$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146228.roa File: AS146228.roa (raw, json) Hash identifier: gwWwKwoH5pjIpLMkdUZYUYEhiewfF0k0v5O4nSzkmM8= Subject key identifier: B7:14:34:99:4C:9A:1C:BB:70:A0:3B:77:EB:41:52:46:EC:D4:16:3F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3FEFBA1D8228A0E82089D1AC27FF245DA79587A7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146228.roa Signing time: Wed 04 Mar 2026 06:34:04 +0000 ROA not before: Wed 04 Mar 2026 06:29:04 +0000 ROA not after: Wed 03 Mar 2027 06:34:04 +0000 asID: 146228 IP address blocks: 240a:adfa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:ef:ba:1d:82:28:a0:e8:20:89:d1:ac:27:ff:24:5d:a7:95:87:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:04 2026 GMT Not After : Mar 3 06:34:04 2027 GMT Subject: CN=B71434994C9A1CBB70A03B77EB415246ECD4163F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:05:f2:4c:e7:ac:e2:7e:93:99:1e:60:c2:e1: 0b:f3:e3:96:40:18:3c:b3:23:00:5d:7e:fd:6b:33: 88:e3:4e:90:d1:e6:e0:c5:82:b1:1f:b9:0a:b1:df: a3:26:9a:64:9c:36:88:72:54:93:55:5d:44:8f:a8: c0:14:3e:81:b0:b6:18:e5:be:ee:30:97:cc:e6:fa: 56:93:02:94:77:90:0c:50:38:cc:c6:e1:07:5c:01: 22:0b:35:51:90:e1:f4:a9:e0:d2:5e:d5:90:eb:da: 7b:52:69:36:83:16:31:5f:29:3e:1e:18:aa:0c:b6: 33:4f:ae:62:8e:4a:4f:b8:87:65:a3:7e:86:3f:c7: 44:ee:50:53:ac:7e:36:d3:f2:70:d6:a2:64:bc:46: ec:7f:95:98:c5:7f:fe:84:47:fe:bc:eb:13:98:e8: d9:a8:ec:df:3e:95:36:4c:33:de:73:cb:95:a6:22: e5:67:36:09:d1:a6:9e:5c:89:57:72:fb:cf:c7:71: a2:76:f5:4a:90:73:18:03:93:8a:24:39:9c:c7:6f: af:31:26:4a:de:f9:f2:fb:c4:70:2f:74:5b:df:b2: 45:47:ae:84:dc:7c:c1:49:1e:d0:a5:2c:ce:a2:d7: de:a2:7b:bb:e9:ba:90:00:e8:36:ff:3e:5e:4d:f5: 63:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:14:34:99:4C:9A:1C:BB:70:A0:3B:77:EB:41:52:46:EC:D4:16:3F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146228.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:adfa::/32 Signature Algorithm: sha256WithRSAEncryption 46:c4:48:79:8f:c7:ac:2b:8f:0c:ff:a0:6c:c3:9e:2b:cc:7c: 53:98:c5:e6:ac:ce:cc:c0:24:9a:c8:0b:57:19:18:a7:4b:02: 14:26:2c:5c:b1:ff:af:ac:00:7b:f6:32:e6:7f:73:4a:61:de: b8:62:71:6c:ac:a7:e8:48:fd:62:04:bb:9e:d0:b8:e6:9b:93: ad:dc:5c:a2:e5:ca:4a:db:e7:52:ed:a6:ec:0c:5e:d7:96:0b: 4e:74:f6:c4:00:8e:6d:66:f9:dd:1d:fb:f6:c4:ae:a3:56:84: 8b:b4:4c:33:67:98:14:4c:da:f1:f5:6f:2a:fe:49:a9:e4:65: bd:37:b8:0d:ef:8c:35:7b:7e:a2:14:83:93:18:68:c3:83:74: 5c:8b:0f:e7:56:0a:2e:8f:19:5f:4f:7b:27:a6:d4:e9:12:81: e5:a6:55:8f:32:af:ab:64:7b:0b:b3:cd:7c:24:04:49:c9:15: 00:cc:bb:9c:8e:1b:10:5f:c9:6c:e1:0d:ce:9c:9e:c8:e0:67: 2d:b3:6d:f6:bf:b0:f6:ac:ab:4b:77:49:88:a0:26:cc:0c:18: 53:be:bf:9d:af:6d:8c:45:26:a3:ac:11:73:ca:b5:50:bc:6f: 1d:99:72:ec:4e:f9:df:cb:13:89:06:67:7a:a4:5c:56:87:b9: a0:d3:e6:28 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP++6HYIooOggidGsJ/8kXaeVh6cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkwNFoX DTI3MDMwMzA2MzQwNFowMzExMC8GA1UEAxMoQjcxNDM0OTk0QzlBMUNCQjcwQTAz Qjc3RUI0MTUyNDZFQ0Q0MTYzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOMF8kznrOJ+k5keYMLhC/PjlkAYPLMjAF1+/WsziONOkNHm4MWCsR+5CrHf oyaaZJw2iHJUk1VdRI+owBQ+gbC2GOW+7jCXzOb6VpMClHeQDFA4zMbhB1wBIgs1 UZDh9Kng0l7VkOvae1JpNoMWMV8pPh4Yqgy2M0+uYo5KT7iHZaN+hj/HRO5QU6x+ NtPycNaiZLxG7H+VmMV//oRH/rzrE5jo2ajs3z6VNkwz3nPLlaYi5Wc2CdGmnlyJ V3L7z8dxonb1SpBzGAOTiiQ5nMdvrzEmSt758vvEcC90W9+yRUeuhNx8wUke0KUs zqLX3qJ7u+m6kADoNv8+Xk31YxsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS3FDSZ TJocu3CgO3frQVJG7NQWPzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjIyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rfowDQYJKoZIhvcNAQELBQADggEBAEbESHmPx6wrjwz/oGzDnivMfFOYxeaszszA JJrIC1cZGKdLAhQmLFyx/6+sAHv2MuZ/c0ph3rhicWysp+hI/WIEu57QuOabk63c XKLlykrb51LtpuwMXteWC0509sQAjm1m+d0d+/bErqNWhIu0TDNnmBRM2vH1byr+ SankZb03uA3vjDV7fqIUg5MYaMODdFyLD+dWCi6PGV9Peyem1OkSgeWmVY8yr6tk ewuzzXwkBEnJFQDMu5yOGxBfyWzhDc6cnsjgZy2zbfa/sPasq0t3SYigJswMGFO+ v52vbYxFJqOsEXPKtVC8bx2ZcuxO+d/LE4kGZ3qkXFaHuaDT5ig= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:56 2026 by rpki-client