$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146287.roa File: AS146287.roa (raw, json) Hash identifier: bUnRLbXpcfYZwK0Fmr9perYDxPu9Hn5Q2uD02iwKoH8= Subject key identifier: 40:AB:0F:1C:BB:3E:9C:9E:45:F0:AD:14:A3:EA:E2:34:F9:F5:A4:4F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 64B71B4E1BC733F4CC0DF84A789FE92FF0E34267 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146287.roa Signing time: Wed 04 Mar 2026 06:34:13 +0000 ROA not before: Wed 04 Mar 2026 06:29:13 +0000 ROA not after: Wed 03 Mar 2027 06:34:13 +0000 asID: 146287 IP address blocks: 240a:ae35::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:b7:1b:4e:1b:c7:33:f4:cc:0d:f8:4a:78:9f:e9:2f:f0:e3:42:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:13 2026 GMT Not After : Mar 3 06:34:13 2027 GMT Subject: CN=40AB0F1CBB3E9C9E45F0AD14A3EAE234F9F5A44F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:e5:56:44:16:f3:3c:64:6e:18:3f:12:90:00: c8:6a:2d:6e:00:92:f6:82:4d:ba:2a:bf:c1:76:cc: a9:64:a7:f6:5d:c6:b7:b2:b3:58:8d:4f:51:e3:81: 3b:af:08:73:05:76:9d:49:53:08:49:74:1b:b0:e3: 7b:91:bd:4f:87:b8:54:e1:b6:1b:eb:f1:40:9f:ea: 17:5e:12:f9:f5:18:b9:f0:53:84:a7:e5:62:55:93: 68:e8:5d:97:fd:47:1e:81:d1:1b:90:e9:65:89:51: 4f:ad:c3:5f:f6:a9:5c:66:56:5b:ab:44:19:9d:81: d3:2e:f3:57:8c:ea:7f:92:dc:b8:b6:9f:e4:81:c5: 58:7c:8e:fc:a2:31:76:e8:48:90:06:ad:71:23:75: 60:6a:87:ea:20:bd:27:52:2e:bb:74:96:ec:7c:27: 8e:7c:73:23:8e:41:22:24:73:e4:af:46:69:6c:51: 1b:9a:95:ce:98:f4:05:fe:7b:45:37:e4:d6:b9:3e: a6:11:3c:d2:58:da:1d:75:64:96:0f:05:c9:d0:f6: 60:21:4d:cf:8e:80:5d:c1:d5:4c:72:06:69:5c:79: b8:31:b2:85:b2:e6:ea:cd:fa:1c:6f:e6:4e:2a:73: 73:df:bf:96:c6:14:29:2c:7f:6f:ba:a0:50:21:b0: f3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:AB:0F:1C:BB:3E:9C:9E:45:F0:AD:14:A3:EA:E2:34:F9:F5:A4:4F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146287.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae35::/32 Signature Algorithm: sha256WithRSAEncryption 5a:07:de:ed:a5:a1:0d:c0:b4:54:10:65:37:5a:35:bf:fb:bf: 1f:1f:9a:b6:d0:a2:5b:9b:8d:06:ca:d3:19:ca:7d:9b:cf:66: e9:3d:00:30:57:dc:48:3a:e3:e2:b6:15:87:e4:69:c9:f2:21: 01:8e:20:58:3f:53:55:9a:2d:df:c3:05:39:c7:6e:02:df:cf: 7c:23:6a:49:a9:88:a1:20:49:16:6d:14:47:a3:5b:13:09:1a: b6:a3:cb:bf:8b:2e:c7:44:d8:92:3e:93:4c:93:9d:07:c4:7c: 77:e7:c3:ed:1b:b6:0a:94:4a:d9:42:ef:c2:ff:89:42:2d:bb: 20:24:66:e0:20:f5:2e:35:90:47:1d:79:70:50:71:21:e3:8f: a1:08:6a:32:36:3b:1b:59:43:02:c3:8f:5f:a1:d4:40:75:13: de:d1:5d:2b:b8:38:e1:14:87:b6:0e:d9:ab:50:01:32:7a:31: 6e:75:d6:83:1e:69:e1:dd:71:89:2f:11:11:ee:d2:a0:73:bd: 1c:50:cd:f3:80:10:9c:5c:6b:63:8d:df:f5:50:a7:cc:ef:08: 16:00:a5:5e:d7:05:aa:db:40:03:14:56:9a:44:d9:d6:16:ce: 4b:73:54:7c:57:01:67:d6:2b:f3:8d:35:1b:49:01:3f:62:8e: 8c:0b:d7:fd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZLcbThvHM/TMDfhKeJ/pL/DjQmcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxM1oX DTI3MDMwMzA2MzQxM1owMzExMC8GA1UEAxMoNDBBQjBGMUNCQjNFOUM5RTQ1RjBB RDE0QTNFQUUyMzRGOUY1QTQ0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJXlVkQW8zxkbhg/EpAAyGotbgCS9oJNuiq/wXbMqWSn9l3Gt7KzWI1PUeOB O68IcwV2nUlTCEl0G7Dje5G9T4e4VOG2G+vxQJ/qF14S+fUYufBThKflYlWTaOhd l/1HHoHRG5DpZYlRT63DX/apXGZWW6tEGZ2B0y7zV4zqf5LcuLaf5IHFWHyO/KIx duhIkAatcSN1YGqH6iC9J1Iuu3SW7HwnjnxzI45BIiRz5K9GaWxRG5qVzpj0Bf57 RTfk1rk+phE80ljaHXVklg8FydD2YCFNz46AXcHVTHIGaVx5uDGyhbLm6s36HG/m Tipzc9+/lsYUKSx/b7qgUCGw87UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRAqw8c uz6cnkXwrRSj6uI0+fWkTzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rjUwDQYJKoZIhvcNAQELBQADggEBAFoH3u2loQ3AtFQQZTdaNb/7vx8fmrbQolub jQbK0xnKfZvPZuk9ADBX3Eg64+K2FYfkacnyIQGOIFg/U1WaLd/DBTnHbgLfz3wj akmpiKEgSRZtFEejWxMJGrajy7+LLsdE2JI+k0yTnQfEfHfnw+0btgqUStlC78L/ iUItuyAkZuAg9S41kEcdeXBQcSHjj6EIajI2OxtZQwLDj1+h1EB1E97RXSu4OOEU h7YO2atQATJ6MW511oMeaeHdcYkvERHu0qBzvRxQzfOAEJxca2ON3/VQp8zvCBYA pV7XBarbQAMUVppE2dYWzktzVHxXAWfWK/ONNRtJAT9ijowL1/0= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:17 2026 by rpki-client