$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146370.roa File: AS146370.roa (raw, json) Hash identifier: C1k0ocdABFQOnZZ1G7XTiygrmfGI4RUTPHCVlyGlnIs= Subject key identifier: C3:CE:E5:E7:F9:BC:BE:7D:AF:39:12:75:5D:74:4D:B1:A3:AB:1F:B2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 31A8E5C563285CD88DD258869B8936BC0FE5B64D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146370.roa Signing time: Wed 04 Mar 2026 06:35:03 +0000 ROA not before: Wed 04 Mar 2026 06:30:03 +0000 ROA not after: Wed 03 Mar 2027 06:35:03 +0000 asID: 146370 IP address blocks: 240a:ae88::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:a8:e5:c5:63:28:5c:d8:8d:d2:58:86:9b:89:36:bc:0f:e5:b6:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:30:03 2026 GMT Not After : Mar 3 06:35:03 2027 GMT Subject: CN=C3CEE5E7F9BCBE7DAF3912755D744DB1A3AB1FB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d4:49:5e:b0:b3:da:ef:a8:20:3f:c4:b6:ee: 4f:d9:fa:09:cd:e8:37:1a:92:3a:0e:6b:24:82:33: 4b:ef:b0:4b:c3:e6:1e:d3:ec:91:06:0a:52:63:ea: ed:27:b4:44:f7:5a:87:02:4f:1c:d9:bc:41:1f:48: c6:cc:25:85:e3:bb:b6:6a:bd:51:aa:91:1d:4f:1f: f3:97:0c:c4:ed:5e:3c:ce:34:28:7c:aa:c1:40:68: 59:d4:c5:72:7b:53:6d:dd:3b:72:25:d3:ab:c4:da: 65:c6:91:f2:4c:38:58:74:45:2b:95:a1:be:cb:32: e2:e3:d7:4d:54:70:e2:2a:c7:95:8f:fe:b5:d4:86: f5:49:ff:7b:fe:e5:4d:02:66:b7:1f:aa:4d:73:66: 98:8e:3f:c5:8a:52:0b:80:5c:62:ab:fd:65:29:71: 2c:b0:21:06:1a:71:12:bd:9b:eb:9a:c4:5b:c0:1e: 42:43:79:90:15:67:e4:bb:00:c9:cb:04:4e:ac:79: fa:33:08:9e:62:bc:a3:56:80:de:c4:8c:ae:7e:af: a2:03:af:a8:9a:a5:b6:b2:2f:33:6a:18:38:fa:de: 56:74:2e:e3:16:0f:8d:2a:39:93:a9:96:89:18:15: 91:16:9c:32:58:05:df:36:36:8a:c4:29:5b:23:ee: 0c:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:CE:E5:E7:F9:BC:BE:7D:AF:39:12:75:5D:74:4D:B1:A3:AB:1F:B2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146370.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae88::/32 Signature Algorithm: sha256WithRSAEncryption da:9f:33:38:db:c2:48:c4:be:f6:cb:e6:91:9d:5d:a6:41:d3: b3:44:60:a9:57:1c:18:d3:a2:d0:49:ad:a1:95:5d:8f:72:f0: 92:54:c5:ac:ef:18:c1:47:36:3d:c3:83:db:b6:75:81:aa:c2: e6:3c:21:00:59:19:25:54:ea:5f:c0:55:ff:d7:41:4c:9d:13: 2c:a1:15:8e:b5:3a:3c:90:98:2d:bf:88:07:40:6a:1d:e6:b0: f1:91:db:b6:bf:f0:e0:11:5d:d2:70:92:0f:d8:51:0b:12:4e: b2:64:20:ee:7d:db:53:a5:ac:95:8a:d3:61:a6:c1:d6:cc:82: 80:3a:fe:85:cf:14:9e:72:53:d1:85:32:0c:9f:17:4f:28:a2: d3:c0:54:59:bb:0f:ec:5f:d5:da:f8:83:15:60:84:e4:02:53: 4e:dd:33:4d:cd:96:ed:3c:f9:85:dd:3d:6d:d6:08:91:9b:85: 93:7a:c9:d8:98:30:5d:2f:c2:5a:a4:b6:1e:c7:4b:da:39:3f: 46:0c:10:fc:5b:55:8d:62:f2:19:64:55:51:f5:9a:97:be:5e: 90:0f:7a:01:6b:9e:bb:91:9d:38:84:5e:e7:72:e2:64:21:e5: 50:8a:c0:b4:82:9e:d4:99:e0:f8:35:6b:9b:2d:9a:43:e2:36: 73:2e:bb:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMajlxWMoXNiN0liGm4k2vA/ltk0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzAwM1oX DTI3MDMwMzA2MzUwM1owMzExMC8GA1UEAxMoQzNDRUU1RTdGOUJDQkU3REFGMzkx Mjc1NUQ3NDREQjFBM0FCMUZCMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXUSV6ws9rvqCA/xLbuT9n6Cc3oNxqSOg5rJIIzS++wS8PmHtPskQYKUmPq 7Se0RPdahwJPHNm8QR9IxswlheO7tmq9UaqRHU8f85cMxO1ePM40KHyqwUBoWdTF cntTbd07ciXTq8TaZcaR8kw4WHRFK5Whvssy4uPXTVRw4irHlY/+tdSG9Un/e/7l TQJmtx+qTXNmmI4/xYpSC4BcYqv9ZSlxLLAhBhpxEr2b65rEW8AeQkN5kBVn5LsA ycsETqx5+jMInmK8o1aA3sSMrn6vogOvqJqltrIvM2oYOPreVnQu4xYPjSo5k6mW iRgVkRacMlgF3zY2isQpWyPuDMcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTDzuXn +by+fa85EnVddE2xo6sfsjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjM3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rogwDQYJKoZIhvcNAQELBQADggEBANqfMzjbwkjEvvbL5pGdXaZB07NEYKlXHBjT otBJraGVXY9y8JJUxazvGMFHNj3Dg9u2dYGqwuY8IQBZGSVU6l/AVf/XQUydEyyh FY61OjyQmC2/iAdAah3msPGR27a/8OARXdJwkg/YUQsSTrJkIO5921OlrJWK02Gm wdbMgoA6/oXPFJ5yU9GFMgyfF08ootPAVFm7D+xf1dr4gxVghOQCU07dM03Nlu08 +YXdPW3WCJGbhZN6ydiYMF0vwlqkth7HS9o5P0YMEPxbVY1i8hlkVVH1mpe+XpAP egFrnruRnTiEXudy4mQh5VCKwLSCntSZ4Pg1a5stmkPiNnMuu5g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:25 2026 by rpki-client