$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146387.roa File: AS146387.roa (raw, json) Hash identifier: ZpSqz+yxXSLVoainIG8s9NQoYhXxSvKoSJtj/Jl4vQA= Subject key identifier: CF:88:20:2D:87:6E:F4:59:40:A5:EA:89:57:72:B1:CB:B2:7B:8D:3F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5D2A053FB054BB6E97972F894D2F9949ECD62413 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146387.roa Signing time: Wed 04 Mar 2026 06:33:35 +0000 ROA not before: Wed 04 Mar 2026 06:28:35 +0000 ROA not after: Wed 03 Mar 2027 06:33:35 +0000 asID: 146387 IP address blocks: 240a:ae99::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:2a:05:3f:b0:54:bb:6e:97:97:2f:89:4d:2f:99:49:ec:d6:24:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:35 2026 GMT Not After : Mar 3 06:33:35 2027 GMT Subject: CN=CF88202D876EF45940A5EA895772B1CBB27B8D3F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a7:61:fc:2c:1f:11:89:8f:6f:85:bb:ac:4f: 7e:3c:9d:ba:c3:7a:9f:da:b9:f8:ed:e0:33:ef:e4: ff:4a:35:0c:15:6d:14:2c:f9:9b:91:fb:d7:81:70: 98:75:a4:31:2a:2c:8f:09:28:0a:6b:86:74:d4:76: 26:76:f2:45:31:66:3e:d5:14:8f:52:c0:21:76:07: 52:ba:92:48:d4:3b:2c:f8:11:03:db:d6:d0:be:28: 7e:b5:bd:dc:fa:0f:a5:ae:1f:80:47:47:5f:03:e6: 6c:64:bd:b0:2d:44:ca:85:b6:cb:8b:7d:d6:85:69: 61:fc:17:fb:68:ec:51:0c:e5:7a:05:a8:8c:f4:f6: d0:6c:4d:49:f3:01:db:f9:1a:bd:c0:f7:93:5f:ab: b8:64:fc:58:0d:aa:b6:26:b2:e0:32:43:23:84:af: b6:2c:9e:14:04:44:5d:18:80:fc:38:70:45:9c:85: d7:86:10:ff:da:12:d7:2c:71:10:8e:9c:33:09:bd: 85:02:a3:4e:b3:a9:c3:ae:c5:ca:f3:ba:a4:11:ee: 29:9e:76:98:0e:d2:07:72:b1:bc:a6:a8:cf:dd:0b: 28:07:f6:62:45:21:3f:8a:9f:0c:8f:f4:11:2f:78: c7:58:a1:80:ad:a5:57:f7:c0:cc:55:ea:6c:8d:79: 17:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:88:20:2D:87:6E:F4:59:40:A5:EA:89:57:72:B1:CB:B2:7B:8D:3F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146387.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae99::/32 Signature Algorithm: sha256WithRSAEncryption 7d:a2:a0:5a:59:b3:30:32:70:43:11:93:bc:57:75:20:2e:b9: 8f:5e:10:5d:ec:49:20:79:60:99:4d:e9:97:1d:dd:a8:44:d1: 01:8e:2a:b9:3d:55:85:b0:d0:6c:9d:f0:e5:01:45:e9:02:c6: 84:b8:0a:3b:1a:9c:f1:c8:fc:db:d6:81:1d:ba:38:60:04:14: 95:25:c3:ec:50:ed:98:50:05:c3:ef:95:7e:5d:96:0d:4a:ec: 5f:61:1d:a6:81:1d:c1:50:53:7a:15:2a:6e:da:8d:e1:cb:9f: 96:17:6b:aa:25:33:45:6f:6f:21:40:f9:95:3b:77:b1:50:1d: 05:f1:bc:31:3b:15:42:cf:98:ee:1a:3e:e0:3c:ef:79:5c:e0: 7e:fc:f3:be:cc:2a:b8:26:c7:e8:15:c9:1b:c5:7f:55:2c:f2: e5:30:93:15:4d:aa:0f:f3:03:19:8c:2a:b3:1b:e0:55:97:2d: b9:89:cc:4c:7f:75:63:72:e9:6c:6f:1c:42:29:14:f1:61:d5: 4d:1f:46:b5:eb:ed:b8:05:00:f1:d2:6c:bd:c5:d5:74:5e:21: 22:97:c0:6a:68:72:5f:2a:fa:38:e2:5a:7f:87:43:06:85:80: 3e:00:a1:1e:e6:c9:0c:7d:15:9b:bf:bf:5e:3b:4f:ea:1f:f4: 78:73:0d:11 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXSoFP7BUu26Xly+JTS+ZSezWJBMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjgzNVoX DTI3MDMwMzA2MzMzNVowMzExMC8GA1UEAxMoQ0Y4ODIwMkQ4NzZFRjQ1OTQwQTVF QTg5NTc3MkIxQ0JCMjdCOEQzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALunYfwsHxGJj2+Fu6xPfjydusN6n9q5+O3gM+/k/0o1DBVtFCz5m5H714Fw mHWkMSosjwkoCmuGdNR2JnbyRTFmPtUUj1LAIXYHUrqSSNQ7LPgRA9vW0L4ofrW9 3PoPpa4fgEdHXwPmbGS9sC1EyoW2y4t91oVpYfwX+2jsUQzlegWojPT20GxNSfMB 2/kavcD3k1+ruGT8WA2qtiay4DJDI4SvtiyeFAREXRiA/DhwRZyF14YQ/9oS1yxx EI6cMwm9hQKjTrOpw67FyvO6pBHuKZ52mA7SB3KxvKaoz90LKAf2YkUhP4qfDI/0 ES94x1ihgK2lV/fAzFXqbI15F48CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTPiCAt h270WUCl6olXcrHLsnuNPzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjM4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rpkwDQYJKoZIhvcNAQELBQADggEBAH2ioFpZszAycEMRk7xXdSAuuY9eEF3sSSB5 YJlN6Zcd3ahE0QGOKrk9VYWw0Gyd8OUBRekCxoS4CjsanPHI/NvWgR26OGAEFJUl w+xQ7ZhQBcPvlX5dlg1K7F9hHaaBHcFQU3oVKm7ajeHLn5YXa6olM0VvbyFA+ZU7 d7FQHQXxvDE7FULPmO4aPuA873lc4H78877MKrgmx+gVyRvFf1Us8uUwkxVNqg/z AxmMKrMb4FWXLbmJzEx/dWNy6WxvHEIpFPFh1U0fRrXr7bgFAPHSbL3F1XReISKX wGpocl8q+jjiWn+HQwaFgD4AoR7myQx9FZu/v147T+of9HhzDRE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:34 2026 by rpki-client