$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146423.roa File: AS146423.roa (raw, json) Hash identifier: oovp2Z3Hx0VYlZZ5Csefbefe4Bwk/MEMWu7CLqhTczY= Subject key identifier: 68:A4:89:EE:8F:10:E1:E1:2B:1F:FE:35:06:B9:88:3B:9B:A3:11:1A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0859D40C6EBB40811AB06635EB8A6F837D9FF110 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146423.roa Signing time: Wed 04 Mar 2026 06:33:52 +0000 ROA not before: Wed 04 Mar 2026 06:28:52 +0000 ROA not after: Wed 03 Mar 2027 06:33:52 +0000 asID: 146423 IP address blocks: 240a:aebd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:59:d4:0c:6e:bb:40:81:1a:b0:66:35:eb:8a:6f:83:7d:9f:f1:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:52 2026 GMT Not After : Mar 3 06:33:52 2027 GMT Subject: CN=68A489EE8F10E1E12B1FFE3506B9883B9BA3111A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d7:fd:74:ce:19:aa:7c:54:4e:32:77:d9:8e: f6:46:c6:b3:39:0f:e1:07:8d:48:64:eb:39:5f:94: b0:3a:89:b7:c0:9f:5e:4c:09:6f:be:6e:09:52:77: 3e:ee:76:01:b7:46:15:32:2f:60:be:9a:f8:d8:c9: 96:2c:ab:fb:20:0d:70:5d:2d:85:ff:26:0d:01:5d: fb:bd:25:3b:4f:ca:6e:19:f8:a7:e9:d8:cb:fc:7d: a6:4e:42:7e:f8:63:d4:2a:26:ed:ea:98:c3:8f:15: 76:c5:14:92:24:ca:8f:fa:70:15:72:3a:fd:e9:ee: e2:ae:46:64:a5:f8:14:1b:f9:94:71:d5:d7:a0:06: d6:0b:3d:92:10:91:29:fb:eb:e5:99:7f:07:ee:ed: f2:70:a1:f5:fb:af:d5:b3:e2:6e:e8:ad:16:8f:e8: 05:c3:73:4f:4c:f3:0e:bc:71:dd:ea:93:af:25:17: 1a:1c:e2:97:b7:2a:e6:6a:da:d2:07:a1:62:22:52: c2:cc:01:14:a3:a5:e5:ab:07:c7:a2:be:dd:2a:0c: 96:eb:bb:f2:b3:2f:00:43:de:1d:a5:5b:01:7b:6c: 72:49:1e:0f:d4:57:23:cc:cc:c2:76:7a:31:e2:4f: 04:e0:fe:19:18:1e:3a:1c:e8:8c:56:3d:ea:ba:17: b5:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:A4:89:EE:8F:10:E1:E1:2B:1F:FE:35:06:B9:88:3B:9B:A3:11:1A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aebd::/32 Signature Algorithm: sha256WithRSAEncryption 60:37:af:7b:7a:c0:10:ea:b2:ae:69:56:6c:38:57:b0:9a:ae: 54:bc:2a:4c:05:9f:b3:85:2d:bb:f3:22:13:86:ae:ab:99:dd: b4:34:a1:9d:cc:93:50:4f:d8:a5:55:09:41:20:57:e2:b1:30: d9:5a:77:99:c2:5b:22:9c:a7:89:11:3b:3f:ce:8c:f6:63:6d: 7c:21:f6:12:a7:45:ab:3a:64:22:61:6b:37:4a:14:2e:25:f5: 15:70:60:e3:8a:71:e5:83:e2:77:71:7f:af:04:20:96:c8:6a: 32:91:32:68:43:ac:0c:70:86:63:b2:20:5d:11:0d:d3:34:fe: c7:49:6d:1a:ee:6c:4a:0d:77:d9:29:76:c4:6d:4d:70:3e:37: b6:7d:4e:c5:22:18:f8:df:81:9c:dc:42:b9:c5:7a:53:30:43: 2f:7f:f2:96:03:e5:da:56:ab:a9:5b:f8:31:7d:fb:19:7e:21: ec:d2:12:35:1b:5e:b2:2e:b0:94:91:43:9c:ba:c7:43:62:53: 2b:fd:45:21:90:16:83:03:3a:9d:ce:21:fd:eb:94:33:c4:bd: 07:60:46:7d:a0:d1:21:73:a6:04:2b:64:55:a2:4b:ce:6d:17: d6:21:5f:ab:37:7e:0e:d8:5f:81:2d:10:f4:e5:ee:50:95:09: 16:51:df:8f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCFnUDG67QIEasGY164pvg32f8RAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1MloX DTI3MDMwMzA2MzM1MlowMzExMC8GA1UEAxMoNjhBNDg5RUU4RjEwRTFFMTJCMUZG RTM1MDZCOTg4M0I5QkEzMTExQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMrX/XTOGap8VE4yd9mO9kbGszkP4QeNSGTrOV+UsDqJt8CfXkwJb75uCVJ3 Pu52AbdGFTIvYL6a+NjJliyr+yANcF0thf8mDQFd+70lO0/Kbhn4p+nYy/x9pk5C fvhj1Com7eqYw48VdsUUkiTKj/pwFXI6/enu4q5GZKX4FBv5lHHV16AG1gs9khCR Kfvr5Zl/B+7t8nCh9fuv1bPibuitFo/oBcNzT0zzDrxx3eqTryUXGhzil7cq5mra 0gehYiJSwswBFKOl5asHx6K+3SoMluu78rMvAEPeHaVbAXtsckkeD9RXI8zMwnZ6 MeJPBOD+GRgeOhzojFY96roXtdkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRopInu jxDh4Ssf/jUGuYg7m6MRGjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rr0wDQYJKoZIhvcNAQELBQADggEBAGA3r3t6wBDqsq5pVmw4V7CarlS8KkwFn7OF LbvzIhOGrquZ3bQ0oZ3Mk1BP2KVVCUEgV+KxMNlad5nCWyKcp4kROz/OjPZjbXwh 9hKnRas6ZCJhazdKFC4l9RVwYOOKceWD4ndxf68EIJbIajKRMmhDrAxwhmOyIF0R DdM0/sdJbRrubEoNd9kpdsRtTXA+N7Z9TsUiGPjfgZzcQrnFelMwQy9/8pYD5dpW q6lb+DF9+xl+IezSEjUbXrIusJSRQ5y6x0NiUyv9RSGQFoMDOp3OIf3rlDPEvQdg Rn2g0SFzpgQrZFWiS85tF9YhX6s3fg7YX4EtEPTl7lCVCRZR348= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:03 2026 by rpki-client