 70:e3:45:a7:85:41:dd:59:83:9f:5d:99:19:d5:46: 4f:cb:9a:57:9c:36:fe:cd:dd:4e:f2:b5:20:b7:e6: 1f:d0:dd:4f:26:2b:4b:7b:bf:3b:53:d8:2e:92:fe: 36:4b:85:1f:eb:e4:8b:6a:e0:35:25:e3:57:d2:da: 3b:b0:fc:66:fe:6f:07:29:24:21:c0:27:25:d7:cb: eb:f9:2b:11:b1:5e:02:c3:9e:da:1b:d3:f8:0d:f5: 40:12:b8:30:b2:6a:0a:7d:47:81:f7:2a:f1:84:f6: f6:b6:cf:70:7c:03:5c:c1:e3:a9:2b:7a:23:eb:28: 85:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:3F:B7:E3:2A:9A:A8:3F:0F:F1:C4:D8:3A:25:62:1B:28:48:7E:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146029.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad33::/32 Signature Algorithm: sha256WithRSAEncryption c7:ae:c4:3d:8b:d9:fb:a6:a3:3f:31:77:74:98:21:5e:bf:b3: ab:f2:3a:49:e5:9d:62:6e:cb:8d:55:dc:2a:3f:5d:03:11:b7: 6f:10:f7:20:fd:b9:6b:3d:8e:a8:f1:f0:f0:b2:d8:ce:7f:33: fb:30:53:7b:83:12:74:c1:6e:1a:48:c7:62:56:46:ee:9e:78: 81:8d:e3:1d:01:35:e6:77:b7:ba:54:e7:69:90:7c:80:34:59: fb:9c:33:0b:7e:97:fb:b7:ea:f9:d9:1e:9c:b5:a6:75:64:16: ef:a3:8b:3e:22:58:b9:0d:c5:a7:e5:e2:e9:e7:a4:5e:46:fa: d6:8c:13:37:6d:b6:4a:4d:07:34:a8:5d:47:b7:bb:7e:e2:b5: cd:f7:b2:e7:32:cf:e3:af:f2:8a:b9:fb:d4:f4:ee:bd:4d:42: a2:d8:aa:e1:60:03:d5:58:d2:e4:ed:b0:b7:91:0f:a3:f8:72: 58:b6:a6:d4:e7:11:13:82:d8:a8:67:20:d7:ae:20:9c:d8:06: 87:23:74:c6:b1:a3:f2:89:01:0d:f2:e4:e8:5d:f2:b8:90:3f: 8b:87:53:0b:db:26:c8:7b:f0:0c:c0:25:59:26:a1:6d:73:8e: 35:58:c4:46:2b:01:55:d5:97:39:a6:37:00:08:18:a1:27:e8: d8:d0:2a:19 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL8qhBpC6uUZEjPzTgv5ouivxnC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjk1NVoX DTI3MDMwMzA2MzQ1NVowMzExMC8GA1UEAxMoNDMzRkI3RTMyQTlBQTgzRjBGRjFD NEQ4M0EyNTYyMUIyODQ4N0UzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAODKWVgHlBUblifMY1ZcFztP04aywrYovtC1OmP7DHQ0FtTPeA7a3f56uS2W Jvbb8tHlpzucUW5c1gZQ5BGwH1wFD+AAMJ05fpv59fffydAiqAPpdo6iRgY3Dqjz EOVHxR6fGMCAVUsX4mHjOfyXEISXOvGe5xFFhMhkmcWOHAXyr1v9iOP2cONFp4VB 3VmDn12ZGdVGT8uaV5w2/s3dTvK1ILfmH9DdTyYrS3u/O1PYLpL+NkuFH+vki2rg NSXjV9LaO7D8Zv5vBykkIcAnJdfL6/krEbFeAsOe2hvT+A31QBK4MLJqCn1Hgfcq 8YT29rbPcHwDXMHjqSt6I+sohfcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRDP7fj KpqoPw/xxNg6JWIbKEh+NDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjAyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rTMwDQYJKoZIhvcNAQELBQADggEBAMeuxD2L2fumoz8xd3SYIV6/s6vyOknlnWJu y41V3Co/XQMRt28Q9yD9uWs9jqjx8PCy2M5/M/swU3uDEnTBbhpIx2JWRu6eeIGN 4x0BNeZ3t7pU52mQfIA0WfucMwt+l/u36vnZHpy1pnVkFu+jiz4iWLkNxafl4unn pF5G+taMEzdttkpNBzSoXUe3u37itc33sucyz+Ov8oq5+9T07r1NQqLYquFgA9VY 0uTtsLeRD6P4cli2ptTnEROC2KhnINeuIJzYBocjdMaxo/KJAQ3y5Ohd8riQP4uH UwvbJsh78AzAJVkmoW1zjjVYxEYrAVXVlzmmNwAIGKEn6NjQKhk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:43 2026 by rpki-client