$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146089.roa File: AS146089.roa (raw, json) Hash identifier: xD/Mr7EAB+Jw/AOvCJgLnYIFXCtaDfVwTKCE7HinP/k= Subject key identifier: CB:C6:68:83:86:F7:B2:85:58:17:BD:F9:CE:69:11:35:9A:D6:FA:85 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0C6237DF7D6ACBA0DCDAF4034E7DEE563531EE6B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146089.roa Signing time: Wed 04 Mar 2026 06:34:25 +0000 ROA not before: Wed 04 Mar 2026 06:29:25 +0000 ROA not after: Wed 03 Mar 2027 06:34:25 +0000 asID: 146089 IP address blocks: 240a:ad6f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:62:37:df:7d:6a:cb:a0:dc:da:f4:03:4e:7d:ee:56:35:31:ee:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:25 2026 GMT Not After : Mar 3 06:34:25 2027 GMT Subject: CN=CBC6688386F7B2855817BDF9CE6911359AD6FA85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a2:49:a4:b1:7c:9d:98:94:e8:89:51:a0:d1: 69:93:c1:dc:6b:6f:bd:f7:53:94:75:90:83:90:25: f1:7e:7c:b1:2b:00:71:55:a0:50:b5:83:27:dd:29: 18:d1:bb:1d:f7:fc:40:c4:47:b2:59:b7:47:9d:7c: a7:13:1d:8e:0c:56:7d:7b:86:77:91:b3:35:78:8d: f5:7d:02:dc:5a:be:b0:34:77:e4:93:1c:18:55:72: 3b:c1:c3:2e:e5:78:03:57:85:e2:e3:e6:c0:1f:91: 3e:6b:8f:ac:b2:36:5d:94:f0:ef:88:8b:0a:1e:97: 25:8f:d6:5b:16:da:8c:cd:54:d2:3a:65:a3:00:c8: 3d:72:0c:c1:b5:a8:7d:21:cc:28:80:47:89:e4:26: 31:31:12:28:ae:02:71:08:4d:4c:91:d9:c6:72:10: c4:b5:c3:65:b9:3e:59:d5:67:96:3a:4d:c8:47:b0: 04:f3:4e:65:21:77:15:db:22:bc:29:21:b9:e4:32: f9:b3:ca:92:22:82:e4:26:a3:7a:18:26:ed:bf:8c: ea:62:fc:0b:d1:2e:5e:c0:d8:61:19:ca:58:75:0e: 2a:d3:41:a3:90:a6:48:e7:96:d3:95:14:21:53:0f: 74:00:31:47:1b:fc:db:e9:ed:d9:95:f4:52:53:63: 3f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:C6:68:83:86:F7:B2:85:58:17:BD:F9:CE:69:11:35:9A:D6:FA:85 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad6f::/32 Signature Algorithm: sha256WithRSAEncryption 6d:c1:75:84:38:59:2d:56:66:0b:cc:6f:55:1b:4d:87:78:46: 57:55:3a:31:56:cf:aa:4d:43:37:56:3d:a2:6f:8f:a8:d7:3d: 69:57:84:03:c6:97:13:3e:86:67:40:83:6d:40:82:4c:2c:d3: 40:5d:9d:5a:f6:39:7c:63:8d:54:fe:40:66:9f:60:8c:a9:7b: 47:e3:28:27:5e:69:83:d8:22:15:69:d3:82:af:e4:e0:d3:e4: 43:94:30:e1:9a:d6:46:3c:73:84:54:d1:a5:ff:c2:f7:b5:b2: a5:28:0c:25:24:8a:9b:54:7d:81:42:92:0f:47:ff:f1:a1:90: 31:3a:d6:23:78:6a:ca:42:8f:2c:db:41:b8:c6:c2:5a:dd:dc: 48:6f:70:62:b7:05:68:b6:1d:55:4a:8f:87:11:63:ad:35:4f: 3c:86:e3:0a:e3:85:26:2f:74:27:79:53:b5:20:04:c8:3d:e5: 23:8e:d9:96:2b:d6:5b:8b:93:77:c4:a6:a1:9c:70:fd:cf:0a: 73:0c:4b:3c:06:f5:52:a4:c7:e0:22:06:d5:96:39:8d:51:59: d3:3c:a0:da:a4:05:53:9d:b6:73:1a:8a:31:11:24:f0:51:a8: bd:cb:55:3c:05:6e:90:1c:d6:7e:ca:79:4f:83:a8:55:8b:fb: 72:e9:27:9d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDGI3331qy6Dc2vQDTn3uVjUx7mswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkyNVoX DTI3MDMwMzA2MzQyNVowMzExMC8GA1UEAxMoQ0JDNjY4ODM4NkY3QjI4NTU4MTdC REY5Q0U2OTExMzU5QUQ2RkE4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMOiSaSxfJ2YlOiJUaDRaZPB3GtvvfdTlHWQg5Al8X58sSsAcVWgULWDJ90p GNG7Hff8QMRHslm3R518pxMdjgxWfXuGd5GzNXiN9X0C3Fq+sDR35JMcGFVyO8HD LuV4A1eF4uPmwB+RPmuPrLI2XZTw74iLCh6XJY/WWxbajM1U0jplowDIPXIMwbWo fSHMKIBHieQmMTESKK4CcQhNTJHZxnIQxLXDZbk+WdVnljpNyEewBPNOZSF3Fdsi vCkhueQy+bPKkiKC5Cajehgm7b+M6mL8C9EuXsDYYRnKWHUOKtNBo5CmSOeW05UU IVMPdAAxRxv82+nt2ZX0UlNjP1sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTLxmiD hveyhVgXvfnOaRE1mtb6hTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjA4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rW8wDQYJKoZIhvcNAQELBQADggEBAG3BdYQ4WS1WZgvMb1UbTYd4RldVOjFWz6pN QzdWPaJvj6jXPWlXhAPGlxM+hmdAg21Agkws00BdnVr2OXxjjVT+QGafYIype0fj KCdeaYPYIhVp04Kv5ODT5EOUMOGa1kY8c4RU0aX/wve1sqUoDCUkiptUfYFCkg9H //GhkDE61iN4aspCjyzbQbjGwlrd3EhvcGK3BWi2HVVKj4cRY601TzyG4wrjhSYv dCd5U7UgBMg95SOO2ZYr1luLk3fEpqGccP3PCnMMSzwG9VKkx+AiBtWWOY1RWdM8 oNqkBVOdtnMaijERJPBRqL3LVTwFbpAc1n7KeU+DqFWL+3LpJ50= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:07 2026 by rpki-client