$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146406.roa File: AS146406.roa (raw, json) Hash identifier: Mn+OEMEsCW56KT0K9Bh7krD34MMCUGkw+PX4zilwQP4= Subject key identifier: BF:D4:B9:22:23:E3:5A:14:DB:D3:1D:FA:35:58:8B:37:47:46:FD:47 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6671EC4DFAAAA9057801FB9DE50BEB5D9157CBC9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146406.roa Signing time: Wed 04 Mar 2026 06:34:46 +0000 ROA not before: Wed 04 Mar 2026 06:29:46 +0000 ROA not after: Wed 03 Mar 2027 06:34:46 +0000 asID: 146406 IP address blocks: 240a:aeac::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:71:ec:4d:fa:aa:a9:05:78:01:fb:9d:e5:0b:eb:5d:91:57:cb:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:46 2026 GMT Not After : Mar 3 06:34:46 2027 GMT Subject: CN=BFD4B92223E35A14DBD31DFA35588B374746FD47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ba:24:09:36:95:bb:3a:64:71:76:9a:56:c6: d7:62:77:0c:f2:aa:35:81:40:59:7d:ce:82:47:db: 8d:44:e0:71:69:67:94:fb:ee:a2:43:46:88:37:8c: 34:b2:c8:ee:c8:36:90:e8:a7:e3:d9:80:85:b1:76: 0b:95:60:48:d3:88:93:aa:92:a2:8d:4f:bb:53:bf: e9:0a:30:ad:d0:6d:e8:e1:8a:a8:c6:79:b1:bf:5a: 5a:1d:04:ac:92:ac:18:11:15:cb:a4:1a:57:4e:c4: a0:6f:ad:53:c4:64:70:32:0c:dd:a7:35:cf:6f:7e: 6c:84:63:62:8d:63:1d:2f:a2:8d:96:98:01:cc:7c: d5:21:94:49:ab:db:d5:0d:4f:11:e0:fa:93:fb:84: 46:10:ed:9f:4e:b1:a0:5c:a8:cc:a5:cf:a1:36:f3: 58:57:ce:1a:b3:8d:bf:9a:fb:1c:07:51:e3:f3:b8: 45:96:4c:b7:3b:74:38:b4:7e:8a:52:a3:21:ea:69: c5:7d:10:58:ba:6d:e3:90:37:53:72:58:6a:17:7c: 3e:24:b5:98:45:8e:58:d2:b0:61:03:fb:b5:f2:e6: b4:85:64:b9:50:81:f8:06:38:1a:0c:2c:6a:6f:66: 20:a3:be:d2:47:15:16:33:d7:39:8a:61:32:83:37: 80:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:D4:B9:22:23:E3:5A:14:DB:D3:1D:FA:35:58:8B:37:47:46:FD:47 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146406.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aeac::/32 Signature Algorithm: sha256WithRSAEncryption 0f:8c:95:31:e6:7e:74:59:d2:9f:6d:9c:f8:f6:41:7b:31:c7: 16:c3:42:e9:0c:a4:c9:47:eb:04:dd:8f:80:d2:90:08:0f:31: 6b:ca:92:7d:6a:2b:82:80:90:b4:0e:7e:51:70:06:33:5f:cd: d5:4b:72:15:b0:40:53:47:96:7c:89:4e:80:2c:da:fd:99:4e: 84:b0:5b:82:78:2f:a6:42:ae:95:d6:aa:5c:1b:c0:32:43:4f: 88:f0:cb:14:9a:8f:47:1b:7c:1f:ce:5e:4a:81:47:15:de:9a: b3:15:b7:4a:74:fb:cf:28:98:18:17:f1:d7:f2:8c:a0:f6:61: 66:fd:45:a2:40:bb:bb:83:ae:ba:41:dc:79:46:70:74:24:4c: 10:98:15:eb:5f:b4:ee:e1:88:df:1a:27:aa:42:81:90:ca:83: c4:23:04:d8:ae:cb:a4:0c:8f:ec:8f:77:ff:4f:09:a4:09:6a: d8:05:94:94:9b:45:aa:7d:1f:ce:31:1b:84:02:4f:54:b7:84: c1:11:d7:ca:7f:f4:ac:89:56:96:9d:be:5f:2b:c6:2c:a3:de: b1:bb:20:36:c8:5a:93:34:c7:85:a8:b5:1e:3f:38:02:37:ad: 63:b1:08:11:9e:ae:fe:da:f1:8a:5d:f4:07:b0:d7:0d:f7:23: aa:20:ac:71 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZnHsTfqqqQV4Afud5QvrXZFXy8kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjk0NloX DTI3MDMwMzA2MzQ0NlowMzExMC8GA1UEAxMoQkZENEI5MjIyM0UzNUExNERCRDMx REZBMzU1ODhCMzc0NzQ2RkQ0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq6JAk2lbs6ZHF2mlbG12J3DPKqNYFAWX3OgkfbjUTgcWlnlPvuokNGiDeM NLLI7sg2kOin49mAhbF2C5VgSNOIk6qSoo1Pu1O/6QowrdBt6OGKqMZ5sb9aWh0E rJKsGBEVy6QaV07EoG+tU8RkcDIM3ac1z29+bIRjYo1jHS+ijZaYAcx81SGUSavb 1Q1PEeD6k/uERhDtn06xoFyozKXPoTbzWFfOGrONv5r7HAdR4/O4RZZMtzt0OLR+ ilKjIeppxX0QWLpt45A3U3JYahd8PiS1mEWOWNKwYQP7tfLmtIVkuVCB+AY4Ggws am9mIKO+0kcVFjPXOYphMoM3gBkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS/1Lki I+NaFNvTHfo1WIs3R0b9RzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQwNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rqwwDQYJKoZIhvcNAQELBQADggEBAA+MlTHmfnRZ0p9tnPj2QXsxxxbDQukMpMlH 6wTdj4DSkAgPMWvKkn1qK4KAkLQOflFwBjNfzdVLchWwQFNHlnyJToAs2v2ZToSw W4J4L6ZCrpXWqlwbwDJDT4jwyxSaj0cbfB/OXkqBRxXemrMVt0p0+88omBgX8dfy jKD2YWb9RaJAu7uDrrpB3HlGcHQkTBCYFetftO7hiN8aJ6pCgZDKg8QjBNiuy6QM j+yPd/9PCaQJatgFlJSbRap9H84xG4QCT1S3hMER18p/9KyJVpadvl8rxiyj3rG7 IDbIWpM0x4WotR4/OAI3rWOxCBGerv7a8Ypd9Aew1w33I6ogrHE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:21 2026 by rpki-client