$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146158.roa File: AS146158.roa (raw, json) Hash identifier: XG9GlHinOEk49i5rDROitnyZxI8Uv4ayVE7EFMfP8T4= Subject key identifier: 3C:A5:FF:93:5B:50:49:B4:44:8F:D2:0E:43:C8:12:2C:08:CA:78:23 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6346D02E93809D08568F079695054ECEC19CF59C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146158.roa Signing time: Wed 04 Mar 2026 06:34:10 +0000 ROA not before: Wed 04 Mar 2026 06:29:10 +0000 ROA not after: Wed 03 Mar 2027 06:34:10 +0000 asID: 146158 IP address blocks: 240a:adb4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:46:d0:2e:93:80:9d:08:56:8f:07:96:95:05:4e:ce:c1:9c:f5:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:10 2026 GMT Not After : Mar 3 06:34:10 2027 GMT Subject: CN=3CA5FF935B5049B4448FD20E43C8122C08CA7823 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:5c:82:79:e5:f2:fc:80:12:c0:a5:10:8a:ab: cf:92:29:e4:15:60:f6:f0:c9:67:d9:4c:00:d3:b9: cc:17:26:dc:20:3e:21:41:b3:8f:7f:19:5a:09:be: 89:b5:a2:6e:6e:b7:cf:1d:d7:85:ae:8d:22:76:ee: de:23:46:4e:e4:9a:9c:12:e3:d0:5a:f8:97:93:b0: 85:ef:03:4c:80:6c:b1:a8:62:1d:3f:7f:35:f5:08: d0:b7:be:00:6d:03:15:71:a6:5e:49:eb:25:47:d1: 5b:c6:ab:f0:d2:7e:3a:89:cf:ec:fe:dd:59:3e:2d: b7:f4:58:0b:8f:8b:dd:2b:4f:95:c1:b2:e5:fd:a9: ae:c3:fb:d9:01:7d:c2:fc:2d:e4:7a:e7:73:25:0a: bc:da:0c:76:42:57:c4:8b:4c:7b:98:cf:98:c6:ac: bf:fe:45:d1:88:cd:46:4f:32:d8:40:ca:ea:41:9b: 37:a4:bd:d9:36:d9:a5:21:53:55:9b:bc:7a:df:64: 87:3b:31:c1:e9:c0:cb:b5:1a:8a:74:12:04:eb:b6: 04:bb:86:30:31:36:40:f6:ae:de:a3:a0:3c:8f:1a: 16:95:b0:fb:05:10:0f:30:18:13:db:76:4c:81:6c: a4:93:08:c6:de:19:b6:e5:5f:dc:da:50:76:91:35: f5:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A5:FF:93:5B:50:49:B4:44:8F:D2:0E:43:C8:12:2C:08:CA:78:23 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146158.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:adb4::/32 Signature Algorithm: sha256WithRSAEncryption db:17:4f:8a:6d:d5:48:3c:87:62:a7:f0:48:ac:24:c1:92:39: ff:1d:4d:05:b5:76:54:76:a8:96:4c:23:fb:1d:6b:7d:7c:a4: 30:78:13:04:36:0d:1f:ad:0b:45:4e:6f:44:d9:27:0f:2c:3b: 5a:a4:39:d2:23:0f:69:4f:be:d0:c9:70:03:51:cf:03:fa:62: cb:cc:12:77:07:66:15:df:9d:7b:42:a6:cb:a8:5b:96:93:c2: f2:de:c8:e9:e6:dc:08:f4:77:fa:77:40:15:e4:3d:59:21:ec: 02:40:0f:91:01:d2:1a:40:d0:9d:58:bd:7c:9a:ed:dc:63:f2: e0:02:2b:9a:f2:e4:47:18:d7:5b:db:24:7f:65:41:eb:95:3e: cf:52:bb:3b:ac:c3:b2:3e:c8:25:f3:6a:0f:b2:05:e5:ae:c0: 27:be:27:f0:03:3b:b5:55:6f:6f:bd:90:4a:2c:fa:f4:e7:16: 90:1c:3e:cf:b1:2e:5d:bc:98:81:c5:b0:19:04:dc:a9:7f:b3: c0:ab:95:3a:8c:32:27:14:89:da:9f:83:67:48:f4:3a:28:24: 46:9f:e0:65:b2:58:04:09:25:b8:03:c4:24:dc:f7:ba:c0:99: 0c:21:47:39:33:66:ef:37:9a:da:d3:0a:d2:a3:6a:23:59:af: 25:c0:e8:cd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUY0bQLpOAnQhWjweWlQVOzsGc9ZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxMFoX DTI3MDMwMzA2MzQxMFowMzExMC8GA1UEAxMoM0NBNUZGOTM1QjUwNDlCNDQ0OEZE MjBFNDNDODEyMkMwOENBNzgyMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKBcgnnl8vyAEsClEIqrz5Ip5BVg9vDJZ9lMANO5zBcm3CA+IUGzj38ZWgm+ ibWibm63zx3Xha6NInbu3iNGTuSanBLj0Fr4l5Owhe8DTIBssahiHT9/NfUI0Le+ AG0DFXGmXknrJUfRW8ar8NJ+OonP7P7dWT4tt/RYC4+L3StPlcGy5f2prsP72QF9 wvwt5HrncyUKvNoMdkJXxItMe5jPmMasv/5F0YjNRk8y2EDK6kGbN6S92TbZpSFT VZu8et9khzsxwenAy7UainQSBOu2BLuGMDE2QPau3qOgPI8aFpWw+wUQDzAYE9t2 TIFspJMIxt4ZtuVf3NpQdpE19RkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ8pf+T W1BJtESP0g5DyBIsCMp4IzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjE1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rbQwDQYJKoZIhvcNAQELBQADggEBANsXT4pt1Ug8h2Kn8EisJMGSOf8dTQW1dlR2 qJZMI/sda318pDB4EwQ2DR+tC0VOb0TZJw8sO1qkOdIjD2lPvtDJcANRzwP6YsvM EncHZhXfnXtCpsuoW5aTwvLeyOnm3Aj0d/p3QBXkPVkh7AJAD5EB0hpA0J1YvXya 7dxj8uACK5ry5EcY11vbJH9lQeuVPs9Suzusw7I+yCXzag+yBeWuwCe+J/ADO7VV b2+9kEos+vTnFpAcPs+xLl28mIHFsBkE3Kl/s8CrlTqMMicUidqfg2dI9DooJEaf 4GWyWAQJJbgDxCTc97rAmQwhRzkzZu83mtrTCtKjaiNZryXA6M0= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:42 2026 by rpki-client