$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146091.roa File: AS146091.roa (raw, json) Hash identifier: sL+JGgQm+gWP4ZhcxBgg6181JnqdMXE/Ih1P2EFZe6Q= Subject key identifier: E0:FD:35:62:48:12:86:1B:C9:98:67:4D:22:71:07:4A:BC:08:3E:EB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7FCE9366E0EB8E2D17A4635A3DAE31368455A6C4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146091.roa Signing time: Wed 04 Mar 2026 06:33:42 +0000 ROA not before: Wed 04 Mar 2026 06:28:42 +0000 ROA not after: Wed 03 Mar 2027 06:33:42 +0000 asID: 146091 IP address blocks: 240a:ad71::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:ce:93:66:e0:eb:8e:2d:17:a4:63:5a:3d:ae:31:36:84:55:a6:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:42 2026 GMT Not After : Mar 3 06:33:42 2027 GMT Subject: CN=E0FD35624812861BC998674D2271074ABC083EEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e7:61:2e:d1:a0:7f:e2:a1:70:f5:a3:71:b9: bd:26:78:ee:c1:4c:a7:3c:dc:cd:f8:c2:5a:b5:a2: 62:80:af:82:ed:b8:d0:f9:d9:fb:ba:e6:20:86:64: 38:43:37:4f:d7:87:07:b9:37:21:ff:5c:c7:e8:53: 57:2c:80:51:5c:50:b3:79:81:79:53:9c:12:12:ab: 31:3d:cb:45:e1:77:02:29:f6:08:d1:b2:ef:4b:05: b0:25:0c:3c:7d:09:4a:e9:8a:01:02:0e:8f:ac:1b: 31:f0:5f:44:6b:f9:da:57:f7:37:21:40:74:a8:1d: e1:d2:04:0c:fb:b5:a7:71:db:79:37:74:02:ca:0f: 47:81:de:05:12:41:c9:fc:92:9b:04:7e:08:7b:72: 8d:00:bf:2b:a8:95:2f:e1:85:36:8b:3a:35:ca:71: e4:ab:21:6d:12:1f:ca:53:1f:ac:37:3b:85:c8:69: 2d:78:ee:f1:02:70:d7:d4:57:dc:a5:93:1e:d7:2e: c3:8a:8e:81:00:27:02:4e:c9:fc:19:c6:57:da:0e: c5:83:cd:d3:56:ee:e0:2c:39:2a:64:42:1e:69:c6: a0:81:0f:d5:53:aa:17:02:0e:74:1e:c2:c3:0a:b3: 86:2c:5d:9f:b9:bc:8a:c2:a4:51:0c:f2:cc:c5:5a: a6:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:FD:35:62:48:12:86:1B:C9:98:67:4D:22:71:07:4A:BC:08:3E:EB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146091.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad71::/32 Signature Algorithm: sha256WithRSAEncryption d4:ef:74:bb:35:16:81:5d:0c:74:d1:fe:d9:62:f1:5f:9c:9a: 49:df:aa:71:2e:66:90:23:cf:85:73:12:ae:37:03:d7:03:26: 9d:e1:8c:db:cb:be:a6:68:71:fb:46:1f:d0:14:01:50:a0:9b: ec:26:92:f2:55:c0:0f:9e:26:11:61:ac:31:51:2b:ec:3c:61: c1:9f:06:c8:3f:c2:b4:bf:ce:d2:37:ca:6b:54:bc:a9:0f:d7: 0d:5d:3a:64:a3:c9:58:99:93:c4:50:dd:54:a0:71:34:c7:7a: e8:de:bb:c5:eb:1a:dc:a1:fe:e6:f3:3d:40:e6:66:15:5e:49: 67:9a:89:a8:03:ac:ea:a1:ec:90:13:f4:57:a0:07:a5:ba:91: 7b:d2:2f:b0:21:bd:db:77:74:38:4a:a9:ea:1d:0c:53:95:fd: b5:27:03:85:a3:55:f0:e2:f7:fe:35:fa:ee:6b:aa:82:af:5a: 64:18:55:db:dd:40:e4:a9:5c:78:e9:2c:12:c9:12:ed:2f:d2: d7:46:07:55:d4:a0:b9:c0:01:5b:f9:2a:4d:eb:46:cb:92:c5: ba:52:b8:24:16:9e:3e:65:83:a6:d8:dd:b0:78:ec:1e:cb:05: dc:ce:93:a0:23:03:22:47:2f:56:cf:2c:af:4e:e1:1c:b2:44: 6c:7d:56:21 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUf86TZuDrji0XpGNaPa4xNoRVpsQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg0MloX DTI3MDMwMzA2MzM0MlowMzExMC8GA1UEAxMoRTBGRDM1NjI0ODEyODYxQkM5OTg2 NzREMjI3MTA3NEFCQzA4M0VFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALrnYS7RoH/ioXD1o3G5vSZ47sFMpzzczfjCWrWiYoCvgu240PnZ+7rmIIZk OEM3T9eHB7k3If9cx+hTVyyAUVxQs3mBeVOcEhKrMT3LReF3Ain2CNGy70sFsCUM PH0JSumKAQIOj6wbMfBfRGv52lf3NyFAdKgd4dIEDPu1p3HbeTd0AsoPR4HeBRJB yfySmwR+CHtyjQC/K6iVL+GFNos6Ncpx5KshbRIfylMfrDc7hchpLXju8QJw19RX 3KWTHtcuw4qOgQAnAk7J/BnGV9oOxYPN01bu4Cw5KmRCHmnGoIEP1VOqFwIOdB7C wwqzhixdn7m8isKkUQzyzMVaplkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTg/TVi SBKGG8mYZ00icQdKvAg+6zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjA5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rXEwDQYJKoZIhvcNAQELBQADggEBANTvdLs1FoFdDHTR/tli8V+cmknfqnEuZpAj z4VzEq43A9cDJp3hjNvLvqZocftGH9AUAVCgm+wmkvJVwA+eJhFhrDFRK+w8YcGf Bsg/wrS/ztI3ymtUvKkP1w1dOmSjyViZk8RQ3VSgcTTHeujeu8XrGtyh/ubzPUDm ZhVeSWeaiagDrOqh7JAT9FegB6W6kXvSL7Ahvdt3dDhKqeodDFOV/bUnA4WjVfDi 9/41+u5rqoKvWmQYVdvdQOSpXHjpLBLJEu0v0tdGB1XUoLnAAVv5Kk3rRsuSxbpS uCQWnj5lg6bY3bB47B7LBdzOk6AjAyJHL1bPLK9O4RyyRGx9ViE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:43 2026 by rpki-client