$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146439.roa File: AS146439.roa (raw, json) Hash identifier: Jm2DSaQSLw1pvPaLkXvO/OaO/MV41e2BV9GEHpQOjjE= Subject key identifier: 87:33:4D:4B:AB:B1:BE:52:E7:A4:48:E8:A1:50:DE:65:47:8B:F3:88 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6BBAC828717E35FD0835E2D43BCAB86B7A544EF2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146439.roa Signing time: Wed 04 Mar 2026 06:34:50 +0000 ROA not before: Wed 04 Mar 2026 06:29:50 +0000 ROA not after: Wed 03 Mar 2027 06:34:50 +0000 asID: 146439 IP address blocks: 240a:aecd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:ba:c8:28:71:7e:35:fd:08:35:e2:d4:3b:ca:b8:6b:7a:54:4e:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:50 2026 GMT Not After : Mar 3 06:34:50 2027 GMT Subject: CN=87334D4BABB1BE52E7A448E8A150DE65478BF388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:aa:6f:83:33:a7:f8:0e:0c:33:fb:7a:c8:cd: 9e:d0:da:dd:40:f6:a2:1b:a8:48:1b:2e:8c:9e:e4: 04:8c:3c:ae:f1:cf:f4:76:45:ce:f3:2b:53:96:44: 04:d5:fc:7e:1a:3a:36:c4:43:bf:b9:82:2a:df:f5: 6c:c8:42:3a:4c:1f:f5:90:80:1f:98:d5:18:6b:61: cc:9a:0d:45:74:6d:0b:71:b1:70:b7:05:1c:a4:9a: 9a:61:f0:4c:1f:7b:4c:6a:27:e5:9d:58:da:fa:2c: f2:ce:bf:9b:e4:a3:bc:f0:b5:f8:36:04:6f:c1:3c: 31:af:8c:1f:8f:08:06:6d:2f:8e:ce:8d:11:87:92: 12:62:83:fa:8c:d4:36:ee:02:5a:1e:08:9e:fa:26: e1:4e:e3:56:4e:b3:22:7e:2c:cd:c1:3e:40:9b:f5: c7:8e:02:dc:b8:c8:71:73:c1:00:ed:78:5b:c6:03: d6:03:5d:67:e2:24:16:cd:20:76:62:4c:b3:c0:5d: 8d:93:c5:4b:3c:6f:f5:2e:24:29:97:9d:ec:32:15: 3f:c4:9c:8b:a9:89:e6:57:55:a2:6e:d5:70:7e:7e: ad:11:b4:4e:4c:5c:df:65:d3:0e:b7:3c:47:e3:ef: 16:3d:10:aa:b8:cb:56:9a:35:f4:7c:56:44:00:79: 05:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:33:4D:4B:AB:B1:BE:52:E7:A4:48:E8:A1:50:DE:65:47:8B:F3:88 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aecd::/32 Signature Algorithm: sha256WithRSAEncryption 54:0f:cf:ce:d8:e6:4e:11:2d:6d:a9:1b:58:f2:a0:1a:f3:54: 0f:88:50:de:b5:79:28:15:11:ab:25:96:af:fe:59:7a:44:46: 42:7e:31:6c:fd:0e:45:40:b1:75:9a:16:39:0c:3c:19:e4:cc: 5c:14:9a:57:24:df:e0:97:42:01:f4:4d:85:dd:1e:2b:d8:f1: b4:af:0a:d2:33:a5:7e:d7:dd:9f:58:04:70:54:ef:0f:92:09: 8d:2c:a9:0f:d7:fc:0b:53:0d:22:f2:1d:60:e6:0b:2a:e0:5d: ea:d9:2b:70:ce:f4:25:39:9f:76:67:4c:9e:58:c2:6f:33:ed: 46:0a:2e:03:9b:b5:bb:8a:03:64:4e:9e:e8:5c:3f:6f:5e:e4: f5:44:d4:3b:79:72:f6:f7:b2:c2:99:3c:cd:3f:f5:4f:f4:80: 82:0d:67:9b:09:03:c3:47:2d:f5:54:41:12:83:ed:f8:5f:03: 0f:75:4d:e3:2f:d1:67:92:01:ec:af:ea:22:a5:f0:92:8c:10: 63:38:cc:93:37:9a:49:1d:22:82:91:20:3f:c9:c5:1d:12:fc: d9:c8:8d:3d:96:5e:d6:a7:e5:36:32:7d:3d:37:24:1d:a4:9f: 0f:15:f9:bb:28:d3:7b:18:e4:d1:19:63:55:31:03:26:34:75: 0b:29:3a:f7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUa7rIKHF+Nf0INeLUO8q4a3pUTvIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjk1MFoX DTI3MDMwMzA2MzQ1MFowMzExMC8GA1UEAxMoODczMzRENEJBQkIxQkU1MkU3QTQ0 OEU4QTE1MERFNjU0NzhCRjM4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGqb4Mzp/gODDP7esjNntDa3UD2ohuoSBsujJ7kBIw8rvHP9HZFzvMrU5ZE BNX8fho6NsRDv7mCKt/1bMhCOkwf9ZCAH5jVGGthzJoNRXRtC3GxcLcFHKSammHw TB97TGon5Z1Y2vos8s6/m+SjvPC1+DYEb8E8Ma+MH48IBm0vjs6NEYeSEmKD+ozU Nu4CWh4Invom4U7jVk6zIn4szcE+QJv1x44C3LjIcXPBAO14W8YD1gNdZ+IkFs0g dmJMs8BdjZPFSzxv9S4kKZed7DIVP8Sci6mJ5ldVom7VcH5+rRG0Tkxc32XTDrc8 R+PvFj0QqrjLVpo19HxWRAB5BdsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSHM01L q7G+UuekSOihUN5lR4vziDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rs0wDQYJKoZIhvcNAQELBQADggEBAFQPz87Y5k4RLW2pG1jyoBrzVA+IUN61eSgV Easllq/+WXpERkJ+MWz9DkVAsXWaFjkMPBnkzFwUmlck3+CXQgH0TYXdHivY8bSv CtIzpX7X3Z9YBHBU7w+SCY0sqQ/X/AtTDSLyHWDmCyrgXerZK3DO9CU5n3ZnTJ5Y wm8z7UYKLgObtbuKA2ROnuhcP29e5PVE1Dt5cvb3ssKZPM0/9U/0gIINZ5sJA8NH LfVUQRKD7fhfAw91TeMv0WeSAeyv6iKl8JKMEGM4zJM3mkkdIoKRID/JxR0S/NnI jT2WXtan5TYyfT03JB2knw8V+bso03sY5NEZY1UxAyY0dQspOvc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:32 2026 by rpki-client