$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146127.roa File: AS146127.roa (raw, json) Hash identifier: RJEsn61Bs9EXhJEIEX5+aMcRl3kK9Z9fU710oNgHhPU= Subject key identifier: B4:A2:61:1C:9D:7F:BD:3B:64:21:9C:A6:D2:CF:7A:09:EB:A7:18:70 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 490AE7ECD39C99AAA85E7C0A30961DC4FCC1616A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146127.roa Signing time: Wed 04 Mar 2026 06:34:30 +0000 ROA not before: Wed 04 Mar 2026 06:29:30 +0000 ROA not after: Wed 03 Mar 2027 06:34:30 +0000 asID: 146127 IP address blocks: 240a:ad95::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:0a:e7:ec:d3:9c:99:aa:a8:5e:7c:0a:30:96:1d:c4:fc:c1:61:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:30 2026 GMT Not After : Mar 3 06:34:30 2027 GMT Subject: CN=B4A2611C9D7FBD3B64219CA6D2CF7A09EBA71870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8b:c4:c0:d1:fd:46:7e:7d:1a:c8:4e:11:6d: 2b:fa:46:20:f8:2b:40:e3:73:ee:0b:de:11:92:95: f6:5f:ab:c4:f5:43:f0:77:f7:d6:58:13:5e:34:b9: 8b:fb:e6:f5:05:ac:a1:aa:72:b7:b5:10:85:fe:2c: 5b:9a:6f:3e:20:57:ea:55:65:5f:87:80:c3:c8:74: bf:c9:4a:b6:a0:96:07:11:7a:67:28:dc:82:eb:46: 5f:3a:87:d7:76:dd:98:d2:58:7e:22:04:c2:9d:fa: 6a:9a:9b:f4:05:6f:17:48:6a:7d:67:1a:47:fe:71: 9a:c1:ff:96:6b:ed:b2:67:51:94:e2:9e:25:92:21: bc:05:17:fe:9a:ae:e0:95:29:dc:bb:18:90:2f:28: bc:3e:8a:67:a0:42:18:1a:21:cf:12:38:a0:bd:b8: 91:47:cf:7d:ef:a8:3b:50:19:a5:0b:4e:e1:3b:45: cb:b7:4b:22:7c:c1:f7:67:c4:3a:8f:34:c5:34:af: 55:12:1c:89:e8:7c:9d:a2:4d:f3:6b:81:58:a7:a8: 2a:72:ce:1a:6d:75:6f:0b:5a:bc:fc:61:9b:39:bc: 63:86:cf:0b:64:9b:a0:42:13:31:ce:37:8d:54:31: ab:eb:b9:3a:35:a4:34:74:ea:ed:15:ac:ac:0c:76: ef:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:A2:61:1C:9D:7F:BD:3B:64:21:9C:A6:D2:CF:7A:09:EB:A7:18:70 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146127.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ad95::/32 Signature Algorithm: sha256WithRSAEncryption 79:04:25:b5:ca:d9:9b:83:05:d6:2a:f6:3e:21:73:5d:d4:96: be:61:c4:da:9a:3c:82:f6:f4:ab:cd:e5:48:5a:be:41:9f:16: 01:4f:84:a5:34:6a:72:90:ac:ec:76:24:bd:e9:61:31:22:f8: b5:5c:cd:84:9b:c2:0c:92:10:72:e8:a7:f0:27:04:eb:65:ae: 04:f8:fb:e0:3d:21:e2:bb:d3:51:8e:69:05:90:cb:3b:e0:53: 59:4d:62:f5:ac:23:48:55:2d:95:db:f9:69:25:23:da:17:66: 10:48:47:06:08:fe:c7:e0:a5:53:03:9e:a1:08:ec:b2:8d:e2: 4f:02:2d:9a:7f:83:fd:0b:48:70:04:c1:8c:48:04:b8:4b:db: 51:fc:7e:87:fc:38:c1:6c:62:85:89:b1:b4:ac:b5:d7:a2:1f: a0:8e:13:02:86:1d:2b:ba:e4:7d:a4:3f:a2:ab:d5:9d:b1:41: 08:60:ad:7a:ec:fb:50:94:db:85:a4:c5:5c:d0:f9:c9:e8:40: a5:7f:63:20:b8:3d:14:91:ae:57:3f:73:90:ef:53:56:ae:79: d1:53:b6:44:d0:46:0c:7a:d3:97:34:a4:9e:d0:0e:7a:4e:61: 35:24:70:0e:73:4d:b2:97:0f:dc:f9:27:4a:d5:66:6a:d8:73: 7a:2a:77:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSQrn7NOcmaqoXnwKMJYdxPzBYWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzMFoX DTI3MDMwMzA2MzQzMFowMzExMC8GA1UEAxMoQjRBMjYxMUM5RDdGQkQzQjY0MjE5 Q0E2RDJDRjdBMDlFQkE3MTg3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKLxMDR/UZ+fRrIThFtK/pGIPgrQONz7gveEZKV9l+rxPVD8Hf31lgTXjS5 i/vm9QWsoapyt7UQhf4sW5pvPiBX6lVlX4eAw8h0v8lKtqCWBxF6ZyjcgutGXzqH 13bdmNJYfiIEwp36apqb9AVvF0hqfWcaR/5xmsH/lmvtsmdRlOKeJZIhvAUX/pqu 4JUp3LsYkC8ovD6KZ6BCGBohzxI4oL24kUfPfe+oO1AZpQtO4TtFy7dLInzB92fE Oo80xTSvVRIcieh8naJN82uBWKeoKnLOGm11bwtavPxhmzm8Y4bPC2SboEITMc43 jVQxq+u5OjWkNHTq7RWsrAx271UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS0omEc nX+9O2QhnKbSz3oJ66cYcDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjEyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rZUwDQYJKoZIhvcNAQELBQADggEBAHkEJbXK2ZuDBdYq9j4hc13Ulr5hxNqaPIL2 9KvN5UhavkGfFgFPhKU0anKQrOx2JL3pYTEi+LVczYSbwgySEHLop/AnBOtlrgT4 ++A9IeK701GOaQWQyzvgU1lNYvWsI0hVLZXb+WklI9oXZhBIRwYI/sfgpVMDnqEI 7LKN4k8CLZp/g/0LSHAEwYxIBLhL21H8fof8OMFsYoWJsbSstdeiH6COEwKGHSu6 5H2kP6Kr1Z2xQQhgrXrs+1CU24WkxVzQ+cnoQKV/YyC4PRSRrlc/c5DvU1auedFT tkTQRgx605c0pJ7QDnpOYTUkcA5zTbKXD9z5J0rVZmrYc3oqd+4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:17 2026 by rpki-client