$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146172.roa File: AS146172.roa (raw, json) Hash identifier: 4kSUTzA42fXjAb60fmgXXTaqJL+IcMcoDcJfdSOMAWM= Subject key identifier: 78:01:9C:41:2B:7E:0A:22:EF:FB:4E:19:F7:76:9C:7A:1F:BD:81:E5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 72A68EBE2D6EDB48004156E0B1407F6BF06F5B56 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146172.roa Signing time: Wed 04 Mar 2026 06:34:41 +0000 ROA not before: Wed 04 Mar 2026 06:29:41 +0000 ROA not after: Wed 03 Mar 2027 06:34:41 +0000 asID: 146172 IP address blocks: 240a:adc2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:a6:8e:be:2d:6e:db:48:00:41:56:e0:b1:40:7f:6b:f0:6f:5b:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:41 2026 GMT Not After : Mar 3 06:34:41 2027 GMT Subject: CN=78019C412B7E0A22EFFB4E19F7769C7A1FBD81E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:04:35:6a:97:35:80:ea:c0:2c:e6:ba:42:e9: 10:2d:82:24:a5:65:4f:cc:c0:07:9b:25:af:5d:5a: f3:b4:72:1d:3a:b1:9b:7a:8c:6f:91:07:9c:92:62: e8:94:01:2c:4f:01:56:8d:2d:09:7b:46:5a:b0:5a: 5e:8d:35:2c:aa:a2:0f:42:fc:95:e4:27:3b:3f:31: 21:b7:a7:ca:ca:a8:80:dd:12:ad:a4:d7:4a:8a:0d: 5b:f0:c6:45:6b:54:b6:4a:8f:66:b9:71:06:ac:4b: 06:33:37:56:96:aa:b0:c5:dc:aa:5e:c0:58:39:34: 10:b2:ef:2d:c2:08:ad:b4:54:5e:26:e5:22:44:25: 59:9c:ae:e2:f2:67:80:e9:cd:e2:5b:0b:a2:0f:21: 4e:e3:95:0d:29:c2:ca:b5:71:71:a5:5e:70:ba:e4: 69:48:94:80:31:8b:5d:65:3d:0f:22:eb:fb:a6:c4: 43:71:3c:df:52:e8:67:8f:d0:08:39:8a:c5:1b:2b: 46:d1:0e:e7:3e:33:c0:1f:8a:38:db:a7:61:01:3d: 6e:71:84:1c:73:d0:97:6b:f5:40:8b:6e:ae:73:f6: d7:63:7f:c9:96:db:a3:70:ea:6c:f0:90:46:5e:77: b4:77:d0:3c:79:65:de:d8:12:af:b7:91:2a:4e:dc: 76:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:01:9C:41:2B:7E:0A:22:EF:FB:4E:19:F7:76:9C:7A:1F:BD:81:E5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146172.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:adc2::/32 Signature Algorithm: sha256WithRSAEncryption 54:f3:06:36:7c:4b:7f:eb:8c:e0:0b:7d:7a:0d:28:7d:cc:fc: bc:16:6f:1c:c8:ef:8f:3a:c4:08:3e:14:d1:10:69:f5:36:59: 0b:0a:56:b8:8e:5a:31:96:66:7c:f6:9c:2e:39:df:88:05:af: 69:16:a9:82:7c:aa:a3:4b:1d:13:0f:90:77:75:58:3b:b5:e9: 3c:7b:74:b6:07:6c:e1:b5:34:ad:cb:b8:bc:af:1f:21:b0:ab: d4:29:a2:06:28:12:1b:29:0f:e3:14:73:25:5f:52:c5:ff:2b: 1c:de:9e:81:e0:05:5f:42:41:c1:aa:72:ac:d4:19:a8:d4:30: 70:8b:12:d7:5b:79:8e:f7:37:2d:5e:02:8d:f1:c5:0d:32:be: b3:cb:33:5b:3c:ac:db:e1:bb:4d:d1:18:20:7a:6b:b9:c0:2a: 1c:42:a9:88:1a:3c:5e:36:f5:83:e8:5a:26:84:07:6d:3c:df: 97:e7:23:db:26:67:0d:62:de:9e:ce:a3:3d:df:f2:7f:2d:74: d1:1b:07:31:28:73:ee:56:a0:81:fe:3e:34:12:5b:f9:69:2c: 22:36:5a:a8:62:bb:b1:76:26:3a:02:58:5a:ed:e5:b3:b4:ee: 5d:12:e8:9e:85:08:71:4c:36:83:67:5a:86:d6:ee:db:e9:cb: 8d:4e:e9:c3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcqaOvi1u20gAQVbgsUB/a/BvW1YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjk0MVoX DTI3MDMwMzA2MzQ0MVowMzExMC8GA1UEAxMoNzgwMTlDNDEyQjdFMEEyMkVGRkI0 RTE5Rjc3NjlDN0ExRkJEODFFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKUENWqXNYDqwCzmukLpEC2CJKVlT8zAB5slr11a87RyHTqxm3qMb5EHnJJi 6JQBLE8BVo0tCXtGWrBaXo01LKqiD0L8leQnOz8xIbenysqogN0SraTXSooNW/DG RWtUtkqPZrlxBqxLBjM3VpaqsMXcql7AWDk0ELLvLcIIrbRUXiblIkQlWZyu4vJn gOnN4lsLog8hTuOVDSnCyrVxcaVecLrkaUiUgDGLXWU9DyLr+6bEQ3E831LoZ4/Q CDmKxRsrRtEO5z4zwB+KONunYQE9bnGEHHPQl2v1QIturnP212N/yZbbo3DqbPCQ Rl53tHfQPHll3tgSr7eRKk7cdjsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR4AZxB K34KIu/7Thn3dpx6H72B5TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjE3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rcIwDQYJKoZIhvcNAQELBQADggEBAFTzBjZ8S3/rjOALfXoNKH3M/LwWbxzI7486 xAg+FNEQafU2WQsKVriOWjGWZnz2nC4534gFr2kWqYJ8qqNLHRMPkHd1WDu16Tx7 dLYHbOG1NK3LuLyvHyGwq9QpogYoEhspD+MUcyVfUsX/KxzenoHgBV9CQcGqcqzU GajUMHCLEtdbeY73Ny1eAo3xxQ0yvrPLM1s8rNvhu03RGCB6a7nAKhxCqYgaPF42 9YPoWiaEB20835fnI9smZw1i3p7Ooz3f8n8tdNEbBzEoc+5WoIH+PjQSW/lpLCI2 Wqhiu7F2JjoCWFrt5bO07l0S6J6FCHFMNoNnWobW7tvpy41O6cM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:37 2026 by rpki-client