$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146124.roa File: AS146124.roa (raw, json) Hash identifier: zZEytgN4KCCeW4l5/btAo5cpcEScXjnT3tjeYx+TgNo= Subject key identifier: 9B:C7:3D:97:B6:54:31:A5:59:94:37:B9:FE:E2:18:29:6B:FF:87:A8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 74A119EABFFB121251916D8D4D3C452CE68F1CED Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146124.roa Signing time: Wed 04 Mar 2026 06:33:45 +0000 ROA not before: Wed 04 Mar 2026 06:28:45 +0000 ROA not after: Wed 03 Mar 2027 06:33:45 +0000 asID: 146124 IP address blocks: 240a:ad92::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:a1:19:ea:bf:fb:12:12:51:91:6d:8d:4d:3c:45:2c:e6:8f:1c:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:45 2026 GMT Not After : Mar 3 06:33:45 2027 GMT Subject: CN=9BC73D97B65431A5599437B9FEE218296BFF87A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:5f:94:58:93:06:e4:f0:04:74:6b:e0:e2:38: 1a:8f:2c:c2:2a:2d:d6:4a:a5:17:da:67:cc:1c:55: f1:d9:ff:c4:ae:cc:9b:e0:b5:d8:e8:db:c9:2d:0a: 6e:2e:8c:de:3d:07:8b:13:7d:a8:a6:bc:e6:b6:f4: e3:d5:fe:26:18:ce:f4:e4:ce:29:85:1f:f9:d0:d2: 5e:61:0c:c4:67:1e:f5:7b:5d:f9:d2:3c:16:7a:ef: 37:db:6c:52:33:20:75:2f:e1:4e:2d:c7:ee:ad:2d: fe:5a:1f:cf:5b:26:41:6d:e9:ff:1f:57:f4:61:32: 9d:be:a9:df:46:c0:6e:ed:25:04:90:14:87:d4:17: 67:2e:92:7a:a9:d2:4e:9c:5d:35:49:7a:9f:3e:35: 36:33:37:bf:c8:ed:41:4b:63:f7:a0:4e:a0:42:64: fc:8b:9b:95:0d:be:43:74:e7:70:1a:6f:62:8e:93: 9f:9f:c7:3d:36:a0:19:2b:aa:e7:2b:d3:34:18:2d: 2d:66:81:f5:9d:85:06:83:01:eb:0f:b7:3b:aa:dd: 30:41:3f:44:5d:d1:d0:7c:f2:8d:8f:0f:72:93:3c: 9a:b3:4d:ba:80:d9:2d:ab:0f:3b:55:ea:33:13:83: 72:d9:2f:0e:ba:a7:0c:28:87:33:d0:5f:ff:19:5c: cc:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:C7:3D:97:B6:54:31:A5:59:94:37:B9:FE:E2:18:29:6B:FF:87:A8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146124.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad92::/32 Signature Algorithm: sha256WithRSAEncryption d6:cb:46:1a:0b:a4:47:d8:65:90:85:af:b2:45:5a:1d:6f:54: 5d:3c:d1:82:ad:68:6e:56:e9:31:f6:a8:ab:e3:0f:bf:24:7a: e7:72:c2:ad:58:0d:d1:58:e6:59:93:38:b3:c7:ec:3a:10:92: 1a:6b:fe:0e:b5:cc:df:85:fa:c1:62:c5:8f:80:47:c8:89:cb: e9:39:ba:46:16:56:70:d2:c3:99:bd:ff:fe:26:25:1b:77:48: 46:ca:67:70:aa:19:02:47:e9:b0:c9:a0:4e:f9:a9:75:c5:62: 18:a8:04:84:54:22:a9:6d:fc:7b:8c:e0:29:33:84:97:1a:ae: 41:3b:a7:0d:bd:b3:78:be:25:e6:59:62:e5:33:00:e5:b2:cc: c2:58:c1:e4:bc:da:18:2c:6f:a3:13:9d:9e:1d:4d:f5:cb:b1: af:4c:6f:99:01:f4:40:3e:9b:ab:41:9b:da:21:88:07:b4:6a: 28:2e:5b:d7:cc:4d:8b:da:2c:2c:6b:3b:65:27:ae:63:73:b3: 3b:cc:5f:e4:07:cc:81:cd:c6:6d:06:11:93:b5:55:d2:be:7b: f4:df:49:05:69:f6:f0:e8:18:29:64:df:ac:5d:5d:6d:d4:07: e9:88:a3:1a:13:7b:8f:a3:a7:72:39:5e:bb:35:d2:18:44:1e: ba:5d:f1:c1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdKEZ6r/7EhJRkW2NTTxFLOaPHO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg0NVoX DTI3MDMwMzA2MzM0NVowMzExMC8GA1UEAxMoOUJDNzNEOTdCNjU0MzFBNTU5OTQz N0I5RkVFMjE4Mjk2QkZGODdBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPdflFiTBuTwBHRr4OI4Go8swiot1kqlF9pnzBxV8dn/xK7Mm+C12OjbyS0K bi6M3j0HixN9qKa85rb049X+JhjO9OTOKYUf+dDSXmEMxGce9Xtd+dI8FnrvN9ts UjMgdS/hTi3H7q0t/lofz1smQW3p/x9X9GEynb6p30bAbu0lBJAUh9QXZy6SeqnS TpxdNUl6nz41NjM3v8jtQUtj96BOoEJk/IublQ2+Q3TncBpvYo6Tn5/HPTagGSuq 5yvTNBgtLWaB9Z2FBoMB6w+3O6rdMEE/RF3R0HzyjY8PcpM8mrNNuoDZLasPO1Xq MxODctkvDrqnDCiHM9Bf/xlczNkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSbxz2X tlQxpVmUN7n+4hgpa/+HqDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjEyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rZIwDQYJKoZIhvcNAQELBQADggEBANbLRhoLpEfYZZCFr7JFWh1vVF080YKtaG5W 6TH2qKvjD78keudywq1YDdFY5lmTOLPH7DoQkhpr/g61zN+F+sFixY+AR8iJy+k5 ukYWVnDSw5m9//4mJRt3SEbKZ3CqGQJH6bDJoE75qXXFYhioBIRUIqlt/HuM4Ckz hJcarkE7pw29s3i+JeZZYuUzAOWyzMJYweS82hgsb6MTnZ4dTfXLsa9Mb5kB9EA+ m6tBm9ohiAe0aiguW9fMTYvaLCxrO2UnrmNzszvMX+QHzIHNxm0GEZO1VdK+e/Tf SQVp9vDoGClk36xdXW3UB+mIoxoTe4+jp3I5Xrs10hhEHrpd8cE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:16 2026 by rpki-client