$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146409.roa File: AS146409.roa (raw, json) Hash identifier: FLvXH0rdL0obw56uDOuzLtOZngkQA5uTfvtY/X4gfcc= Subject key identifier: E2:CB:FD:BB:68:A2:05:16:1C:03:39:86:7A:B6:EE:83:43:B0:3C:88 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 69338EA090B89EF3E5DEE636D9B631A5C90F58E3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146409.roa Signing time: Wed 04 Mar 2026 06:34:30 +0000 ROA not before: Wed 04 Mar 2026 06:29:30 +0000 ROA not after: Wed 03 Mar 2027 06:34:30 +0000 asID: 146409 IP address blocks: 240a:aeaf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:33:8e:a0:90:b8:9e:f3:e5:de:e6:36:d9:b6:31:a5:c9:0f:58:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:30 2026 GMT Not After : Mar 3 06:34:30 2027 GMT Subject: CN=E2CBFDBB68A205161C0339867AB6EE8343B03C88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:c8:f2:71:71:e9:70:d7:ef:c9:f5:82:da:cd: 9a:08:6c:2a:52:dd:c8:42:fb:c6:3d:52:f2:44:d9: 8b:c1:db:5b:3d:a5:f9:cc:ee:fe:d2:cd:7d:54:98: 48:1b:59:05:84:a8:40:27:67:b3:f9:87:41:9a:98: 75:d4:85:17:f8:c0:91:26:31:70:13:2b:29:d6:a2: 22:17:19:b5:72:ef:e3:bb:51:7a:21:80:19:da:0e: a7:18:69:bb:b8:4b:19:40:59:93:02:57:ba:13:a2: 6b:32:25:8e:a7:3a:97:a6:7d:5b:6c:71:a6:cb:60: 17:b3:e8:09:f4:56:0e:86:d3:c5:70:c0:8f:57:5d: a3:f6:4a:3a:33:fb:26:62:d8:e6:38:97:a1:03:ab: 45:06:eb:fd:18:3f:b8:9f:25:1d:b5:31:a9:d6:e8: 15:dc:8c:a3:10:49:b7:10:7b:78:e3:dc:5f:f8:a3: 77:28:16:0b:e4:78:73:f7:3f:72:e1:d3:39:85:e0: 96:f4:ba:bf:2c:be:2e:8a:ba:e6:c9:8a:21:7f:dd: 2a:e0:34:64:0f:60:b2:c6:5d:ed:29:2e:4b:1a:e4: 48:6d:61:ad:04:4b:78:b3:8a:68:52:05:50:34:21: 55:72:d4:b9:11:65:46:29:c0:df:4b:fe:c7:99:4b: 33:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:CB:FD:BB:68:A2:05:16:1C:03:39:86:7A:B6:EE:83:43:B0:3C:88 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146409.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aeaf::/32 Signature Algorithm: sha256WithRSAEncryption 63:a4:eb:29:11:29:92:f7:b4:86:2b:d0:6c:8f:60:2d:0d:eb: 2c:28:0b:99:6b:cf:0b:93:1d:de:19:8f:b1:7f:0c:0c:b3:8a: 2a:66:13:b8:e8:79:13:b5:1a:09:42:6c:97:50:33:25:43:7f: 7f:d5:d6:3c:7c:01:b8:ff:c8:86:00:6e:d8:e4:12:de:51:6c: 78:96:3a:4c:a3:db:9f:06:da:50:17:69:db:ec:9b:48:53:88: b2:62:cf:a1:e5:98:c3:22:2c:9f:33:d4:36:a8:3b:66:81:33: c2:c5:6c:e4:a3:01:a8:a2:da:23:92:28:c9:59:e0:bc:ba:cb: 04:7d:90:cd:9a:4e:cf:4e:94:95:6a:34:c5:55:38:3c:4c:e4: 14:ee:9a:4c:15:21:38:4a:72:76:2a:cb:b8:b2:1d:94:8e:07: 8b:01:5a:d1:67:6e:c3:a2:fd:2b:fd:6c:43:55:29:89:36:ac: c9:e9:d7:ca:a7:d2:d8:a6:2f:98:49:f9:d5:97:0b:c6:d1:c7: be:34:f1:1c:c8:e9:5e:6b:dc:86:df:16:13:4c:f6:3e:88:29: 93:00:b0:dc:51:a0:e8:40:3c:c2:66:92:95:7f:e1:c0:da:c0: ef:2b:1e:74:e5:eb:6f:88:4a:70:4f:b2:48:27:1f:67:d8:7f: ea:dd:ce:a9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaTOOoJC4nvPl3uY22bYxpckPWOMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzMFoX DTI3MDMwMzA2MzQzMFowMzExMC8GA1UEAxMoRTJDQkZEQkI2OEEyMDUxNjFDMDMz OTg2N0FCNkVFODM0M0IwM0M4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN3I8nFx6XDX78n1gtrNmghsKlLdyEL7xj1S8kTZi8HbWz2l+czu/tLNfVSY SBtZBYSoQCdns/mHQZqYddSFF/jAkSYxcBMrKdaiIhcZtXLv47tReiGAGdoOpxhp u7hLGUBZkwJXuhOiazIljqc6l6Z9W2xxpstgF7PoCfRWDobTxXDAj1ddo/ZKOjP7 JmLY5jiXoQOrRQbr/Rg/uJ8lHbUxqdboFdyMoxBJtxB7eOPcX/ijdygWC+R4c/c/ cuHTOYXglvS6vyy+Loq65smKIX/dKuA0ZA9gssZd7SkuSxrkSG1hrQRLeLOKaFIF UDQhVXLUuRFlRinA30v+x5lLM9UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTiy/27 aKIFFhwDOYZ6tu6DQ7A8iDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rq8wDQYJKoZIhvcNAQELBQADggEBAGOk6ykRKZL3tIYr0GyPYC0N6ywoC5lrzwuT Hd4Zj7F/DAyziipmE7joeRO1GglCbJdQMyVDf3/V1jx8Abj/yIYAbtjkEt5RbHiW Okyj258G2lAXadvsm0hTiLJiz6HlmMMiLJ8z1DaoO2aBM8LFbOSjAaii2iOSKMlZ 4Ly6ywR9kM2aTs9OlJVqNMVVODxM5BTumkwVIThKcnYqy7iyHZSOB4sBWtFnbsOi /Sv9bENVKYk2rMnp18qn0timL5hJ+dWXC8bRx7408RzI6V5r3IbfFhNM9j6IKZMA sNxRoOhAPMJmkpV/4cDawO8rHnTl62+ISnBPskgnH2fYf+rdzqk= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:29 2026 by rpki-client