$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146389.roa File: AS146389.roa (raw, json) Hash identifier: RWeGZOtJRd6npOFy4WYXl/1pWfB4Ls/w6opuTVf0AE0= Subject key identifier: 76:8A:43:6E:94:5C:C8:78:2D:30:3D:9E:BF:49:01:8C:AA:B7:FE:73 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2E1B1510476313C1F035E4EA8362C8F6D8F2FC34 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146389.roa Signing time: Wed 04 Mar 2026 06:33:34 +0000 ROA not before: Wed 04 Mar 2026 06:28:34 +0000 ROA not after: Wed 03 Mar 2027 06:33:34 +0000 asID: 146389 IP address blocks: 240a:ae9b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:1b:15:10:47:63:13:c1:f0:35:e4:ea:83:62:c8:f6:d8:f2:fc:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:34 2026 GMT Not After : Mar 3 06:33:34 2027 GMT Subject: CN=768A436E945CC8782D303D9EBF49018CAAB7FE73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:c1:e8:0b:c9:8c:3b:04:14:63:72:38:5f:c9: 89:e8:1d:25:05:39:5c:43:12:d7:2e:ba:ef:c3:bd: 98:2d:db:2a:0b:74:80:17:f7:be:e7:59:ea:82:5e: 28:a6:e3:ad:ae:ce:e8:cb:d8:8b:ee:dd:f2:76:2d: b6:85:a1:38:94:9e:b7:d3:d2:56:33:73:3a:68:6c: 7f:cb:84:03:f6:61:c7:db:2a:95:ae:79:17:0d:2b: c4:57:90:6a:c3:39:3d:7f:8b:e4:0e:2c:4a:dd:48: 20:9c:9b:71:b9:e9:39:d9:57:e8:f2:63:70:36:ca: f0:33:56:e2:04:f4:08:f6:ae:48:20:b4:0c:d8:a3: d2:d6:4d:d4:2a:fe:c7:6c:cd:b8:d7:33:3d:53:50: db:34:c9:93:43:db:ea:ab:76:ea:31:67:db:cf:bf: 19:91:56:98:29:3f:c9:b4:c6:eb:c4:a8:5b:d8:54: 9b:c1:1e:a3:f0:8c:b9:24:16:a8:fa:e2:f2:3e:ae: 01:ae:64:1a:e1:e7:38:77:72:71:0f:28:1a:ea:d4: f6:54:25:36:d0:5e:98:05:80:6d:be:bf:5d:88:54: 9f:e6:63:41:b2:df:0e:b1:e0:f4:a7:c1:84:3b:3c: 8d:4b:07:91:27:e3:17:3c:44:e5:9e:85:b0:75:9f: a1:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:8A:43:6E:94:5C:C8:78:2D:30:3D:9E:BF:49:01:8C:AA:B7:FE:73 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:ae9b::/32 Signature Algorithm: sha256WithRSAEncryption 55:7a:17:16:e9:36:9e:ef:99:5d:d6:60:9f:49:e6:44:3a:19: b8:2e:c3:7f:8b:a6:91:8e:93:58:c5:48:35:57:5e:05:a7:34: 82:79:41:56:56:52:e8:fe:8a:13:98:5b:9d:6c:d2:00:15:30: d9:b5:c2:81:21:a1:9c:9c:70:fc:34:b9:34:62:1a:62:03:ff: 37:27:60:7e:01:5a:3a:00:f6:8c:88:41:b5:e4:f8:b2:8a:1c: d4:c8:83:a7:cb:f3:62:07:b6:54:07:65:ae:b1:da:05:21:53: f2:f5:3a:1a:fc:2b:9e:0c:d2:73:c7:09:c7:b8:d2:79:35:e9: 90:c5:20:f7:98:fd:56:3e:0d:4a:42:91:d2:af:43:03:ff:94: f5:43:4c:c6:ab:78:6e:a1:63:b4:a5:02:cc:96:52:64:ad:72: 07:a9:99:f1:fc:43:fb:67:f1:b0:45:88:fc:4c:6c:d0:39:a3: d0:e5:91:82:7e:4d:c1:ea:2d:4c:73:f6:6c:21:12:da:dc:61: df:64:8f:30:d0:48:3b:df:aa:b4:f9:57:02:93:ab:41:bd:7a: 2d:e1:e3:53:4c:e6:3e:a8:89:3c:95:a6:10:62:f6:db:05:61: e9:df:e1:09:5c:2d:b4:78:dd:0c:cf:bb:72:49:b2:7b:4b:4a: 74:11:2a:92 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULhsVEEdjE8HwNeTqg2LI9tjy/DQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjgzNFoX DTI3MDMwMzA2MzMzNFowMzExMC8GA1UEAxMoNzY4QTQzNkU5NDVDQzg3ODJEMzAz RDlFQkY0OTAxOENBQUI3RkU3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKrB6AvJjDsEFGNyOF/JiegdJQU5XEMS1y6678O9mC3bKgt0gBf3vudZ6oJe KKbjra7O6MvYi+7d8nYttoWhOJSet9PSVjNzOmhsf8uEA/Zhx9sqla55Fw0rxFeQ asM5PX+L5A4sSt1IIJybcbnpOdlX6PJjcDbK8DNW4gT0CPauSCC0DNij0tZN1Cr+ x2zNuNczPVNQ2zTJk0Pb6qt26jFn28+/GZFWmCk/ybTG68SoW9hUm8Eeo/CMuSQW qPri8j6uAa5kGuHnOHdycQ8oGurU9lQlNtBemAWAbb6/XYhUn+ZjQbLfDrHg9KfB hDs8jUsHkSfjFzxE5Z6FsHWfoZ0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR2ikNu lFzIeC0wPZ6/SQGMqrf+czAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjM4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rpswDQYJKoZIhvcNAQELBQADggEBAFV6FxbpNp7vmV3WYJ9J5kQ6Gbguw3+LppGO k1jFSDVXXgWnNIJ5QVZWUuj+ihOYW51s0gAVMNm1woEhoZyccPw0uTRiGmID/zcn YH4BWjoA9oyIQbXk+LKKHNTIg6fL82IHtlQHZa6x2gUhU/L1Ohr8K54M0nPHCce4 0nk16ZDFIPeY/VY+DUpCkdKvQwP/lPVDTMareG6hY7SlAsyWUmStcgepmfH8Q/tn 8bBFiPxMbNA5o9DlkYJ+TcHqLUxz9mwhEtrcYd9kjzDQSDvfqrT5VwKTq0G9ei3h 41NM5j6oiTyVphBi9tsFYenf4QlcLbR43QzPu3JJsntLSnQRKpI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:11 2026 by rpki-client