$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146243.roa File: AS146243.roa (raw, json) Hash identifier: oGPXpObBRT0DkF8xFKI7KQU0jXRpMrWPwvp4CeaI+c8= Subject key identifier: 8E:79:80:F8:4C:0B:85:7F:A5:0D:0C:E8:E6:53:C6:D8:5C:1F:7E:63 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 083D96F5C62060C16F994C178A620E4E399C2408 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146243.roa Signing time: Wed 04 Mar 2026 06:33:52 +0000 ROA not before: Wed 04 Mar 2026 06:28:52 +0000 ROA not after: Wed 03 Mar 2027 06:33:52 +0000 asID: 146243 IP address blocks: 240a:ae09::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:3d:96:f5:c6:20:60:c1:6f:99:4c:17:8a:62:0e:4e:39:9c:24:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:52 2026 GMT Not After : Mar 3 06:33:52 2027 GMT Subject: CN=8E7980F84C0B857FA50D0CE8E653C6D85C1F7E63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:e2:45:6b:9b:47:b2:9e:af:67:c2:85:88:fe: 6f:07:6c:b0:d5:40:8a:06:0a:a2:8a:77:ca:2c:f0: a8:01:f4:2b:5c:2e:4c:7c:d0:a0:f0:ff:9f:a9:ca: 4e:d4:a2:67:a7:a2:c0:72:a1:e9:e5:96:18:4e:11: fc:ce:cd:be:77:50:e7:2d:2b:0d:e1:05:87:a6:0f: 58:76:b8:f3:c6:b3:c2:8c:b8:e4:32:b9:e1:c2:be: 28:cc:24:6a:03:bc:40:b2:ca:c7:39:92:1a:42:a6: 95:cb:49:51:c3:c0:e6:83:69:7b:f4:0b:26:95:a8: 3c:db:ff:a3:d6:1b:a5:2a:92:74:aa:25:fd:df:00: 65:f0:96:2a:57:07:e0:1b:59:3d:65:92:c7:56:1d: 97:c1:da:8b:7f:be:18:ba:9a:b9:3d:14:ca:a1:09: b7:bb:fc:e7:e0:ec:b6:54:39:d0:5a:3d:ca:56:51: fb:70:5b:d5:59:17:c0:a9:07:93:0d:76:17:0b:53: 6f:77:fd:c6:b5:8c:fa:2b:1c:86:08:17:4e:7a:c4: 37:dc:34:d3:31:a2:22:c1:53:43:48:b6:97:11:3a: c6:28:e8:35:76:95:34:e0:fb:19:94:1b:4c:75:3e: 7a:8d:cd:a1:fd:26:68:37:c8:c9:b6:7f:64:ab:1b: 91:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:79:80:F8:4C:0B:85:7F:A5:0D:0C:E8:E6:53:C6:D8:5C:1F:7E:63 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146243.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae09::/32 Signature Algorithm: sha256WithRSAEncryption d3:dc:0f:8f:1e:a1:cf:f5:c3:45:58:da:10:63:14:96:3e:4f: b9:96:0b:44:94:87:d2:3c:0b:ea:12:9c:f9:dc:7b:e4:d7:9a: 1b:5e:90:cf:1f:75:14:88:59:c5:bd:28:35:bf:c8:e5:f9:8e: 36:c6:68:fe:2d:9f:6b:97:de:e0:52:3a:f2:50:41:95:b4:37: 98:ad:01:ee:7c:19:3e:1c:e3:9a:e5:38:4d:02:4e:f0:ac:3e: 89:68:a1:d5:63:01:f9:73:c9:4a:09:14:6e:84:ea:b8:be:4f: 1c:2f:45:df:dc:74:ed:38:c1:ec:c3:8e:b3:92:72:dc:58:25: 9e:23:45:73:2e:ec:95:05:ce:e5:a4:f0:17:8a:37:17:ff:d2: d3:1a:1a:24:4c:d1:cd:4c:96:22:6d:07:36:2a:7c:71:5e:ac: 79:50:98:d2:0b:aa:53:7c:4f:5c:ae:92:10:75:53:56:08:ab: 32:f5:52:3c:bb:1d:b2:18:82:a4:50:99:ab:40:9b:c0:5a:f4: 0e:df:47:53:27:63:9f:0f:c2:21:8a:b9:ed:d7:a3:7f:20:b9: 51:a0:75:2f:d6:8d:01:c3:48:0d:a3:bd:13:09:8e:90:c2:67: 0e:8a:c4:0d:57:c6:ff:3b:cc:4b:a5:51:92:07:a4:fc:80:97: b3:4a:0b:ff -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCD2W9cYgYMFvmUwXimIOTjmcJAgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1MloX DTI3MDMwMzA2MzM1MlowMzExMC8GA1UEAxMoOEU3OTgwRjg0QzBCODU3RkE1MEQw Q0U4RTY1M0M2RDg1QzFGN0U2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKDiRWubR7Ker2fChYj+bwdssNVAigYKoop3yizwqAH0K1wuTHzQoPD/n6nK TtSiZ6eiwHKh6eWWGE4R/M7NvndQ5y0rDeEFh6YPWHa488azwoy45DK54cK+KMwk agO8QLLKxzmSGkKmlctJUcPA5oNpe/QLJpWoPNv/o9YbpSqSdKol/d8AZfCWKlcH 4BtZPWWSx1Ydl8Hai3++GLqauT0UyqEJt7v85+DstlQ50Fo9ylZR+3Bb1VkXwKkH kw12FwtTb3f9xrWM+ischggXTnrEN9w00zGiIsFTQ0i2lxE6xijoNXaVNOD7GZQb THU+eo3Nof0maDfIybZ/ZKsbkd0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSOeYD4 TAuFf6UNDOjmU8bYXB9+YzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rgkwDQYJKoZIhvcNAQELBQADggEBANPcD48eoc/1w0VY2hBjFJY+T7mWC0SUh9I8 C+oSnPnce+TXmhtekM8fdRSIWcW9KDW/yOX5jjbGaP4tn2uX3uBSOvJQQZW0N5it Ae58GT4c45rlOE0CTvCsPoloodVjAflzyUoJFG6E6ri+TxwvRd/cdO04wezDjrOS ctxYJZ4jRXMu7JUFzuWk8BeKNxf/0tMaGiRM0c1MliJtBzYqfHFerHlQmNILqlN8 T1yukhB1U1YIqzL1Ujy7HbIYgqRQmatAm8Ba9A7fR1MnY58PwiGKue3Xo38guVGg dS/WjQHDSA2jvRMJjpDCZw6KxA1Xxv87zEulUZIHpPyAl7NKC/8= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:29 2026 by rpki-client