$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146285.roa File: AS146285.roa (raw, json) Hash identifier: 4pRjWX5ZlwHLolhbmd0FiDkH2rIozZbQRm7GdbD9jfo= Subject key identifier: 11:AB:F9:BC:E8:77:D7:BC:EC:68:D4:AF:89:7E:FB:7C:B5:66:EB:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4A46F886287D95A8ADC8A2B41386E5EA69F64EEA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146285.roa Signing time: Wed 04 Mar 2026 06:34:14 +0000 ROA not before: Wed 04 Mar 2026 06:29:14 +0000 ROA not after: Wed 03 Mar 2027 06:34:14 +0000 asID: 146285 IP address blocks: 240a:ae33::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:46:f8:86:28:7d:95:a8:ad:c8:a2:b4:13:86:e5:ea:69:f6:4e:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:14 2026 GMT Not After : Mar 3 06:34:14 2027 GMT Subject: CN=11ABF9BCE877D7BCEC68D4AF897EFB7CB566EB83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7d:6f:61:f5:5a:53:a9:29:d7:bc:7a:45:ed: 61:8e:65:08:f3:25:cb:f7:ff:87:78:28:92:05:18: 8a:2e:ac:44:9d:cc:4e:e2:f3:a4:02:94:58:b0:0a: 81:6f:25:f5:0c:7f:c2:f0:30:4e:fe:da:bd:46:34: 5d:a5:f9:f1:d8:dc:cb:7b:c2:64:25:ae:67:43:14: 1f:11:f6:0d:59:4d:67:fd:85:b0:fb:a3:7e:b9:58: 9a:3b:63:b6:d4:ee:74:62:9b:9e:f3:40:1e:be:89: 67:2f:f7:7b:10:8c:0d:39:7f:5a:f9:10:5d:8b:da: f3:8e:13:23:62:f5:a7:75:e4:5c:b5:d9:37:da:ca: e7:16:6b:3c:95:a7:0a:e0:5d:e3:22:ca:08:c1:60: b0:3c:c9:15:55:e3:83:b6:21:15:66:e7:a4:65:46: 95:d3:0e:59:86:0b:d9:fe:35:53:3e:c5:00:bb:2f: 93:39:82:26:82:65:9c:0b:f0:6e:a0:4f:d8:3f:60: ef:a2:c3:47:82:10:30:7f:d0:72:31:b6:e9:d5:70: de:8d:80:bf:55:b9:ff:c6:2e:21:7f:94:41:59:07: ce:e8:61:ea:83:9e:ad:ab:c1:7e:e6:61:5a:be:34: 09:93:d5:4e:61:6a:60:63:88:60:c0:7e:69:4d:61: 8c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:AB:F9:BC:E8:77:D7:BC:EC:68:D4:AF:89:7E:FB:7C:B5:66:EB:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146285.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae33::/32 Signature Algorithm: sha256WithRSAEncryption cd:26:39:e4:b1:4f:57:25:c1:7d:bf:26:b1:c1:64:a8:6e:6d: 2f:94:37:21:3d:f2:9c:fa:10:8d:e7:a0:4f:59:37:d1:94:a4: 39:6a:97:a2:7a:8e:2d:85:61:c5:59:c6:1e:e0:cc:ec:31:2c: 29:ae:3b:c6:2e:75:aa:e7:d9:93:4f:dc:17:6e:f1:fa:c3:a8: a5:15:56:38:40:6a:2b:62:58:09:f4:17:d1:25:2a:ef:31:a2: 18:fe:74:77:20:4e:cd:b9:58:d8:69:67:d0:27:ca:f1:79:ea: d3:a5:34:0c:53:a1:c8:d8:41:46:76:54:f2:37:7a:a1:4a:ed: 1d:18:1c:e4:1f:52:e9:cb:2f:b1:0a:ec:90:7f:34:79:95:df: d4:fa:45:4e:20:85:8a:eb:03:17:ee:51:e0:01:e9:5e:a4:80: 92:cd:41:d6:83:66:1e:7d:2e:d2:ef:b7:c9:9e:37:8a:fd:d9: 6b:08:32:b1:a9:61:4f:fe:87:6f:7d:87:3e:51:80:75:5e:49: 31:0c:6e:f4:34:eb:09:43:1c:fd:99:2f:20:ab:59:4c:7a:19: aa:71:37:34:c5:da:86:47:6b:c7:79:25:86:13:94:0e:c9:ed: 37:c5:8b:ed:f7:d3:2b:b1:30:28:75:20:90:fd:a7:9c:42:b4: e3:62:a9:78 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSkb4hih9laityKK0E4bl6mn2TuowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxNFoX DTI3MDMwMzA2MzQxNFowMzExMC8GA1UEAxMoMTFBQkY5QkNFODc3RDdCQ0VDNjhE NEFGODk3RUZCN0NCNTY2RUI4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALt9b2H1WlOpKde8ekXtYY5lCPMly/f/h3gokgUYii6sRJ3MTuLzpAKUWLAK gW8l9Qx/wvAwTv7avUY0XaX58djcy3vCZCWuZ0MUHxH2DVlNZ/2FsPujfrlYmjtj ttTudGKbnvNAHr6JZy/3exCMDTl/WvkQXYva844TI2L1p3XkXLXZN9rK5xZrPJWn CuBd4yLKCMFgsDzJFVXjg7YhFWbnpGVGldMOWYYL2f41Uz7FALsvkzmCJoJlnAvw bqBP2D9g76LDR4IQMH/QcjG26dVw3o2Av1W5/8YuIX+UQVkHzuhh6oOeravBfuZh Wr40CZPVTmFqYGOIYMB+aU1hjDMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQRq/m8 6HfXvOxo1K+Jfvt8tWbrgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rjMwDQYJKoZIhvcNAQELBQADggEBAM0mOeSxT1clwX2/JrHBZKhubS+UNyE98pz6 EI3noE9ZN9GUpDlql6J6ji2FYcVZxh7gzOwxLCmuO8Yudarn2ZNP3Bdu8frDqKUV VjhAaitiWAn0F9ElKu8xohj+dHcgTs25WNhpZ9AnyvF56tOlNAxTocjYQUZ2VPI3 eqFK7R0YHOQfUunLL7EK7JB/NHmV39T6RU4ghYrrAxfuUeAB6V6kgJLNQdaDZh59 LtLvt8meN4r92WsIMrGpYU/+h299hz5RgHVeSTEMbvQ06wlDHP2ZLyCrWUx6Gapx NzTF2oZHa8d5JYYTlA7J7TfFi+330yuxMCh1IJD9p5xCtONiqXg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:06 2026 by rpki-client