$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146377.roa File: AS146377.roa (raw, json) Hash identifier: 6KooTIUw0/XlfZTC3C3a2PjrL6mSAPOoQJbDgzfSlsE= Subject key identifier: 08:44:9C:F5:67:D5:78:B9:8F:FB:ED:DC:BE:7D:F7:4E:32:C5:76:48 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1D39A17E96623B0783E7C3F989745E290FBE6B91 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146377.roa Signing time: Wed 04 Mar 2026 06:34:34 +0000 ROA not before: Wed 04 Mar 2026 06:29:34 +0000 ROA not after: Wed 03 Mar 2027 06:34:34 +0000 asID: 146377 IP address blocks: 240a:ae8f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:39:a1:7e:96:62:3b:07:83:e7:c3:f9:89:74:5e:29:0f:be:6b:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:34 2026 GMT Not After : Mar 3 06:34:34 2027 GMT Subject: CN=08449CF567D578B98FFBEDDCBE7DF74E32C57648 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:34:88:0d:e7:96:23:e3:ac:df:06:e1:bf:34: 36:4b:5d:ae:3c:80:f5:ae:32:40:77:dd:36:66:24: 6d:eb:b1:8c:61:05:92:69:9d:b3:6e:02:e9:61:09: 46:58:9f:ef:67:b7:84:ad:7e:91:25:96:4e:ca:d3: c2:40:0a:0a:03:b6:7e:4f:d8:6f:2c:15:ad:5d:3d: 39:79:93:83:0e:41:c2:c9:3c:c1:da:78:aa:49:ad: 73:f3:3d:09:f2:45:62:50:b2:dd:ff:da:27:e3:60: 94:b8:8c:b3:88:9b:2e:17:de:69:7c:69:c3:ff:fc: fc:14:46:5d:b3:99:4b:c3:93:6d:e4:4e:35:75:0c: 16:d7:e8:1b:6c:39:e7:77:13:36:da:65:f4:a4:fd: 6e:77:41:87:8a:8c:bb:81:24:dc:0d:6f:3a:59:a2: 9d:fa:a3:cf:e2:c3:7a:5d:b8:e4:36:9c:fe:2e:a2: b4:c9:34:15:50:13:9f:c6:e9:53:10:b8:f8:cb:de: 41:c9:f2:aa:72:01:49:20:19:a1:16:81:c9:a8:58: df:18:5a:1c:1c:26:e9:c8:ab:87:a1:d1:f6:82:ae: 70:3d:57:fc:a2:65:36:31:c8:9c:38:ca:1b:b9:b4: 82:1a:4f:68:6d:12:ae:61:16:28:4d:99:f6:cb:2c: 4c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:44:9C:F5:67:D5:78:B9:8F:FB:ED:DC:BE:7D:F7:4E:32:C5:76:48 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146377.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae8f::/32 Signature Algorithm: sha256WithRSAEncryption c3:a5:00:d3:1b:40:0e:8e:54:ce:3b:8a:85:b9:04:1e:c4:43: 55:52:d7:1f:f5:89:25:b4:63:e6:39:ca:30:4d:a4:07:10:ee: 6c:c4:bb:6e:a0:97:30:f3:76:06:94:80:0a:e3:92:06:a2:bf: 40:ba:86:e7:f5:5b:d3:4b:d3:c4:56:e9:b9:27:f9:e9:df:be: fd:c9:d6:ec:ea:e3:db:ec:0f:77:23:73:1e:d5:f8:64:bb:cf: 25:41:0a:ba:7b:71:e9:97:5c:12:a7:db:aa:aa:61:71:dc:65: a6:90:65:b3:f4:c6:ae:73:d9:5e:ac:4f:3e:62:50:f5:4d:0d: 50:a0:6b:bb:82:bc:7a:9c:f8:5e:58:ca:30:f2:4c:19:28:ae: 58:8b:fe:c1:81:85:de:9a:da:be:88:ad:14:b5:8d:63:00:0d: 55:bf:53:f6:59:55:47:23:dc:95:eb:81:0f:c0:97:26:bc:5e: 84:e8:ed:c0:5c:e0:fd:98:58:52:82:99:ea:cc:7e:6a:54:c8: b8:f8:d8:42:de:c1:7d:e5:de:f1:a1:3e:78:d3:ea:93:77:5e: 17:a7:08:f6:af:22:55:0b:41:c8:32:f4:c3:dd:11:18:c3:2f: 7a:7e:3c:58:43:ba:4f:48:e4:e1:1f:e9:49:a7:24:19:84:e1: a6:5e:96:cc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHTmhfpZiOweD58P5iXReKQ++a5EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzNFoX DTI3MDMwMzA2MzQzNFowMzExMC8GA1UEAxMoMDg0NDlDRjU2N0Q1NzhCOThGRkJF RERDQkU3REY3NEUzMkM1NzY0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN80iA3nliPjrN8G4b80NktdrjyA9a4yQHfdNmYkbeuxjGEFkmmds24C6WEJ Rlif72e3hK1+kSWWTsrTwkAKCgO2fk/YbywVrV09OXmTgw5Bwsk8wdp4qkmtc/M9 CfJFYlCy3f/aJ+NglLiMs4ibLhfeaXxpw//8/BRGXbOZS8OTbeRONXUMFtfoG2w5 53cTNtpl9KT9bndBh4qMu4Ek3A1vOlminfqjz+LDel245Dac/i6itMk0FVATn8bp UxC4+MveQcnyqnIBSSAZoRaByahY3xhaHBwm6cirh6HR9oKucD1X/KJlNjHInDjK G7m0ghpPaG0SrmEWKE2Z9sssTH0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQIRJz1 Z9V4uY/77dy+ffdOMsV2SDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjM3Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ro8wDQYJKoZIhvcNAQELBQADggEBAMOlANMbQA6OVM47ioW5BB7EQ1VS1x/1iSW0 Y+Y5yjBNpAcQ7mzEu26glzDzdgaUgArjkgaiv0C6huf1W9NL08RW6bkn+enfvv3J 1uzq49vsD3cjcx7V+GS7zyVBCrp7cemXXBKn26qqYXHcZaaQZbP0xq5z2V6sTz5i UPVNDVCga7uCvHqc+F5YyjDyTBkorliL/sGBhd6a2r6IrRS1jWMADVW/U/ZZVUcj 3JXrgQ/Alya8XoTo7cBc4P2YWFKCmerMfmpUyLj42ELewX3l3vGhPnjT6pN3Xhen CPavIlULQcgy9MPdERjDL3p+PFhDuk9I5OEf6UmnJBmE4aZelsw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:45 2026 by rpki-client