$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146320.roa File: AS146320.roa (raw, json) Hash identifier: hr+gfJ2GSGTA7ZT2cbXpKqRgT1ccNVD+4uzWnnml+0g= Subject key identifier: 96:A2:0B:7C:B3:92:61:3F:DE:3E:2A:46:10:08:A8:BE:3E:A8:5C:4D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 54B2CB13693F77A2BDAF755529C8C1E2067CF4EB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146320.roa Signing time: Wed 04 Mar 2026 06:33:57 +0000 ROA not before: Wed 04 Mar 2026 06:28:57 +0000 ROA not after: Wed 03 Mar 2027 06:33:57 +0000 asID: 146320 IP address blocks: 240a:ae56::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:b2:cb:13:69:3f:77:a2:bd:af:75:55:29:c8:c1:e2:06:7c:f4:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:57 2026 GMT Not After : Mar 3 06:33:57 2027 GMT Subject: CN=96A20B7CB392613FDE3E2A461008A8BE3EA85C4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:92:7a:c0:99:0e:d4:95:bc:e2:8b:42:99:9d: 9a:30:7f:98:81:0e:78:b3:5a:d4:52:53:eb:a7:b8: 94:82:09:ce:ff:41:50:dd:86:8e:72:5a:c7:00:1b: a7:5c:41:05:6d:ae:20:03:5b:61:05:9f:36:fa:e7: 1a:c1:63:8d:5f:6c:3c:ed:02:63:71:4a:3b:85:e4: 3f:73:24:2d:da:8f:03:e0:b4:1b:81:a7:af:fe:ca: 17:d2:c0:46:03:cd:aa:9a:88:21:45:fa:aa:92:8f: 02:99:62:4d:58:44:ec:a2:22:61:1e:33:84:9e:6d: 01:b4:d0:fc:62:1b:06:7f:cb:bf:48:40:7d:37:0d: 2e:ec:ed:9e:59:1c:79:c1:cf:fc:d6:b9:8e:2f:b0: f5:bb:d8:c9:19:f2:99:81:f3:c4:25:66:88:e4:b9: 37:3c:bb:a8:ef:09:43:80:26:3e:92:3d:4c:de:22: 4d:9e:34:2f:c4:4c:3c:80:99:58:88:6c:86:46:fa: 94:f4:c2:5b:35:7a:93:fe:a6:81:2f:53:fc:32:ad: 34:4d:86:d0:aa:f4:3a:95:32:e2:12:06:44:e9:17: 05:f4:a5:c7:32:1c:e9:a8:06:70:db:da:0b:dd:e5: 30:19:af:c0:ed:6d:37:30:8d:6f:10:d0:f0:29:fa: 45:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:A2:0B:7C:B3:92:61:3F:DE:3E:2A:46:10:08:A8:BE:3E:A8:5C:4D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146320.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae56::/32 Signature Algorithm: sha256WithRSAEncryption ab:d9:d9:cc:b6:e8:2a:df:16:40:f3:ea:27:bb:55:89:cc:ce: b2:5d:ed:b3:49:28:ea:e0:28:bd:6f:84:ea:d6:19:ca:58:af: 7f:a9:fe:0c:e7:b4:bf:e4:6a:6b:87:46:e6:71:de:f0:3d:d4: 15:e9:c1:09:1b:2a:a6:53:d1:82:70:2b:24:c5:ee:5a:8b:b2: f6:e3:08:31:95:4c:7a:9c:b6:58:86:a8:e0:8f:74:df:db:b6: 28:06:ba:73:c6:bd:72:21:af:e5:7e:f7:20:65:36:10:af:96: 5e:71:fc:98:96:f0:51:38:8d:59:89:de:73:ed:51:2c:99:6e: d1:c9:9f:46:fd:6e:04:a3:18:2c:4e:0b:82:d2:50:a3:e4:73: 30:c1:f7:43:ce:de:2d:d3:ac:a3:7c:45:7a:d1:9d:a3:0f:0b: ce:56:27:be:9c:54:f8:d3:6e:cd:1e:05:5b:43:85:36:8e:70: 78:c4:6a:5f:d9:bb:eb:09:ff:3e:10:03:9d:48:69:e1:de:e4: 44:85:20:d2:3e:d2:42:68:5c:40:b4:64:84:86:6f:50:f5:01: df:ae:10:57:12:4f:9d:41:88:b5:c6:1b:02:30:19:6b:b0:e4: 2e:ca:06:6d:5f:95:55:dc:ea:92:93:bb:63:de:c5:8f:b7:64: b1:48:3a:dd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVLLLE2k/d6K9r3VVKcjB4gZ89OswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1N1oX DTI3MDMwMzA2MzM1N1owMzExMC8GA1UEAxMoOTZBMjBCN0NCMzkyNjEzRkRFM0Uy QTQ2MTAwOEE4QkUzRUE4NUM0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKKSesCZDtSVvOKLQpmdmjB/mIEOeLNa1FJT66e4lIIJzv9BUN2GjnJaxwAb p1xBBW2uIANbYQWfNvrnGsFjjV9sPO0CY3FKO4XkP3MkLdqPA+C0G4Gnr/7KF9LA RgPNqpqIIUX6qpKPApliTVhE7KIiYR4zhJ5tAbTQ/GIbBn/Lv0hAfTcNLuztnlkc ecHP/Na5ji+w9bvYyRnymYHzxCVmiOS5Nzy7qO8JQ4AmPpI9TN4iTZ40L8RMPICZ WIhshkb6lPTCWzV6k/6mgS9T/DKtNE2G0Kr0OpUy4hIGROkXBfSlxzIc6agGcNva C93lMBmvwO1tNzCNbxDQ8Cn6Rb8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSWogt8 s5JhP94+KkYQCKi+PqhcTTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjMyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rlYwDQYJKoZIhvcNAQELBQADggEBAKvZ2cy26CrfFkDz6ie7VYnMzrJd7bNJKOrg KL1vhOrWGcpYr3+p/gzntL/kamuHRuZx3vA91BXpwQkbKqZT0YJwKyTF7lqLsvbj CDGVTHqctliGqOCPdN/btigGunPGvXIhr+V+9yBlNhCvll5x/JiW8FE4jVmJ3nPt USyZbtHJn0b9bgSjGCxOC4LSUKPkczDB90PO3i3TrKN8RXrRnaMPC85WJ76cVPjT bs0eBVtDhTaOcHjEal/Zu+sJ/z4QA51IaeHe5ESFINI+0kJoXEC0ZISGb1D1Ad+u EFcST51BiLXGGwIwGWuw5C7KBm1flVXc6pKTu2PexY+3ZLFIOt0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:14 2026 by rpki-client