$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146225.roa File: AS146225.roa (raw, json) Hash identifier: s3L4DViCtVwFJJaAvmlCEjPvesjnicxpPOKFITXrktU= Subject key identifier: DF:FB:44:53:AC:5B:37:53:2C:BB:36:78:88:D8:6F:B3:22:FB:AF:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 052ADD1166A4CB24956D33E83C660B1DDFA1509F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146225.roa Signing time: Wed 04 Mar 2026 06:34:49 +0000 ROA not before: Wed 04 Mar 2026 06:29:49 +0000 ROA not after: Wed 03 Mar 2027 06:34:49 +0000 asID: 146225 IP address blocks: 240a:adf7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:2a:dd:11:66:a4:cb:24:95:6d:33:e8:3c:66:0b:1d:df:a1:50:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:49 2026 GMT Not After : Mar 3 06:34:49 2027 GMT Subject: CN=DFFB4453AC5B37532CBB367888D86FB322FBAF34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3e:cf:bd:46:ec:08:16:a7:7c:25:40:b7:c0: 2e:d4:ae:d2:2d:43:2c:67:20:ff:43:d2:ac:3d:3b: 89:51:27:20:2b:af:c1:b1:4c:05:eb:ae:e9:0e:9d: b0:b8:ba:28:14:6e:26:40:fe:53:87:54:42:56:36: 2d:1d:d3:cc:3a:b0:be:5f:da:d8:62:7f:a6:bc:95: d2:bb:8c:9f:a1:25:b9:49:49:ce:48:1b:56:cb:4c: ad:ec:81:29:bc:c7:97:25:b9:7f:69:84:9f:a3:70: 65:22:a2:ea:41:b8:7c:b6:22:c4:e4:cd:92:58:53: 52:26:ef:be:59:50:89:9b:e9:8d:84:83:13:98:9e: 62:65:1d:2a:e1:3d:58:c7:4e:de:89:57:d1:80:b5: 26:17:3f:4d:28:0d:1c:27:0d:9a:9d:77:e2:13:aa: 87:b9:b7:03:b0:ee:10:39:98:05:3f:7c:af:82:f0: 1e:29:94:e0:9f:61:47:6c:4c:f6:cf:1f:65:a9:c2: d6:f6:d5:72:d2:22:03:4d:97:25:ff:c8:ea:2c:fa: 51:69:22:c5:c0:13:f5:ba:9b:74:a7:1a:49:77:bc: 02:7e:d5:c5:41:dc:78:f4:4a:e7:52:a1:4f:80:11: d1:cc:92:f3:18:fd:04:96:24:95:11:1c:0f:72:21: 7e:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:FB:44:53:AC:5B:37:53:2C:BB:36:78:88:D8:6F:B3:22:FB:AF:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146225.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:adf7::/32 Signature Algorithm: sha256WithRSAEncryption a7:ea:bd:96:0a:63:ed:de:f3:e1:e1:2b:f6:05:4b:2d:87:30: a3:96:19:18:2f:cb:76:fa:5c:e5:31:39:fc:c8:ac:b4:00:59: 61:4d:b1:7c:a7:5f:5e:c3:30:96:7e:f0:75:be:ee:4d:aa:93: f0:f2:00:84:96:a9:b5:eb:37:9a:8e:04:80:f8:d9:f6:93:ef: 17:c7:01:0b:68:06:83:4d:82:ef:1c:71:2b:2d:88:61:76:e9: fe:ac:42:d2:af:14:f6:09:07:db:8d:e1:12:47:a4:e9:e7:7b: c7:f1:bd:37:81:9f:04:43:76:26:3b:98:76:b5:0c:ca:0a:69: 67:f9:cb:6c:a4:40:08:f8:4f:6e:25:db:eb:cb:cb:2a:f3:78: 28:16:22:72:02:af:30:43:99:72:3e:85:5d:10:8a:c0:7b:bf: c2:e3:ef:ae:f7:05:a6:a9:00:74:23:f6:ce:53:5d:1c:d0:5a: a2:cb:da:7b:53:ea:06:b0:d4:bf:c5:6c:b2:85:13:16:d9:7d: ac:40:6e:c0:0c:29:c6:cb:cb:ab:0e:06:8a:53:73:26:2a:d4: fd:4f:ea:7f:31:36:8a:12:41:c7:c5:5c:4e:90:35:fb:4c:f0: 7f:a1:65:fc:af:84:5b:4e:5f:16:32:64:85:04:a0:ae:1c:4c: 09:89:56:c2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBSrdEWakyySVbTPoPGYLHd+hUJ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjk0OVoX DTI3MDMwMzA2MzQ0OVowMzExMC8GA1UEAxMoREZGQjQ0NTNBQzVCMzc1MzJDQkIz Njc4ODhEODZGQjMyMkZCQUYzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMI+z71G7AgWp3wlQLfALtSu0i1DLGcg/0PSrD07iVEnICuvwbFMBeuu6Q6d sLi6KBRuJkD+U4dUQlY2LR3TzDqwvl/a2GJ/pryV0ruMn6EluUlJzkgbVstMreyB KbzHlyW5f2mEn6NwZSKi6kG4fLYixOTNklhTUibvvllQiZvpjYSDE5ieYmUdKuE9 WMdO3olX0YC1Jhc/TSgNHCcNmp134hOqh7m3A7DuEDmYBT98r4LwHimU4J9hR2xM 9s8fZanC1vbVctIiA02XJf/I6iz6UWkixcAT9bqbdKcaSXe8An7VxUHcePRK51Kh T4AR0cyS8xj9BJYklREcD3Ihfq0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTf+0RT rFs3Uyy7NniI2G+zIvuvNDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjIyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rfcwDQYJKoZIhvcNAQELBQADggEBAKfqvZYKY+3e8+HhK/YFSy2HMKOWGRgvy3b6 XOUxOfzIrLQAWWFNsXynX17DMJZ+8HW+7k2qk/DyAISWqbXrN5qOBID42faT7xfH AQtoBoNNgu8ccSstiGF26f6sQtKvFPYJB9uN4RJHpOnne8fxvTeBnwRDdiY7mHa1 DMoKaWf5y2ykQAj4T24l2+vLyyrzeCgWInICrzBDmXI+hV0QisB7v8Lj7673Baap AHQj9s5TXRzQWqLL2ntT6gaw1L/FbLKFExbZfaxAbsAMKcbLy6sOBopTcyYq1P1P 6n8xNooSQcfFXE6QNftM8H+hZfyvhFtOXxYyZIUEoK4cTAmJVsI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:33 2026 by rpki-client