$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146167.roa File: AS146167.roa (raw, json) Hash identifier: rPrpbjAQNy4mO6F4cGKuQVP4h750kZ6Zl+Fldy0FUSo= Subject key identifier: 7E:C2:4F:A1:C4:6B:B7:A6:6C:55:14:9C:D4:D7:A0:34:88:B7:41:66 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 635997C995EA6A2B5EB31E374186B033EB9D80DA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146167.roa Signing time: Wed 04 Mar 2026 06:34:10 +0000 ROA not before: Wed 04 Mar 2026 06:29:10 +0000 ROA not after: Wed 03 Mar 2027 06:34:10 +0000 asID: 146167 IP address blocks: 240a:adbd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:59:97:c9:95:ea:6a:2b:5e:b3:1e:37:41:86:b0:33:eb:9d:80:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:10 2026 GMT Not After : Mar 3 06:34:10 2027 GMT Subject: CN=7EC24FA1C46BB7A66C55149CD4D7A03488B74166 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:cd:92:77:69:0d:1c:2a:50:40:ae:30:3f:28: 4f:c8:83:df:1e:c4:ee:7c:74:3c:84:9f:9f:3c:d5: 6e:cb:b1:cb:c0:a0:90:e9:e9:cb:53:c8:47:2a:ac: be:4b:37:d4:2d:39:17:cf:34:77:cb:04:99:13:a7: b6:c4:00:c4:e7:c9:20:cb:90:d0:9f:8f:05:f4:7b: cd:c9:3c:15:87:48:39:09:a9:b9:05:d8:61:50:59: aa:3a:9e:c4:2a:b0:d3:33:11:b2:e5:ec:33:76:97: 7b:08:f2:0a:a7:87:44:ed:1c:cf:74:3d:78:b4:ec: cb:e7:a8:4e:a1:8d:74:9d:82:11:e9:c4:15:57:19: 9d:3e:40:3b:94:17:9a:19:ae:0f:c0:13:db:45:b8: 43:28:a1:33:ad:37:69:aa:c3:c2:58:da:f9:41:9c: 62:e2:fd:65:6f:9f:61:82:e1:d0:0e:b3:a5:ad:a2: 2b:5e:b3:61:30:35:1d:95:c8:79:36:4e:41:f9:a3: 6b:1a:df:b4:58:84:85:19:81:62:01:ed:94:39:e1: 03:80:89:dd:61:c8:58:9b:ab:db:0e:ee:9b:5c:33: 41:37:9f:f1:7d:20:50:5c:fb:b8:df:ca:84:4a:10: a1:61:35:51:ed:64:89:f4:56:e3:4a:35:d1:7d:e2: 71:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:C2:4F:A1:C4:6B:B7:A6:6C:55:14:9C:D4:D7:A0:34:88:B7:41:66 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146167.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:adbd::/32 Signature Algorithm: sha256WithRSAEncryption d5:f4:76:bc:4c:9c:37:1e:e7:9b:5a:ec:08:b2:68:59:b4:ec: 57:bc:40:eb:2c:e0:77:11:56:3b:05:51:ef:9b:18:55:0d:41: 62:a6:5a:a9:fb:ac:48:09:52:0f:ca:5e:52:ad:98:d4:ff:67: 14:b2:64:a5:b4:f3:26:b9:11:2b:b6:d3:95:fc:29:3a:44:91: d6:78:26:77:e9:5b:8f:c1:87:91:ea:3a:68:03:24:0b:f4:ff: 67:ae:ac:61:d7:32:d5:cd:be:2f:5d:1b:aa:10:71:1c:10:06: 20:6a:d0:f2:c6:d7:a1:4d:94:1e:66:2e:97:4c:e9:d9:a7:f2: 23:03:16:0b:c9:7c:58:60:60:9d:86:2a:64:c4:a4:8b:25:5b: f1:9d:06:95:da:54:1a:2b:32:a4:f4:f7:9f:42:65:d7:de:a3: b9:21:8c:57:09:4c:90:b5:bc:c5:a4:22:3a:fc:f7:56:12:5b: 23:41:7c:d6:32:ca:85:4c:17:9f:59:e2:8c:87:a4:40:de:c1: 26:19:87:b6:25:16:19:a8:53:07:21:12:9e:53:16:d7:5f:dc: 0e:9a:47:ff:94:64:0f:4f:20:3e:28:0e:60:fc:0f:0e:5d:66: 33:04:df:60:cb:98:1d:60:d0:d5:26:c7:b8:5e:9b:6b:62:9c: aa:d1:6a:69 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUY1mXyZXqaitesx43QYawM+udgNowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxMFoX DTI3MDMwMzA2MzQxMFowMzExMC8GA1UEAxMoN0VDMjRGQTFDNDZCQjdBNjZDNTUx NDlDRDREN0EwMzQ4OEI3NDE2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJjNkndpDRwqUECuMD8oT8iD3x7E7nx0PISfnzzVbsuxy8CgkOnpy1PIRyqs vks31C05F880d8sEmROntsQAxOfJIMuQ0J+PBfR7zck8FYdIOQmpuQXYYVBZqjqe xCqw0zMRsuXsM3aXewjyCqeHRO0cz3Q9eLTsy+eoTqGNdJ2CEenEFVcZnT5AO5QX mhmuD8AT20W4QyihM603aarDwlja+UGcYuL9ZW+fYYLh0A6zpa2iK16zYTA1HZXI eTZOQfmjaxrftFiEhRmBYgHtlDnhA4CJ3WHIWJur2w7um1wzQTef8X0gUFz7uN/K hEoQoWE1Ue1kifRW40o10X3icQUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR+wk+h xGu3pmxVFJzU16A0iLdBZjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjE2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rb0wDQYJKoZIhvcNAQELBQADggEBANX0drxMnDce55ta7AiyaFm07Fe8QOss4HcR VjsFUe+bGFUNQWKmWqn7rEgJUg/KXlKtmNT/ZxSyZKW08ya5ESu205X8KTpEkdZ4 JnfpW4/Bh5HqOmgDJAv0/2eurGHXMtXNvi9dG6oQcRwQBiBq0PLG16FNlB5mLpdM 6dmn8iMDFgvJfFhgYJ2GKmTEpIslW/GdBpXaVBorMqT0959CZdfeo7khjFcJTJC1 vMWkIjr891YSWyNBfNYyyoVMF59Z4oyHpEDewSYZh7YlFhmoUwchEp5TFtdf3A6a R/+UZA9PID4oDmD8Dw5dZjME32DLmB1g0NUmx7hem2tinKrRamk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:10 2026 by rpki-client