$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146437.roa File: AS146437.roa (raw, json) Hash identifier: pmS36fZcWoMSupBT81BBy7v/xrpuPRj5P14+GB5taAM= Subject key identifier: CB:D6:91:7A:C8:DC:64:2C:6A:3D:A2:71:18:B8:AF:CB:6C:77:17:F3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5BD91FE5901F74F4DE21E1B1DB933FD62F789D6E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146437.roa Signing time: Wed 04 Mar 2026 06:33:55 +0000 ROA not before: Wed 04 Mar 2026 06:28:55 +0000 ROA not after: Wed 03 Mar 2027 06:33:55 +0000 asID: 146437 IP address blocks: 240a:aecb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d9:1f:e5:90:1f:74:f4:de:21:e1:b1:db:93:3f:d6:2f:78:9d:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:55 2026 GMT Not After : Mar 3 06:33:55 2027 GMT Subject: CN=CBD6917AC8DC642C6A3DA27118B8AFCB6C7717F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:1e:ec:f2:36:2d:8a:19:af:4c:04:f9:d7:37: 90:49:b0:2f:23:65:3e:a1:26:1d:a6:97:ff:08:d1: 7b:77:cf:9f:1b:d1:9d:10:45:9e:b9:a8:8d:bb:e3: 09:29:48:71:4d:d1:e1:91:22:fc:20:ed:60:38:5b: ac:10:38:3e:ff:09:8f:19:49:7e:6a:f9:b6:05:10: b8:9e:6c:64:be:9e:07:b2:73:a5:1f:14:4a:7e:02: 97:ed:7d:f1:65:77:52:f6:86:53:04:72:6a:86:1f: fa:a0:10:82:26:2e:87:ba:a8:d3:bb:0c:45:36:17: 0f:a0:14:a6:22:e5:6f:d5:d1:73:db:58:25:46:30: 0f:77:79:82:8d:3f:9e:bb:79:d8:de:a8:12:af:72: 71:78:fe:99:4f:c3:8a:68:5a:ac:07:51:86:a8:5b: f5:75:3c:84:8c:e7:4a:22:c4:5e:bc:9b:91:7b:da: 7f:a5:29:61:3f:97:fb:c7:3a:ff:1d:25:f4:79:19: ee:d8:e2:3d:9d:26:31:0f:79:c4:d3:8b:97:47:b7: e7:28:63:3c:2f:7d:3a:09:0c:2c:dd:d7:0f:83:dd: 10:d8:3c:df:b9:64:85:d0:6f:d8:85:33:cc:24:b4: 8c:10:ac:38:4f:ce:9b:0a:92:a6:d1:78:56:00:c3: d9:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:D6:91:7A:C8:DC:64:2C:6A:3D:A2:71:18:B8:AF:CB:6C:77:17:F3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aecb::/32 Signature Algorithm: sha256WithRSAEncryption a9:40:2f:24:76:0b:d7:cc:ad:bb:eb:7f:f3:75:25:61:0e:3b: ed:50:2e:7a:bb:57:5b:8d:07:6e:96:d4:03:99:22:b6:4a:bd: d2:fa:79:23:75:03:8d:19:65:b6:29:ef:c2:12:e2:0c:c1:19: 88:48:db:ea:5b:5c:12:16:56:09:b4:79:67:0e:2e:99:a1:57: 1c:d4:f8:e3:1c:a2:1b:e6:b1:f5:4e:c4:9a:cc:08:a6:e0:98: dd:8d:c3:7e:7d:bf:64:0e:0c:ea:34:4b:3f:4e:b9:d4:37:a2: 6b:49:90:8d:79:18:22:50:eb:6e:e0:d4:e6:f2:24:a0:0f:12: 0b:bc:82:78:62:60:63:fc:d7:64:3a:6a:91:82:cc:28:d8:80: 74:69:14:0c:34:f9:c7:82:6d:73:73:c5:2a:aa:cd:f6:03:33: a6:08:ae:55:06:6b:63:88:30:60:dd:69:44:a2:ba:c1:8a:15: d1:79:a9:ea:5a:47:12:95:43:cd:6c:7b:00:9b:a2:4f:8e:11: 67:d4:ee:6f:8a:6e:bf:af:de:b9:6e:a4:ed:45:e0:b3:ee:84: bc:39:43:47:bd:f4:c0:28:a9:31:ed:7f:4c:21:76:57:2f:4d: 22:05:2d:d8:1f:4e:8d:d2:06:ae:a9:9c:ba:05:e4:ef:71:dd: ef:0a:e2:3c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUW9kf5ZAfdPTeIeGx25M/1i94nW4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1NVoX DTI3MDMwMzA2MzM1NVowMzExMC8GA1UEAxMoQ0JENjkxN0FDOERDNjQyQzZBM0RB MjcxMThCOEFGQ0I2Qzc3MTdGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwe7PI2LYoZr0wE+dc3kEmwLyNlPqEmHaaX/wjRe3fPnxvRnRBFnrmojbvj CSlIcU3R4ZEi/CDtYDhbrBA4Pv8JjxlJfmr5tgUQuJ5sZL6eB7JzpR8USn4Cl+19 8WV3UvaGUwRyaoYf+qAQgiYuh7qo07sMRTYXD6AUpiLlb9XRc9tYJUYwD3d5go0/ nrt52N6oEq9ycXj+mU/DimharAdRhqhb9XU8hIznSiLEXrybkXvaf6UpYT+X+8c6 /x0l9HkZ7tjiPZ0mMQ95xNOLl0e35yhjPC99OgkMLN3XD4PdENg837lkhdBv2IUz zCS0jBCsOE/OmwqSptF4VgDD2ccCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTL1pF6 yNxkLGo9onEYuK/LbHcX8zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rsswDQYJKoZIhvcNAQELBQADggEBAKlALyR2C9fMrbvrf/N1JWEOO+1QLnq7V1uN B26W1AOZIrZKvdL6eSN1A40ZZbYp78IS4gzBGYhI2+pbXBIWVgm0eWcOLpmhVxzU +OMcohvmsfVOxJrMCKbgmN2Nw359v2QODOo0Sz9OudQ3omtJkI15GCJQ627g1Oby JKAPEgu8gnhiYGP812Q6apGCzCjYgHRpFAw0+ceCbXNzxSqqzfYDM6YIrlUGa2OI MGDdaUSiusGKFdF5qepaRxKVQ81sewCbok+OEWfU7m+Kbr+v3rlupO1F4LPuhLw5 Q0e99MAoqTHtf0whdlcvTSIFLdgfTo3SBq6pnLoF5O9x3e8K4jw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:12 2026 by rpki-client