$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146126.roa File: AS146126.roa (raw, json) Hash identifier: hkGFC+ZYYCYC87FZ3H+4hMiYrsH/5KlTmCCLhoRS+mk= Subject key identifier: D6:E0:AD:48:BB:7F:FB:7D:50:C4:B0:AA:23:C0:0A:30:6D:BD:66:21 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 43D55CEDC5A74C3E54F379074B740402427BFAFF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146126.roa Signing time: Wed 04 Mar 2026 06:34:30 +0000 ROA not before: Wed 04 Mar 2026 06:29:30 +0000 ROA not after: Wed 03 Mar 2027 06:34:30 +0000 asID: 146126 IP address blocks: 240a:ad94::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d5:5c:ed:c5:a7:4c:3e:54:f3:79:07:4b:74:04:02:42:7b:fa:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:30 2026 GMT Not After : Mar 3 06:34:30 2027 GMT Subject: CN=D6E0AD48BB7FFB7D50C4B0AA23C00A306DBD6621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:60:ef:eb:c3:42:09:c8:56:cb:e3:21:4e:25: 7d:3f:35:6a:52:9d:07:d4:b7:74:5d:05:72:f8:1b: 2b:1b:ab:bd:0d:d8:8f:3c:5a:2f:fa:9e:fb:ae:7e: 1a:72:f5:c2:66:da:05:05:9b:a1:f8:15:b5:5f:5d: 9c:6f:d9:d1:1d:cb:ca:b3:67:6a:1d:1a:b9:fa:23: f5:80:3d:dd:11:64:b0:9f:ba:b2:bb:f9:d7:22:87: 18:d2:1c:30:a0:7c:8e:43:f6:78:bc:11:20:68:03: 6b:6e:bc:d5:e6:ae:2a:8f:c3:45:fb:31:48:a6:15: 0f:69:1c:c0:17:ee:fc:1b:01:95:12:24:68:a5:4c: 8f:4c:37:9c:68:21:27:59:25:90:4d:ec:5d:e7:86: 42:9b:4d:32:6e:58:97:88:f1:08:c1:22:e4:97:f9: f7:00:e9:92:38:bf:ad:75:18:63:d2:3b:a8:4d:29: 99:3a:2c:06:70:18:e7:25:2e:2e:35:78:7d:7b:cd: 95:fd:a4:a6:30:81:c5:e2:9d:84:da:d5:2a:b4:3b: a7:fc:17:74:52:81:a2:1d:70:d0:a1:f4:90:2f:a3: d1:86:92:04:85:8d:a1:99:65:02:fe:2d:83:91:81: 90:dc:11:ed:02:6f:ab:76:8c:96:47:ae:f5:be:75: 72:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:E0:AD:48:BB:7F:FB:7D:50:C4:B0:AA:23:C0:0A:30:6D:BD:66:21 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146126.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad94::/32 Signature Algorithm: sha256WithRSAEncryption 64:b6:52:a9:14:5e:21:3a:63:a0:14:a4:dc:f2:29:c5:db:84: 87:1f:b3:82:98:72:f3:31:ff:6e:71:c1:b4:1d:f0:02:ba:02: 1c:61:22:2f:f9:40:7e:a9:83:aa:ae:16:a7:f6:22:b2:e7:8d: 3f:d7:10:93:80:3a:35:23:be:9f:4f:a4:a1:07:ce:69:0c:07: cf:7c:a8:14:9b:8b:38:c7:cd:c0:c8:ab:c5:bf:4c:e1:1a:14: 92:97:33:4d:48:d3:cc:4f:a7:22:88:a8:c7:2c:ae:de:d0:e3: f8:65:cc:e3:b7:54:56:27:33:86:41:93:5b:8d:d0:86:0f:5d: 84:6d:59:58:d4:d4:e2:76:1f:93:cb:59:a4:07:97:88:7f:36: 92:c5:bb:bd:fd:38:dd:df:e7:b3:a4:21:a5:41:58:e4:0b:46: a0:5b:1a:96:17:25:11:1b:ae:ba:7c:55:73:30:8f:be:fa:42: 5a:da:18:fb:2c:7f:38:70:0b:df:df:40:f9:9f:2e:af:bc:98: 0b:bb:1e:43:47:83:3a:1b:15:65:bb:d4:96:4a:f0:20:e6:4f: 91:50:9a:24:e3:e9:cd:da:d3:14:4c:f0:68:28:20:1c:f6:9d: 8e:53:0f:1e:df:c5:0d:92:ad:ae:e8:a7:27:0b:ff:6f:5a:a7: dd:77:cc:e7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQ9Vc7cWnTD5U83kHS3QEAkJ7+v8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzMFoX DTI3MDMwMzA2MzQzMFowMzExMC8GA1UEAxMoRDZFMEFENDhCQjdGRkI3RDUwQzRC MEFBMjNDMDBBMzA2REJENjYyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKhg7+vDQgnIVsvjIU4lfT81alKdB9S3dF0FcvgbKxurvQ3YjzxaL/qe+65+ GnL1wmbaBQWbofgVtV9dnG/Z0R3LyrNnah0aufoj9YA93RFksJ+6srv51yKHGNIc MKB8jkP2eLwRIGgDa2681eauKo/DRfsxSKYVD2kcwBfu/BsBlRIkaKVMj0w3nGgh J1klkE3sXeeGQptNMm5Yl4jxCMEi5Jf59wDpkji/rXUYY9I7qE0pmTosBnAY5yUu LjV4fXvNlf2kpjCBxeKdhNrVKrQ7p/wXdFKBoh1w0KH0kC+j0YaSBIWNoZllAv4t g5GBkNwR7QJvq3aMlkeu9b51ckkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTW4K1I u3/7fVDEsKojwAowbb1mITAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjEyNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rZQwDQYJKoZIhvcNAQELBQADggEBAGS2UqkUXiE6Y6AUpNzyKcXbhIcfs4KYcvMx /25xwbQd8AK6AhxhIi/5QH6pg6quFqf2IrLnjT/XEJOAOjUjvp9PpKEHzmkMB898 qBSbizjHzcDIq8W/TOEaFJKXM01I08xPpyKIqMcsrt7Q4/hlzOO3VFYnM4ZBk1uN 0IYPXYRtWVjU1OJ2H5PLWaQHl4h/NpLFu739ON3f57OkIaVBWOQLRqBbGpYXJREb rrp8VXMwj776QlraGPssfzhwC9/fQPmfLq+8mAu7HkNHgzobFWW71JZK8CDmT5FQ miTj6c3a0xRM8GgoIBz2nY5TDx7fxQ2Sra7opycL/29ap913zOc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client