$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146289.roa File: AS146289.roa (raw, json) Hash identifier: b/F5SK7XsVYTsGd9lMgIGrmBpia3UfkMPtb79ZLFHuo= Subject key identifier: EE:BC:E8:8A:5E:81:E2:69:D0:8B:4C:8F:8D:A6:DF:E2:12:00:40:C2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 568619900B81C9D1E082FAFFC81C192B86805A02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146289.roa Signing time: Wed 04 Mar 2026 06:34:06 +0000 ROA not before: Wed 04 Mar 2026 06:29:06 +0000 ROA not after: Wed 03 Mar 2027 06:34:06 +0000 asID: 146289 IP address blocks: 240a:ae37::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:86:19:90:0b:81:c9:d1:e0:82:fa:ff:c8:1c:19:2b:86:80:5a:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:06 2026 GMT Not After : Mar 3 06:34:06 2027 GMT Subject: CN=EEBCE88A5E81E269D08B4C8F8DA6DFE2120040C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:8a:31:2b:cf:d3:32:f9:dc:37:7d:ac:4c:39: 9a:50:0e:9f:a9:3c:fa:c9:9b:2a:09:2c:37:19:55: 62:d8:65:4e:19:0d:7f:96:78:19:67:eb:87:3a:d1: 3e:80:bb:c1:e8:65:aa:5c:14:34:10:09:75:23:84: 91:56:e9:cc:a8:ce:15:80:b8:84:84:2e:20:f7:bc: 8a:f0:0e:e6:2e:1f:23:b0:59:3c:da:3b:c5:99:76: 1d:f0:df:c5:59:c9:54:13:78:90:61:0f:84:74:4b: 41:f7:07:27:c6:cb:10:c4:31:50:fe:87:df:63:92: 9b:25:9d:97:c3:c1:03:fc:79:24:d3:0e:2d:02:4a: d8:c8:53:31:16:9f:a6:c1:75:50:67:86:dd:a2:38: 3a:b9:1f:37:69:f3:31:d1:cf:78:87:4f:02:bf:ee: ff:9e:74:e6:e2:ae:31:d6:49:1a:81:ae:fa:04:6d: f5:e4:b3:35:63:7b:9e:84:87:3e:e7:8a:18:d8:57: 37:81:37:5f:2f:c0:92:f1:38:57:d0:76:86:f8:c0: 5d:bd:44:2c:96:93:a5:19:9d:9c:f1:8a:2e:e4:0a: 1e:04:0c:28:4a:3c:09:05:c0:a7:0a:92:7e:37:00: 52:97:43:ee:40:ac:b9:7d:08:dc:94:29:4b:9e:a9: 62:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:BC:E8:8A:5E:81:E2:69:D0:8B:4C:8F:8D:A6:DF:E2:12:00:40:C2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146289.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae37::/32 Signature Algorithm: sha256WithRSAEncryption 42:f4:c8:2a:cf:c0:da:e2:4e:54:2d:5f:db:46:d9:63:cd:83: 07:aa:7c:b6:84:f0:3f:44:7b:97:b7:4a:87:f1:dd:aa:92:2f: 57:f1:23:56:fa:de:17:dc:53:49:54:10:4d:7c:66:b7:8d:a7: eb:21:ed:8a:20:03:79:42:fa:bf:86:5a:4b:bc:19:16:47:f6: 39:40:27:95:b7:b3:a5:a8:d9:1e:10:f3:0a:d5:d2:93:2c:d1: 1d:c8:0d:5f:12:b0:e8:e2:17:9d:ae:9b:bd:c1:85:ac:5e:c3: dc:ce:a6:a2:93:3c:41:ee:37:27:07:11:4b:cb:9e:89:57:69: 3f:ca:ed:ab:a9:d3:d5:82:55:0d:3f:e8:cb:40:94:74:8c:f4: 0e:77:3a:57:58:97:81:99:8b:fb:95:68:93:5e:19:19:b9:27: 1f:bf:7c:18:85:58:d5:71:96:29:7c:8a:eb:53:60:37:bf:49: e6:1c:0c:fd:c8:4a:5e:f2:e1:61:f7:98:7f:67:b5:63:25:40: 50:a5:b3:5a:bd:0a:9b:96:56:71:64:b3:93:a5:ad:84:5d:fd: 11:14:06:8d:72:e2:6a:12:d6:99:7a:02:c2:de:9e:b6:3b:61: 5d:ac:b5:9d:9d:03:9a:ae:e2:25:10:36:ca:6e:57:3b:40:ad: da:3b:9a:11 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVoYZkAuBydHggvr/yBwZK4aAWgIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkwNloX DTI3MDMwMzA2MzQwNlowMzExMC8GA1UEAxMoRUVCQ0U4OEE1RTgxRTI2OUQwOEI0 QzhGOERBNkRGRTIxMjAwNDBDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJOKMSvP0zL53Dd9rEw5mlAOn6k8+smbKgksNxlVYthlThkNf5Z4GWfrhzrR PoC7wehlqlwUNBAJdSOEkVbpzKjOFYC4hIQuIPe8ivAO5i4fI7BZPNo7xZl2HfDf xVnJVBN4kGEPhHRLQfcHJ8bLEMQxUP6H32OSmyWdl8PBA/x5JNMOLQJK2MhTMRaf psF1UGeG3aI4OrkfN2nzMdHPeIdPAr/u/5505uKuMdZJGoGu+gRt9eSzNWN7noSH PueKGNhXN4E3Xy/AkvE4V9B2hvjAXb1ELJaTpRmdnPGKLuQKHgQMKEo8CQXApwqS fjcAUpdD7kCsuX0I3JQpS56pYi0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTuvOiK XoHiadCLTI+Npt/iEgBAwjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjI4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rjcwDQYJKoZIhvcNAQELBQADggEBAEL0yCrPwNriTlQtX9tG2WPNgweqfLaE8D9E e5e3Sofx3aqSL1fxI1b63hfcU0lUEE18ZreNp+sh7YogA3lC+r+GWku8GRZH9jlA J5W3s6Wo2R4Q8wrV0pMs0R3IDV8SsOjiF52um73Bhaxew9zOpqKTPEHuNycHEUvL nolXaT/K7aup09WCVQ0/6MtAlHSM9A53OldYl4GZi/uVaJNeGRm5Jx+/fBiFWNVx lil8iutTYDe/SeYcDP3ISl7y4WH3mH9ntWMlQFCls1q9CpuWVnFks5OlrYRd/REU Bo1y4moS1pl6AsLenrY7YV2stZ2dA5qu4iUQNspuVztArdo7mhE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:21 2026 by rpki-client