$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146328.roa File: AS146328.roa (raw, json) Hash identifier: 3m6qSi/rDdQbnUIATeeG+uTlYFPYX9J+Z4kPu71omlc= Subject key identifier: E6:85:43:02:6F:F0:E9:F0:85:EB:C7:5B:BF:60:88:D1:A9:94:C4:02 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 67D05654D76F150D62537960F35C6D028E2B28DA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146328.roa Signing time: Wed 04 Mar 2026 06:33:39 +0000 ROA not before: Wed 04 Mar 2026 06:28:39 +0000 ROA not after: Wed 03 Mar 2027 06:33:39 +0000 asID: 146328 IP address blocks: 240a:ae5e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:d0:56:54:d7:6f:15:0d:62:53:79:60:f3:5c:6d:02:8e:2b:28:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:39 2026 GMT Not After : Mar 3 06:33:39 2027 GMT Subject: CN=E68543026FF0E9F085EBC75BBF6088D1A994C402 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c1:2c:2c:ac:a4:64:d5:15:d3:79:a3:33:f7: e9:e4:9d:05:02:2f:86:69:f1:b2:3e:5d:3b:21:cb: df:df:e2:f9:fc:2c:5b:ff:af:dd:02:fb:f1:a5:7a: 07:f8:e4:45:ef:3c:dd:8c:08:4a:5a:14:86:34:82: 31:55:8c:0c:d0:96:90:c8:c3:d1:28:f0:78:d3:56: c0:92:ab:63:ce:a2:e0:e4:01:53:3d:8b:fa:37:ff: 12:66:2d:3b:e4:29:5f:0d:81:cb:40:6b:94:0c:2b: ba:5f:74:c2:d1:6f:49:5c:0b:98:00:08:6e:11:ee: a1:25:50:ce:94:85:3b:97:b7:2c:1b:5b:4b:42:ab: 9f:bf:b6:2e:27:6f:bc:12:f1:c0:fe:ae:fd:39:d1: e2:37:9b:79:e5:b4:7f:51:78:50:ac:d2:db:4d:8d: 70:f2:b7:46:5b:4a:24:9c:01:76:4d:08:bf:09:4c: d8:db:f2:d6:54:9c:4a:a5:f7:7c:0e:81:3a:13:1c: 09:bc:2a:7d:06:5c:0a:53:fc:9d:b6:8b:22:6a:34: d2:4f:33:d3:cf:7c:39:15:74:f4:f6:e3:0d:0e:3e: 9c:91:2f:55:11:b1:85:da:12:15:cc:75:49:c9:a2: b2:1c:60:c6:be:93:87:d2:54:dc:5d:87:f9:e8:ba: be:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:85:43:02:6F:F0:E9:F0:85:EB:C7:5B:BF:60:88:D1:A9:94:C4:02 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146328.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae5e::/32 Signature Algorithm: sha256WithRSAEncryption 18:43:68:d3:a1:5d:9d:13:dc:77:f0:92:f4:8d:7b:8f:63:f0: fb:09:c4:e9:e5:a7:28:23:b1:78:f5:a2:69:e0:0f:e1:a6:91: ba:9f:e6:16:28:36:9c:b4:ba:ab:eb:c5:83:3a:d4:49:17:5d: 67:63:1e:98:71:03:42:68:5d:1a:b5:39:85:45:4d:b1:e0:e2: 31:f3:0a:f7:b1:0a:2c:c0:21:7c:05:35:f8:00:20:11:fe:d3: b1:46:46:27:90:b7:3f:d3:42:20:41:10:9c:21:68:f5:05:cb: de:37:e5:8c:db:3e:ae:ce:33:07:3d:1d:e1:2d:ec:a4:09:f2: 44:db:d3:21:12:f9:03:5e:f8:4b:28:dd:82:4f:ae:df:b3:8c: 78:4e:d6:40:46:a0:78:fa:96:56:53:ad:9f:4d:ad:72:bf:10: 91:84:1c:ad:93:0b:c5:ef:79:a9:15:54:9d:81:69:87:a4:99: 6b:9d:c7:28:a4:50:3a:45:7e:b0:c5:b7:28:48:40:6f:8f:17: e8:16:4f:35:3e:ba:fa:53:f4:c5:35:41:06:5d:65:47:55:69: 42:1c:40:8f:8a:34:25:03:25:e9:9f:08:51:f9:35:83:2f:9e: 74:dc:cd:91:e0:9c:c6:e1:b6:04:f6:2f:91:78:a2:5c:13:92: a9:ef:a7:1c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZ9BWVNdvFQ1iU3lg81xtAo4rKNowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjgzOVoX DTI3MDMwMzA2MzMzOVowMzExMC8GA1UEAxMoRTY4NTQzMDI2RkYwRTlGMDg1RUJD NzVCQkY2MDg4RDFBOTk0QzQwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALHBLCyspGTVFdN5ozP36eSdBQIvhmnxsj5dOyHL39/i+fwsW/+v3QL78aV6 B/jkRe883YwISloUhjSCMVWMDNCWkMjD0SjweNNWwJKrY86i4OQBUz2L+jf/EmYt O+QpXw2By0BrlAwrul90wtFvSVwLmAAIbhHuoSVQzpSFO5e3LBtbS0Krn7+2Lidv vBLxwP6u/TnR4jebeeW0f1F4UKzS202NcPK3RltKJJwBdk0IvwlM2Nvy1lScSqX3 fA6BOhMcCbwqfQZcClP8nbaLImo00k8z0898ORV09PbjDQ4+nJEvVRGxhdoSFcx1 Scmishxgxr6Th9JU3F2H+ei6vncCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTmhUMC b/Dp8IXrx1u/YIjRqZTEAjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjMyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rl4wDQYJKoZIhvcNAQELBQADggEBABhDaNOhXZ0T3HfwkvSNe49j8PsJxOnlpygj sXj1omngD+Gmkbqf5hYoNpy0uqvrxYM61EkXXWdjHphxA0JoXRq1OYVFTbHg4jHz CvexCizAIXwFNfgAIBH+07FGRieQtz/TQiBBEJwhaPUFy9435YzbPq7OMwc9HeEt 7KQJ8kTb0yES+QNe+Eso3YJPrt+zjHhO1kBGoHj6llZTrZ9NrXK/EJGEHK2TC8Xv eakVVJ2BaYekmWudxyikUDpFfrDFtyhIQG+PF+gWTzU+uvpT9MU1QQZdZUdVaUIc QI+KNCUDJemfCFH5NYMvnnTczZHgnMbhtgT2L5F4olwTkqnvpxw= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:06 2026 by rpki-client