$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146337.roa File: AS146337.roa (raw, json) Hash identifier: BrtzMQHCaKRBntnSuobvuHi56p1jMgAx0zpcQnI7gjE= Subject key identifier: D9:5B:09:33:68:52:09:59:9C:B3:67:7E:B4:3C:0E:F8:B5:B4:0D:15 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5D2A8AC4EE1F33339677B016B0286B7818748E32 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146337.roa Signing time: Wed 04 Mar 2026 06:33:33 +0000 ROA not before: Wed 04 Mar 2026 06:28:33 +0000 ROA not after: Wed 03 Mar 2027 06:33:33 +0000 asID: 146337 IP address blocks: 240a:ae67::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:2a:8a:c4:ee:1f:33:33:96:77:b0:16:b0:28:6b:78:18:74:8e:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:33 2026 GMT Not After : Mar 3 06:33:33 2027 GMT Subject: CN=D95B0933685209599CB3677EB43C0EF8B5B40D15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:08:dc:f1:8b:8c:16:8e:c5:2b:8b:3b:eb:a0: de:4d:72:0b:fb:e1:53:c8:b1:e5:99:5c:52:95:5e: 3c:7b:7d:ff:c3:4b:58:c9:70:d9:7c:50:53:7b:4e: 18:2e:ec:09:69:a7:ce:39:06:4b:2f:77:50:f4:04: 41:2a:13:ce:9b:0d:2a:19:eb:3d:15:7b:a6:50:ca: 56:34:c1:90:d4:46:6d:78:11:e2:83:df:e0:f1:45: 03:8a:e0:df:7c:be:e4:78:33:79:da:33:19:ee:76: 40:8e:48:85:d0:a7:9c:ff:3a:c1:ff:58:f7:2b:b3: f5:f8:b5:dd:8c:a0:47:78:dd:f9:3f:23:fe:cb:d1: 4e:ed:46:ef:69:74:d8:9e:42:04:03:26:9e:b5:93: b6:4c:d5:26:f9:e6:d5:13:0a:3c:29:e7:c8:ef:d2: a1:cd:7f:d8:5f:b8:aa:8f:f1:6e:4a:89:b0:de:74: 35:6b:36:36:11:e5:bb:26:6e:93:10:4a:60:8d:12: 2e:db:13:e1:f7:17:d8:03:b6:48:b0:4d:5d:f3:85: 77:71:cb:78:b4:f5:84:c7:59:c6:2d:20:64:ba:2b: 48:33:d2:6e:49:56:5f:0d:46:4e:87:5a:e8:0b:2e: df:de:92:e1:9d:cb:d7:2b:ab:c0:39:98:45:e6:21: 13:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:5B:09:33:68:52:09:59:9C:B3:67:7E:B4:3C:0E:F8:B5:B4:0D:15 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae67::/32 Signature Algorithm: sha256WithRSAEncryption a0:bc:5c:ea:7c:61:86:c2:43:05:99:e9:0f:4b:47:db:b9:83: fb:4c:8e:13:b3:f3:bc:4a:a6:21:ce:0c:c0:54:c0:63:ff:13: 5f:da:9f:0d:ba:85:a6:dc:02:3b:73:8e:8c:f3:73:f6:2e:1c: bf:04:f0:0c:1d:44:da:82:12:0e:f1:df:c4:00:84:4c:14:ef: 4c:af:e1:ed:f0:23:33:2d:86:40:f6:c3:86:a8:33:d7:4b:1a: 53:a1:53:10:39:29:ce:91:f6:2c:e0:b5:bd:13:7c:9d:20:04: 83:e4:a7:40:38:29:31:29:64:9a:10:72:7a:1a:92:3b:60:47: 6f:2f:4e:20:7d:1c:c3:1b:b4:97:3a:92:d4:53:08:3c:e2:8a: 53:d4:f3:74:28:76:7b:03:56:e7:a7:c4:5b:3f:82:79:80:92: 46:45:4c:19:31:6f:b2:13:9e:d2:04:02:a3:10:3e:96:8e:9a: 41:7b:f1:5a:77:71:0a:75:ef:19:89:85:89:0e:14:b7:7c:3b: c9:d4:53:a9:1b:5d:6c:d2:ea:eb:33:fd:dc:13:b4:7e:15:71: 8d:05:db:97:e4:f9:b6:b3:47:10:7f:97:8a:74:0b:27:1c:4e: 76:ad:c1:50:06:50:53:f8:95:e3:a0:e2:6a:14:9c:5d:18:5b: d3:37:32:f6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXSqKxO4fMzOWd7AWsChreBh0jjIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjgzM1oX DTI3MDMwMzA2MzMzM1owMzExMC8GA1UEAxMoRDk1QjA5MzM2ODUyMDk1OTlDQjM2 NzdFQjQzQzBFRjhCNUI0MEQxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0I3PGLjBaOxSuLO+ug3k1yC/vhU8ix5ZlcUpVePHt9/8NLWMlw2XxQU3tO GC7sCWmnzjkGSy93UPQEQSoTzpsNKhnrPRV7plDKVjTBkNRGbXgR4oPf4PFFA4rg 33y+5HgzedozGe52QI5IhdCnnP86wf9Y9yuz9fi13YygR3jd+T8j/svRTu1G72l0 2J5CBAMmnrWTtkzVJvnm1RMKPCnnyO/Soc1/2F+4qo/xbkqJsN50NWs2NhHluyZu kxBKYI0SLtsT4fcX2AO2SLBNXfOFd3HLeLT1hMdZxi0gZLorSDPSbklWXw1GToda 6Asu396S4Z3L1yurwDmYReYhE7MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTZWwkz aFIJWZyzZ360PA74tbQNFTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjMzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rmcwDQYJKoZIhvcNAQELBQADggEBAKC8XOp8YYbCQwWZ6Q9LR9u5g/tMjhOz87xK piHODMBUwGP/E1/anw26habcAjtzjozzc/YuHL8E8AwdRNqCEg7x38QAhEwU70yv 4e3wIzMthkD2w4aoM9dLGlOhUxA5Kc6R9izgtb0TfJ0gBIPkp0A4KTEpZJoQcnoa kjtgR28vTiB9HMMbtJc6ktRTCDziilPU83QodnsDVuenxFs/gnmAkkZFTBkxb7IT ntIEAqMQPpaOmkF78Vp3cQp17xmJhYkOFLd8O8nUU6kbXWzS6usz/dwTtH4VcY0F 25fk+bazRxB/l4p0CyccTnatwVAGUFP4leOg4moUnF0YW9M3MvY= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:33 2026 by rpki-client