$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146399.roa File: AS146399.roa (raw, json) Hash identifier: aTLi8ZXf59Xj+dSaBSbH3O4qbLtnwOD5uaW/+NGCIuI= Subject key identifier: 38:D9:CD:A1:C9:EA:89:78:DC:85:EF:8C:48:B3:9A:17:04:DC:F0:7F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1B124B14813ECF632B3F4D687EBD56841585D034 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146399.roa Signing time: Wed 04 Mar 2026 06:34:18 +0000 ROA not before: Wed 04 Mar 2026 06:29:18 +0000 ROA not after: Wed 03 Mar 2027 06:34:18 +0000 asID: 146399 IP address blocks: 240a:aea5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:12:4b:14:81:3e:cf:63:2b:3f:4d:68:7e:bd:56:84:15:85:d0:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:18 2026 GMT Not After : Mar 3 06:34:18 2027 GMT Subject: CN=38D9CDA1C9EA8978DC85EF8C48B39A1704DCF07F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:1f:14:32:be:10:ef:45:a9:a2:14:e4:a1:40: c0:ff:af:de:84:1b:15:d2:8d:13:5b:01:6c:4c:e2: e7:d6:77:21:e7:0b:cc:92:b3:1c:be:e0:66:8e:9c: 58:7a:a2:0a:0a:a1:4b:f2:75:5d:55:5e:e4:60:0c: 7b:dc:0c:af:69:ac:ca:7c:02:26:93:cf:e3:44:87: f8:21:9b:39:29:0a:14:53:d7:24:07:85:62:65:21: 5f:d7:38:4f:0f:0f:ab:d3:7a:0e:12:68:7e:37:dd: 30:1d:df:a1:1d:4b:64:c0:70:19:bf:ab:e4:90:24: 95:48:2b:88:e3:08:86:dd:a4:0a:5a:6a:8a:fe:2b: 5b:47:92:2f:e3:9b:3e:3b:cc:6c:fe:06:c3:da:be: be:7a:0b:bc:19:d6:c5:c4:ca:55:0c:91:bc:07:18: 3e:f7:d3:04:0f:58:16:21:28:a0:2c:7b:ba:f6:cc: 11:81:6e:89:ed:77:5b:37:0f:6f:bb:c3:5b:d0:71: e1:20:1a:e9:c5:a6:8a:0f:8d:90:09:90:37:8c:44: ba:4c:10:cf:1f:40:d8:22:a8:fd:41:a8:a7:bd:8d: 56:89:79:bb:32:9d:bf:07:ac:93:a2:84:62:ea:45: b1:10:07:23:a2:0f:4d:eb:23:3f:38:f2:55:13:6d: 75:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:D9:CD:A1:C9:EA:89:78:DC:85:EF:8C:48:B3:9A:17:04:DC:F0:7F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146399.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aea5::/32 Signature Algorithm: sha256WithRSAEncryption 48:3e:6e:11:9b:5d:7d:22:52:a1:29:bf:51:7e:74:71:f8:ce: 09:f9:be:af:a1:37:7d:dd:41:9f:9c:a5:d5:43:98:bf:a8:b3: c3:0c:84:3c:94:26:c1:2d:46:68:ce:ed:4d:80:7e:04:a4:7b: fd:5f:11:0a:a0:1a:4a:f3:4e:95:d7:ae:7a:51:48:ea:bd:32: 9c:62:4f:83:bc:a4:91:e2:37:86:de:0b:cc:81:81:a7:dd:1d: 87:dd:26:08:80:34:59:05:68:b2:9d:ba:93:c3:e2:d8:d1:ae: d2:ed:f1:c7:52:f1:cf:92:2b:ef:25:e7:56:14:97:41:27:fe: dd:f9:47:9a:78:d0:16:5b:8e:13:07:3f:46:b5:e5:bc:28:d2: 7f:72:83:93:c9:08:c5:4d:ac:8b:cb:5b:69:c0:32:84:65:59: 17:74:1b:4b:f4:6c:53:b6:f1:16:06:82:45:46:6b:3f:2f:ea: f6:08:be:98:ab:24:92:39:db:59:01:dd:89:c2:6d:e4:93:0d: cd:4c:2c:b5:fe:f2:a4:51:e0:a8:88:e0:df:ab:80:ea:2f:6e: bf:b2:92:8e:f9:58:55:4f:2d:dc:2f:ba:e0:b5:0e:dc:ee:8b: a0:99:ff:b2:a3:93:d1:5d:c9:71:ec:02:23:35:3a:9e:ce:4b: 0e:56:cd:1d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGxJLFIE+z2MrP01ofr1WhBWF0DQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxOFoX DTI3MDMwMzA2MzQxOFowMzExMC8GA1UEAxMoMzhEOUNEQTFDOUVBODk3OERDODVF RjhDNDhCMzlBMTcwNERDRjA3RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYfFDK+EO9FqaIU5KFAwP+v3oQbFdKNE1sBbEzi59Z3IecLzJKzHL7gZo6c WHqiCgqhS/J1XVVe5GAMe9wMr2msynwCJpPP40SH+CGbOSkKFFPXJAeFYmUhX9c4 Tw8Pq9N6DhJofjfdMB3foR1LZMBwGb+r5JAklUgriOMIht2kClpqiv4rW0eSL+Ob PjvMbP4Gw9q+vnoLvBnWxcTKVQyRvAcYPvfTBA9YFiEooCx7uvbMEYFuie13WzcP b7vDW9Bx4SAa6cWmig+NkAmQN4xEukwQzx9A2CKo/UGop72NVol5uzKdvwesk6KE YupFsRAHI6IPTesjPzjyVRNtdYECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ42c2h yeqJeNyF74xIs5oXBNzwfzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjM5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rqUwDQYJKoZIhvcNAQELBQADggEBAEg+bhGbXX0iUqEpv1F+dHH4zgn5vq+hN33d QZ+cpdVDmL+os8MMhDyUJsEtRmjO7U2AfgSke/1fEQqgGkrzTpXXrnpRSOq9Mpxi T4O8pJHiN4beC8yBgafdHYfdJgiANFkFaLKdupPD4tjRrtLt8cdS8c+SK+8l51YU l0En/t35R5p40BZbjhMHP0a15bwo0n9yg5PJCMVNrIvLW2nAMoRlWRd0G0v0bFO2 8RYGgkVGaz8v6vYIvpirJJI521kB3YnCbeSTDc1MLLX+8qRR4KiI4N+rgOovbr+y ko75WFVPLdwvuuC1Dtzui6CZ/7Kjk9FdyXHsAiM1Op7OSw5WzR0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:18 2026 by rpki-client