$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146059.roa File: AS146059.roa (raw, json) Hash identifier: yhnf4IqgXzEX+bVkY/fyA8BbhV/RjaNl6p55zEu4Eug= Subject key identifier: BB:5D:F3:91:0F:C0:78:99:A7:05:39:A6:74:86:8E:68:58:5D:4A:89 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 34CB88F3D1859D5BC7EF3D0A9FA8DBC2C58B64E3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146059.roa Signing time: Wed 04 Mar 2026 06:33:42 +0000 ROA not before: Wed 04 Mar 2026 06:28:42 +0000 ROA not after: Wed 03 Mar 2027 06:33:42 +0000 asID: 146059 IP address blocks: 240a:ad51::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:cb:88:f3:d1:85:9d:5b:c7:ef:3d:0a:9f:a8:db:c2:c5:8b:64:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:42 2026 GMT Not After : Mar 3 06:33:42 2027 GMT Subject: CN=BB5DF3910FC07899A70539A674868E68585D4A89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:55:31:f4:d4:9a:c9:ea:28:a3:5d:83:65:a8: 7f:0b:b3:ac:af:50:92:26:49:56:fd:d1:94:21:2e: 15:a1:91:70:a1:70:ce:4b:5b:54:30:69:48:7e:38: 6a:7a:d2:0b:37:3f:ec:e6:da:51:1a:4d:1f:29:b3: f5:2e:3d:72:35:4a:cf:33:4d:c3:2e:10:47:2e:3c: b2:c9:6d:82:2d:28:20:79:09:37:d2:d1:35:8e:41: 32:0a:94:1f:8f:79:b7:9e:7b:32:4a:b4:77:27:eb: 57:02:79:a4:44:26:b4:48:b1:22:60:c5:b5:12:88: 96:f9:e0:fb:ef:3e:41:44:64:5f:d7:b7:e3:5a:d7: 46:9f:8f:92:fe:e1:ef:bd:7a:ca:5d:7f:b2:b6:0e: 51:cc:cf:39:b2:38:68:50:ab:b0:a0:88:2d:be:e2: a3:07:72:f0:78:d0:7e:4b:9c:af:bc:47:2e:7c:03: 14:88:d6:d6:ae:12:c9:43:07:6b:9b:9d:1b:ca:7d: a7:5e:99:3e:d0:8a:57:1c:77:4b:01:63:8d:bb:60: 0b:42:13:40:03:e1:11:1c:25:16:51:8d:a1:0d:22: f1:c1:4a:36:57:38:3b:98:99:f3:a9:e8:51:e0:ed: 09:4e:b6:85:08:c7:bc:19:92:dc:17:8f:9c:ea:c3: 65:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:5D:F3:91:0F:C0:78:99:A7:05:39:A6:74:86:8E:68:58:5D:4A:89 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146059.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad51::/32 Signature Algorithm: sha256WithRSAEncryption 07:22:7e:90:f9:f8:14:3c:35:32:9d:13:42:b1:57:5b:35:e6: 26:22:91:25:d5:f6:9b:9b:59:59:38:e0:fe:5b:0b:e4:e7:e0: 05:0a:44:3e:ab:6b:d5:25:bb:1f:50:d8:cb:11:f8:89:d1:ca: d6:d4:0a:d1:2d:39:f8:28:27:c3:c1:ab:4f:44:47:8f:cf:d7: 1e:48:10:0b:c6:8b:f6:b8:98:a7:ae:7f:be:47:b7:c3:58:37: a4:e3:84:c5:99:4d:bd:67:f0:2b:86:d3:cd:d1:6f:8a:71:f8: 6c:c2:4d:0d:08:5c:e5:be:a5:0d:68:06:7e:25:9b:4d:46:23: 86:07:a4:d7:d9:78:70:83:df:3a:10:81:01:ee:20:2b:91:0e: 34:30:55:c4:41:4a:69:02:90:f9:c4:0a:e1:10:f0:b9:48:ad: d2:5a:db:4c:db:f3:34:7f:86:67:b8:0a:c0:a8:ad:aa:d7:ad: 54:82:24:eb:2a:b7:61:b0:62:ac:b7:f2:f5:8a:9e:2d:66:13: 65:06:bb:d0:9e:b3:48:ab:22:11:30:26:37:3b:36:66:67:bd: a0:87:c7:82:2a:35:89:5e:50:ee:d0:03:2b:19:72:de:fe:0c: 33:ab:1e:1b:aa:fd:86:10:d0:e1:5a:30:61:e3:f4:e7:97:8e: 63:ea:43:cb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNMuI89GFnVvH7z0Kn6jbwsWLZOMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg0MloX DTI3MDMwMzA2MzM0MlowMzExMC8GA1UEAxMoQkI1REYzOTEwRkMwNzg5OUE3MDUz OUE2NzQ4NjhFNjg1ODVENEE4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALNVMfTUmsnqKKNdg2WofwuzrK9QkiZJVv3RlCEuFaGRcKFwzktbVDBpSH44 anrSCzc/7ObaURpNHymz9S49cjVKzzNNwy4QRy48ssltgi0oIHkJN9LRNY5BMgqU H495t557Mkq0dyfrVwJ5pEQmtEixImDFtRKIlvng++8+QURkX9e341rXRp+Pkv7h 7716yl1/srYOUczPObI4aFCrsKCILb7iowdy8HjQfkucr7xHLnwDFIjW1q4SyUMH a5udG8p9p16ZPtCKVxx3SwFjjbtgC0ITQAPhERwlFlGNoQ0i8cFKNlc4O5iZ86no UeDtCU62hQjHvBmS3BePnOrDZbcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS7XfOR D8B4macFOaZ0ho5oWF1KiTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjA1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rVEwDQYJKoZIhvcNAQELBQADggEBAAcifpD5+BQ8NTKdE0KxV1s15iYikSXV9pub WVk44P5bC+Tn4AUKRD6ra9Ulux9Q2MsR+InRytbUCtEtOfgoJ8PBq09ER4/P1x5I EAvGi/a4mKeuf75Ht8NYN6TjhMWZTb1n8CuG083Rb4px+GzCTQ0IXOW+pQ1oBn4l m01GI4YHpNfZeHCD3zoQgQHuICuRDjQwVcRBSmkCkPnECuEQ8LlIrdJa20zb8zR/ hme4CsCorarXrVSCJOsqt2GwYqy38vWKni1mE2UGu9Ces0irIhEwJjc7NmZnvaCH x4IqNYleUO7QAysZct7+DDOrHhuq/YYQ0OFaMGHj9OeXjmPqQ8s= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:20 2026 by rpki-client