$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146087.roa File: AS146087.roa (raw, json) Hash identifier: Pa7Sp8TSvBkndX2zwfbi4syYe8tXUKgUPQzE7YxsLDg= Subject key identifier: 7D:21:1B:DC:05:08:EE:CD:45:DD:B2:68:29:2C:70:2B:10:6A:6B:D3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A69402F8293E343FB0CF39E294C763B647A4B38 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146087.roa Signing time: Wed 04 Mar 2026 06:33:39 +0000 ROA not before: Wed 04 Mar 2026 06:28:39 +0000 ROA not after: Wed 03 Mar 2027 06:33:39 +0000 asID: 146087 IP address blocks: 240a:ad6d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:69:40:2f:82:93:e3:43:fb:0c:f3:9e:29:4c:76:3b:64:7a:4b:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:39 2026 GMT Not After : Mar 3 06:33:39 2027 GMT Subject: CN=7D211BDC0508EECD45DDB268292C702B106A6BD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:20:13:45:38:e5:c7:83:9c:6a:8a:52:93:3e: 1f:4b:3e:44:b9:3d:c4:0b:d9:15:f8:9f:a1:ab:8e: b0:6d:ce:7f:75:be:37:3d:53:f7:3b:f1:86:b8:d6: 28:4b:49:b6:6b:7b:09:47:60:15:6c:b7:76:96:79: d5:d3:cd:0b:74:99:7e:cb:22:df:94:47:a5:f1:ce: ee:bd:b5:88:bc:77:31:62:bf:e7:9c:3c:d4:19:2d: a3:a4:50:80:78:4b:58:ac:56:d4:21:2c:55:26:ed: 85:1a:df:74:a6:3e:fa:f4:a8:ef:5b:84:03:f3:b1: e1:f5:f9:5a:23:3c:c1:33:02:e0:a6:71:97:50:d0: 1a:24:6b:19:c5:63:ee:c8:e8:59:8e:9c:e8:c8:aa: de:20:85:6b:ff:36:7f:77:28:66:1e:4c:8a:2d:68: 4b:27:6f:0d:61:db:00:99:38:07:fe:e7:11:3a:d4: 22:70:6f:a2:fa:0f:4d:8b:3b:09:8a:fc:73:05:05: fb:94:d6:54:87:d3:52:d8:dc:8c:10:19:c1:41:c6: 24:e7:60:a2:e8:2a:0c:06:39:ee:de:1e:2d:79:65: e7:1c:11:05:59:9e:57:ff:b3:6d:80:88:ff:f5:1b: 0e:e9:a2:e8:4b:c8:ea:ce:fb:77:c0:3b:5a:2d:49: ea:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:21:1B:DC:05:08:EE:CD:45:DD:B2:68:29:2C:70:2B:10:6A:6B:D3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146087.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad6d::/32 Signature Algorithm: sha256WithRSAEncryption 71:de:17:29:6a:e9:6d:05:87:57:8b:2e:b1:3f:06:d4:6c:d4: cf:62:27:7d:64:53:66:69:99:84:e7:d2:21:e7:19:27:47:c5: 6a:ea:8a:ff:bf:5d:e5:3f:f1:95:26:a7:98:6b:f5:03:9b:3f: ed:4a:f1:b1:df:19:a5:79:b7:09:ea:94:3a:1c:17:e2:f5:c8: b6:ae:ec:75:bf:9b:1f:44:9e:1e:9b:a4:65:e8:b0:5f:5d:fd: 58:0a:73:b6:a4:18:8d:9b:f9:01:5d:61:17:cf:95:e3:15:bd: 0c:30:15:02:f0:c0:6f:4d:37:d4:7b:c2:16:3a:b4:12:69:17: 4e:bf:9b:bd:8d:3e:c7:7c:6d:97:64:27:69:3d:93:06:f7:2b: 39:d6:68:4f:36:75:c9:3d:a1:a8:ea:ae:db:10:1c:bc:b9:54: 26:91:2d:69:0f:17:60:c9:f5:5b:b9:79:7a:bb:cf:5c:f7:e3: 62:c8:cf:87:4a:45:0a:e1:9f:6d:d9:2d:81:a8:36:99:ff:7a: a8:79:a7:26:83:3e:39:5f:ed:a0:95:d9:fc:67:0f:1e:a2:53: 09:7d:e1:f3:36:b3:21:d2:9b:b1:47:71:dd:02:4b:48:79:52: ef:31:87:0b:0b:a8:35:70:36:cb:ba:b8:92:11:25:2d:3d:0c: d8:c3:95:2d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWmlAL4KT40P7DPOeKUx2O2R6SzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjgzOVoX DTI3MDMwMzA2MzMzOVowMzExMC8GA1UEAxMoN0QyMTFCREMwNTA4RUVDRDQ1RERC MjY4MjkyQzcwMkIxMDZBNkJEMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALggE0U45ceDnGqKUpM+H0s+RLk9xAvZFfifoauOsG3Of3W+Nz1T9zvxhrjW KEtJtmt7CUdgFWy3dpZ51dPNC3SZfssi35RHpfHO7r21iLx3MWK/55w81Bkto6RQ gHhLWKxW1CEsVSbthRrfdKY++vSo71uEA/Ox4fX5WiM8wTMC4KZxl1DQGiRrGcVj 7sjoWY6c6Miq3iCFa/82f3coZh5Mii1oSydvDWHbAJk4B/7nETrUInBvovoPTYs7 CYr8cwUF+5TWVIfTUtjcjBAZwUHGJOdgougqDAY57t4eLXll5xwRBVmeV/+zbYCI //UbDumi6EvI6s77d8A7Wi1J6kMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR9IRvc BQjuzUXdsmgpLHArEGpr0zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjA4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rW0wDQYJKoZIhvcNAQELBQADggEBAHHeFylq6W0Fh1eLLrE/BtRs1M9iJ31kU2Zp mYTn0iHnGSdHxWrqiv+/XeU/8ZUmp5hr9QObP+1K8bHfGaV5twnqlDocF+L1yLau 7HW/mx9Enh6bpGXosF9d/VgKc7akGI2b+QFdYRfPleMVvQwwFQLwwG9NN9R7whY6 tBJpF06/m72NPsd8bZdkJ2k9kwb3KznWaE82dck9oajqrtsQHLy5VCaRLWkPF2DJ 9Vu5eXq7z1z342LIz4dKRQrhn23ZLYGoNpn/eqh5pyaDPjlf7aCV2fxnDx6iUwl9 4fM2syHSm7FHcd0CS0h5Uu8xhwsLqDVwNsu6uJIRJS09DNjDlS0= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:13 2026 by rpki-client