$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146033.roa File: AS146033.roa (raw, json) Hash identifier: +h5SaE7MeLyaIJqw8xSQN7tbG5KC87lyhAxTnXk13DM= Subject key identifier: 08:54:39:60:7E:9B:B3:36:72:06:18:94:EB:EA:47:35:61:C0:D5:E6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3593A26E43352E0FF368D437BAD27F334EBAB519 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146033.roa Signing time: Wed 04 Mar 2026 06:35:09 +0000 ROA not before: Wed 04 Mar 2026 06:30:09 +0000 ROA not after: Wed 03 Mar 2027 06:35:09 +0000 asID: 146033 IP address blocks: 240a:ad37::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:93:a2:6e:43:35:2e:0f:f3:68:d4:37:ba:d2:7f:33:4e:ba:b5:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:30:09 2026 GMT Not After : Mar 3 06:35:09 2027 GMT Subject: CN=085439607E9BB33672061894EBEA473561C0D5E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b3:b8:cf:bb:d1:af:6a:a3:d9:ea:20:aa:89: a1:0c:26:89:1a:70:df:f8:1a:73:d8:cd:08:f9:28: 61:37:60:31:76:2a:80:2c:80:8c:ca:c6:29:d7:1d: 24:bc:5e:60:29:19:6a:43:fa:f8:91:36:a8:21:4e: 49:6c:f3:e5:29:c8:a9:08:e1:2d:46:0d:c5:83:e3: 89:03:59:a6:3f:f6:96:e5:ea:f1:9e:29:de:f7:1f: 13:05:62:d3:aa:68:35:7c:2f:af:30:b0:39:e5:8c: e2:fd:bd:f3:b9:dc:26:29:23:8c:6a:63:7f:8f:a8: 43:53:f4:35:b4:cf:51:23:f9:6d:ac:54:fb:9c:58: 1d:a2:6e:2d:c1:7f:67:8e:17:9b:29:f7:7c:d4:12: 27:00:35:bd:21:9a:b1:8f:50:9b:27:6a:e8:4a:ca: ed:ab:21:55:f6:82:28:52:79:b5:79:5e:c1:11:f9: c4:ee:27:5b:ae:eb:07:f1:3d:5e:06:6d:fb:16:6a: 57:28:e0:56:2e:e8:5a:a5:a6:02:bc:da:21:94:30: 70:97:b9:82:c4:e7:19:59:1f:d0:88:4e:b8:a8:a6: e0:b1:b2:fc:b9:d7:5f:60:bc:19:ff:e2:55:e2:bb: d4:87:bd:67:82:56:50:16:11:34:25:cf:24:aa:aa: 56:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:54:39:60:7E:9B:B3:36:72:06:18:94:EB:EA:47:35:61:C0:D5:E6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146033.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad37::/32 Signature Algorithm: sha256WithRSAEncryption b2:2f:8f:90:8d:a7:c1:4f:38:af:cb:b7:d2:90:47:d0:4a:15: da:45:96:79:a6:6b:f4:fa:b1:ff:4f:86:1d:fa:81:8f:c7:4a: f7:be:44:17:f2:df:f6:d2:44:98:6e:81:4b:46:56:c8:06:a1: 3f:16:d0:df:b7:b1:bb:3c:b2:93:f3:27:c2:45:d9:d0:22:1f: 40:d7:e7:10:b3:59:87:15:d3:5d:8b:af:be:c1:d8:78:eb:6a: 69:ab:c6:cb:ae:3c:84:34:46:8e:5c:6d:6d:1f:4e:b2:f2:8c: 42:31:6d:ad:0c:80:90:d7:17:f2:f5:8d:0b:c1:ea:59:06:a2: e5:64:ee:3f:c0:9e:96:c1:40:16:6d:c6:77:e3:a2:46:73:ca: f7:c8:bb:77:94:d9:a6:4f:13:23:54:50:3c:f8:ab:0a:6e:06: ab:71:ea:cb:05:b6:33:cb:b0:6c:73:c0:83:d6:fe:b8:a8:22: 9d:8a:96:71:6f:46:bc:c7:d6:c5:c8:a1:98:31:e9:d5:3f:4b: e0:85:1f:93:61:62:34:68:3c:22:c5:aa:5f:d8:7e:b0:07:f6: d9:b9:1c:21:fc:5a:81:14:9c:8c:f4:55:ce:85:82:65:18:a9: e6:99:6e:84:0d:4b:6a:7b:ff:1f:54:a5:33:97:a1:ae:bd:a2: d3:47:43:a7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNZOibkM1Lg/zaNQ3utJ/M066tRkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzAwOVoX DTI3MDMwMzA2MzUwOVowMzExMC8GA1UEAxMoMDg1NDM5NjA3RTlCQjMzNjcyMDYx ODk0RUJFQTQ3MzU2MUMwRDVFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMOzuM+70a9qo9nqIKqJoQwmiRpw3/gac9jNCPkoYTdgMXYqgCyAjMrGKdcd JLxeYCkZakP6+JE2qCFOSWzz5SnIqQjhLUYNxYPjiQNZpj/2luXq8Z4p3vcfEwVi 06poNXwvrzCwOeWM4v2987ncJikjjGpjf4+oQ1P0NbTPUSP5baxU+5xYHaJuLcF/ Z44Xmyn3fNQSJwA1vSGasY9Qmydq6ErK7ashVfaCKFJ5tXlewRH5xO4nW67rB/E9 XgZt+xZqVyjgVi7oWqWmArzaIZQwcJe5gsTnGVkf0IhOuKim4LGy/LnXX2C8Gf/i VeK71Ie9Z4JWUBYRNCXPJKqqVlsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQIVDlg fpuzNnIGGJTr6kc1YcDV5jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjAzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rTcwDQYJKoZIhvcNAQELBQADggEBALIvj5CNp8FPOK/Lt9KQR9BKFdpFlnmma/T6 sf9Phh36gY/HSve+RBfy3/bSRJhugUtGVsgGoT8W0N+3sbs8spPzJ8JF2dAiH0DX 5xCzWYcV012Lr77B2HjrammrxsuuPIQ0Ro5cbW0fTrLyjEIxba0MgJDXF/L1jQvB 6lkGouVk7j/AnpbBQBZtxnfjokZzyvfIu3eU2aZPEyNUUDz4qwpuBqtx6ssFtjPL sGxzwIPW/rioIp2KlnFvRrzH1sXIoZgx6dU/S+CFH5NhYjRoPCLFql/YfrAH9tm5 HCH8WoEUnIz0Vc6FgmUYqeaZboQNS2p7/x9UpTOXoa69otNHQ6c= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:22 2026 by rpki-client