$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146095.roa File: AS146095.roa (raw, json) Hash identifier: QLALbmI0G2EX1lkzf6y+LiFO58qGDfwzdY4s4BLn7f0= Subject key identifier: AC:03:3E:59:EC:78:E2:B8:AB:0C:7B:05:75:87:95:B0:3B:1C:BB:50 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E37D720E2CB22D853B5BFCD284D5A79B45E14F4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146095.roa Signing time: Wed 04 Mar 2026 06:33:33 +0000 ROA not before: Wed 04 Mar 2026 06:28:33 +0000 ROA not after: Wed 03 Mar 2027 06:33:33 +0000 asID: 146095 IP address blocks: 240a:ad75::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:37:d7:20:e2:cb:22:d8:53:b5:bf:cd:28:4d:5a:79:b4:5e:14:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:33 2026 GMT Not After : Mar 3 06:33:33 2027 GMT Subject: CN=AC033E59EC78E2B8AB0C7B05758795B03B1CBB50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:4e:fc:7d:73:15:e0:ce:dc:41:17:d4:05:70: ea:a7:87:9c:0a:42:84:52:0a:cc:0a:40:55:77:58: db:ed:0a:b3:64:c3:6e:e1:0e:ee:9f:25:24:09:47: 3b:62:a3:6b:be:14:24:57:a1:22:6e:bc:70:d8:a0: 13:22:de:af:3c:23:9a:7a:55:07:a9:fd:23:bb:bf: d4:35:92:a1:5e:19:60:b4:f5:fb:ba:a1:3f:e3:ea: a4:e7:46:5a:5e:3d:d7:0e:83:1b:12:f5:30:85:1a: 53:a7:3f:a1:a1:ac:1d:d8:59:be:d1:de:2c:c2:1b: 5b:9c:be:5e:12:1e:ac:d0:98:14:a3:5a:e8:1a:dd: d8:e0:53:39:db:32:a3:93:35:f0:43:75:e0:c8:90: 12:d4:f0:e9:96:c0:3d:8a:4e:91:b5:15:e4:11:30: a1:7f:ec:09:43:d2:61:7d:39:3a:fc:1c:dc:30:95: 54:0f:d7:6f:fa:9a:e9:0f:4d:17:c9:fe:9c:3f:6c: 35:9c:94:11:c0:72:a1:86:3e:05:db:40:5a:2d:81: c1:cd:5e:68:fa:82:18:44:c5:ad:88:59:1b:66:a5: a1:46:3b:cc:ad:9d:b9:8e:01:5a:67:03:9f:a6:c6: 0e:1b:d3:a3:bb:9b:c2:ff:c3:fe:36:1f:50:94:4e: 92:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:03:3E:59:EC:78:E2:B8:AB:0C:7B:05:75:87:95:B0:3B:1C:BB:50 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146095.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad75::/32 Signature Algorithm: sha256WithRSAEncryption ad:e8:f1:d0:22:20:6f:66:fd:1d:56:4a:f4:17:af:61:f9:c7: 8c:95:c2:12:8a:37:36:16:6b:87:3f:d7:bd:3b:c5:3e:39:da: 89:e7:08:7e:41:fc:53:d3:f3:c3:2a:7f:df:aa:1b:21:52:a9: 66:27:d4:11:98:88:4a:c6:16:d5:dd:b1:85:af:da:9c:4e:59: 81:9b:e9:ed:17:8b:db:8f:9c:44:96:8c:5d:9b:13:5e:bb:01: 43:9d:94:58:80:06:3a:69:4f:f4:79:77:f2:ed:b8:0f:08:4d: 6d:82:b1:b8:15:2d:06:ae:96:be:69:5f:f5:cf:dc:64:86:cd: 82:a6:66:37:16:4d:70:0d:26:c6:25:25:e5:99:c6:e4:39:13: 7b:72:23:ab:23:0f:51:4b:5c:08:34:2a:c1:a8:7e:f6:bb:96: c2:df:3f:89:09:de:1b:5a:e3:0d:1c:4e:ef:14:c6:2d:36:39: c9:69:2c:5b:53:4e:0a:79:0e:a8:4b:49:fb:c6:8a:1f:08:a5: 3c:94:65:ea:0c:74:c7:2a:9f:23:4e:4b:d3:73:73:d4:77:e9: a8:3e:4b:cc:4d:e1:ab:c0:80:ab:ec:2a:f9:e1:17:a1:c9:ba: 7b:5f:b0:37:4b:99:6b:e3:36:c5:8d:27:93:37:cc:95:71:55: 9b:36:b1:4b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPjfXIOLLIthTtb/NKE1aebReFPQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjgzM1oX DTI3MDMwMzA2MzMzM1owMzExMC8GA1UEAxMoQUMwMzNFNTlFQzc4RTJCOEFCMEM3 QjA1NzU4Nzk1QjAzQjFDQkI1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIpO/H1zFeDO3EEX1AVw6qeHnApChFIKzApAVXdY2+0Ks2TDbuEO7p8lJAlH O2Kja74UJFehIm68cNigEyLerzwjmnpVB6n9I7u/1DWSoV4ZYLT1+7qhP+PqpOdG Wl491w6DGxL1MIUaU6c/oaGsHdhZvtHeLMIbW5y+XhIerNCYFKNa6Brd2OBTOdsy o5M18EN14MiQEtTw6ZbAPYpOkbUV5BEwoX/sCUPSYX05Ovwc3DCVVA/Xb/qa6Q9N F8n+nD9sNZyUEcByoYY+BdtAWi2Bwc1eaPqCGETFrYhZG2aloUY7zK2duY4BWmcD n6bGDhvTo7ubwv/D/jYfUJROklkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSsAz5Z 7HjiuKsMewV1h5WwOxy7UDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjA5NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rXUwDQYJKoZIhvcNAQELBQADggEBAK3o8dAiIG9m/R1WSvQXr2H5x4yVwhKKNzYW a4c/1707xT452onnCH5B/FPT88Mqf9+qGyFSqWYn1BGYiErGFtXdsYWv2pxOWYGb 6e0Xi9uPnESWjF2bE167AUOdlFiABjppT/R5d/LtuA8ITW2CsbgVLQaulr5pX/XP 3GSGzYKmZjcWTXANJsYlJeWZxuQ5E3tyI6sjD1FLXAg0KsGofva7lsLfP4kJ3hta 4w0cTu8Uxi02OclpLFtTTgp5DqhLSfvGih8IpTyUZeoMdMcqnyNOS9Nzc9R36ag+ S8xN4avAgKvsKvnhF6HJuntfsDdLmWvjNsWNJ5M3zJVxVZs2sUs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:23 2026 by rpki-client