$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146268.roa File: AS146268.roa (raw, json) Hash identifier: T2uFCc1IpvOYUwxReS5xujHC266pofubREOeZHKG/p8= Subject key identifier: D9:71:B4:5F:DE:DB:92:89:9B:59:94:4C:96:79:47:B2:94:A3:E3:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6AD7972ADB2BBAA7C7C6C0298D428B4C5B6E3EA9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146268.roa Signing time: Wed 04 Mar 2026 06:34:36 +0000 ROA not before: Wed 04 Mar 2026 06:29:36 +0000 ROA not after: Wed 03 Mar 2027 06:34:36 +0000 asID: 146268 IP address blocks: 240a:ae22::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:d7:97:2a:db:2b:ba:a7:c7:c6:c0:29:8d:42:8b:4c:5b:6e:3e:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:36 2026 GMT Not After : Mar 3 06:34:36 2027 GMT Subject: CN=D971B45FDEDB92899B59944C967947B294A3E313 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7c:66:7d:be:5f:04:ad:5d:05:bc:82:66:b2: d0:5c:5e:e8:63:8c:4a:46:f0:78:a2:98:ea:ef:d7: 47:6c:e3:df:9e:cc:c5:ce:e5:b6:49:b4:52:67:61: cb:86:a1:09:a7:d9:d5:e8:44:a5:3f:bd:c0:5c:65: 91:3b:a2:73:3d:14:2e:21:93:30:4c:fe:81:17:44: ba:69:b2:7b:c6:4f:ef:5a:5c:3a:87:7f:9c:f4:bb: 8b:56:d4:c8:eb:6a:ae:11:43:2a:04:3b:a2:b1:2f: 4c:17:6b:1f:80:92:d6:2a:86:03:1a:98:a7:a1:d6: 20:6c:66:a0:44:c7:bd:72:74:6e:87:12:ab:34:d5: fa:c4:17:fb:cd:ae:8d:50:36:ed:80:05:c3:b2:b3: c7:df:b2:5f:ee:3b:bb:f1:e5:76:aa:71:96:d2:ae: c5:77:86:2e:c9:30:c0:2d:71:a8:41:09:77:43:60: 22:6b:3f:2a:da:77:ad:ff:bc:f8:be:bc:56:6a:5a: 1d:f8:f7:0c:11:2c:2f:b7:06:b2:ba:e6:7b:f0:f8: a7:f9:f5:a6:9a:aa:db:23:a2:ac:c0:66:d5:71:89: b2:ab:79:cd:7a:58:e8:e9:97:da:7b:ac:c6:ed:ad: 2e:8a:cb:74:b7:2c:41:c6:aa:f7:e2:4b:37:03:76: e0:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:71:B4:5F:DE:DB:92:89:9B:59:94:4C:96:79:47:B2:94:A3:E3:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146268.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae22::/32 Signature Algorithm: sha256WithRSAEncryption 13:77:a2:bf:87:2c:49:82:fe:87:46:f6:b5:d5:d4:cb:e6:53: 97:e5:2f:f4:1c:38:fa:01:a1:b1:0b:4b:17:d7:dc:7c:0c:ab: 22:50:9b:82:36:6b:47:1c:cd:d3:f7:49:ea:d9:f4:6b:06:09: 1c:3b:10:a6:fb:3a:3f:7d:ed:8a:74:38:17:cb:aa:05:4d:59: fa:ac:87:9f:fa:e9:3f:be:79:6c:8a:30:ba:1b:15:03:83:ef: 97:84:2e:1c:e8:97:ad:21:cb:37:67:a0:8b:ee:63:ea:18:53: ee:5c:20:da:1f:26:41:3d:64:d1:4b:0d:12:42:71:97:d6:1a: c2:dd:f4:68:35:31:ce:9e:05:73:34:76:de:e1:91:15:42:b4: c1:62:54:c4:a5:e4:74:e6:a4:4d:3f:79:b0:22:fc:ea:05:63: ee:88:68:84:9b:14:e7:84:e7:80:ef:e3:58:6e:c6:bd:99:dc: 94:cb:86:af:28:7b:70:01:6b:fe:1a:c1:86:e6:cc:20:7b:2a: 3f:1f:97:02:50:72:3e:72:c7:59:32:3f:08:48:cf:e1:b9:22: 8e:82:7c:98:68:03:3f:a3:69:3c:91:60:a4:1b:19:f9:67:37: cd:90:36:bf:42:7e:65:c8:bc:a1:9f:91:5e:18:a1:ff:eb:d9: 11:3f:95:47 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUateXKtsruqfHxsApjUKLTFtuPqkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzNloX DTI3MDMwMzA2MzQzNlowMzExMC8GA1UEAxMoRDk3MUI0NUZERURCOTI4OTlCNTk5 NDRDOTY3OTQ3QjI5NEEzRTMxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANh8Zn2+XwStXQW8gmay0Fxe6GOMSkbweKKY6u/XR2zj357Mxc7ltkm0Umdh y4ahCafZ1ehEpT+9wFxlkTuicz0ULiGTMEz+gRdEummye8ZP71pcOod/nPS7i1bU yOtqrhFDKgQ7orEvTBdrH4CS1iqGAxqYp6HWIGxmoETHvXJ0bocSqzTV+sQX+82u jVA27YAFw7Kzx9+yX+47u/HldqpxltKuxXeGLskwwC1xqEEJd0NgIms/Ktp3rf+8 +L68VmpaHfj3DBEsL7cGsrrme/D4p/n1ppqq2yOirMBm1XGJsqt5zXpY6OmX2nus xu2tLorLdLcsQcaq9+JLNwN24BUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTZcbRf 3tuSiZtZlEyWeUeylKPjEzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK riIwDQYJKoZIhvcNAQELBQADggEBABN3or+HLEmC/odG9rXV1MvmU5flL/QcOPoB obELSxfX3HwMqyJQm4I2a0cczdP3SerZ9GsGCRw7EKb7Oj997Yp0OBfLqgVNWfqs h5/66T++eWyKMLobFQOD75eELhzol60hyzdnoIvuY+oYU+5cINofJkE9ZNFLDRJC cZfWGsLd9Gg1Mc6eBXM0dt7hkRVCtMFiVMSl5HTmpE0/ebAi/OoFY+6IaISbFOeE 54Dv41huxr2Z3JTLhq8oe3ABa/4awYbmzCB7Kj8flwJQcj5yx1kyPwhIz+G5Io6C fJhoAz+jaTyRYKQbGflnN82QNr9CfmXIvKGfkV4Yof/r2RE/lUc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:26 2026 by rpki-client