$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146438.roa File: AS146438.roa (raw, json) Hash identifier: CNIi1ozxHBEcpwkqOtHY00DdFlDk3BwKyTTyRJOVlJ0= Subject key identifier: 84:E7:FD:9D:50:A2:98:73:07:69:3A:C4:1D:92:64:C3:9C:2B:4F:36 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0D627FF759494BCF3BBC91665DF24B9CE80345C5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146438.roa Signing time: Wed 04 Mar 2026 06:34:38 +0000 ROA not before: Wed 04 Mar 2026 06:29:38 +0000 ROA not after: Wed 03 Mar 2027 06:34:38 +0000 asID: 146438 IP address blocks: 240a:aecc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:62:7f:f7:59:49:4b:cf:3b:bc:91:66:5d:f2:4b:9c:e8:03:45:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:38 2026 GMT Not After : Mar 3 06:34:38 2027 GMT Subject: CN=84E7FD9D50A2987307693AC41D9264C39C2B4F36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:0a:94:86:92:f4:06:b1:17:40:c0:93:a7:3d: 1b:de:d0:11:36:d3:3f:7e:5c:de:b2:1b:02:4d:a9: 80:19:41:c0:6a:9d:16:43:eb:fd:ed:b4:a3:d3:65: 2d:4c:5f:ef:83:f2:43:35:28:6c:ec:71:0a:12:11: 68:00:04:a9:64:f6:21:55:b2:b8:47:6e:02:42:2c: 28:3f:64:d8:fd:13:d2:7f:ef:b5:13:0b:b2:44:32: 0b:34:c5:6e:b5:9f:b9:c1:0c:a0:5d:21:1c:4e:59: 7c:fe:d6:45:03:9b:74:53:0c:3e:72:16:94:cc:3f: 98:9f:89:1a:ef:b6:d1:9b:7b:89:d4:7a:82:7a:ab: 78:18:2c:0b:69:74:b4:8b:9d:94:bb:f5:79:92:0b: 66:cb:4d:f6:fb:d0:54:96:b5:06:90:dd:8f:35:6e: 16:02:c4:3f:85:66:21:35:b5:07:02:1e:f1:4e:02: e7:c8:c8:f6:c5:f9:8e:da:1e:a5:db:9f:37:7c:ad: a1:bf:ba:ca:17:61:17:65:3c:cb:b1:e9:b5:37:5a: d9:70:31:f9:2b:89:f0:c5:b5:60:7d:3d:34:3d:f0: 78:cb:7f:cd:70:76:2a:90:1e:97:8d:77:6b:0a:c3: e4:aa:70:d1:68:4d:a9:46:6b:f2:44:f2:7b:3e:72: 5c:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:E7:FD:9D:50:A2:98:73:07:69:3A:C4:1D:92:64:C3:9C:2B:4F:36 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146438.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aecc::/32 Signature Algorithm: sha256WithRSAEncryption 29:49:50:59:7c:e5:29:25:50:e1:22:07:76:1a:c3:b9:61:73: 45:af:c5:5a:bf:40:0b:37:c4:ab:07:d8:9b:1a:25:aa:4a:9f: c5:4d:a3:a6:48:5a:90:50:85:93:08:9c:d2:55:d8:6e:e3:c3: 57:9c:88:a3:c1:4c:49:f0:95:bf:d4:f1:12:57:9b:21:1c:97: 82:c3:e7:34:38:99:42:c1:e2:76:bf:89:5a:1b:40:a2:90:a1: cf:d0:05:5d:cf:e2:d6:62:e6:c2:f8:51:61:1a:6c:6e:37:e8: dc:77:8f:b2:dc:be:a5:7f:e1:36:06:4b:ff:a1:fd:67:cb:5e: e4:dd:2d:3c:e6:18:a2:06:c2:28:ed:a5:22:46:02:c0:6a:e9: bc:fe:6e:1f:ad:26:72:54:25:d3:3d:56:d3:dc:9d:34:68:72: 2a:6e:23:78:5e:2c:1a:0c:54:cb:d0:4a:27:09:93:da:af:24: e3:86:f7:ea:3a:fc:06:69:5a:7d:29:9a:ae:1a:0e:d8:d7:94: c4:8a:a1:d5:43:d1:31:e0:24:0d:45:75:4b:01:46:c6:ed:af: 6c:cd:23:f8:10:11:eb:2d:91:c7:d9:43:1e:18:f2:c3:4f:a2: 19:89:b3:d8:e2:ac:2d:b2:cf:dc:6f:d0:89:f0:f3:cb:1f:ff: b1:d7:0c:8a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDWJ/91lJS887vJFmXfJLnOgDRcUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkzOFoX DTI3MDMwMzA2MzQzOFowMzExMC8GA1UEAxMoODRFN0ZEOUQ1MEEyOTg3MzA3Njkz QUM0MUQ5MjY0QzM5QzJCNEYzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANoKlIaS9AaxF0DAk6c9G97QETbTP35c3rIbAk2pgBlBwGqdFkPr/e20o9Nl LUxf74PyQzUobOxxChIRaAAEqWT2IVWyuEduAkIsKD9k2P0T0n/vtRMLskQyCzTF brWfucEMoF0hHE5ZfP7WRQObdFMMPnIWlMw/mJ+JGu+20Zt7idR6gnqreBgsC2l0 tIudlLv1eZILZstN9vvQVJa1BpDdjzVuFgLEP4VmITW1BwIe8U4C58jI9sX5jtoe pdufN3ytob+6yhdhF2U8y7HptTda2XAx+SuJ8MW1YH09ND3weMt/zXB2KpAel413 awrD5Kpw0WhNqUZr8kTyez5yXMUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSE5/2d UKKYcwdpOsQdkmTDnCtPNjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rswwDQYJKoZIhvcNAQELBQADggEBAClJUFl85SklUOEiB3Yaw7lhc0WvxVq/QAs3 xKsH2JsaJapKn8VNo6ZIWpBQhZMInNJV2G7jw1eciKPBTEnwlb/U8RJXmyEcl4LD 5zQ4mULB4na/iVobQKKQoc/QBV3P4tZi5sL4UWEabG436Nx3j7LcvqV/4TYGS/+h /WfLXuTdLTzmGKIGwijtpSJGAsBq6bz+bh+tJnJUJdM9VtPcnTRocipuI3heLBoM VMvQSicJk9qvJOOG9+o6/AZpWn0pmq4aDtjXlMSKodVD0THgJA1FdUsBRsbtr2zN I/gQEestkcfZQx4Y8sNPohmJs9jirC2yz9xv0Inw88sf/7HXDIo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:42 2026 by rpki-client