$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146440.roa File: AS146440.roa (raw, json) Hash identifier: dP6SYTs6t6tPDTH7yMK56VcrKdQfQqmQ30dG7RgD5Eg= Subject key identifier: DF:E9:38:F0:E3:9F:DE:8B:D2:CC:5E:83:F9:2B:7F:F6:B5:AF:95:43 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F23F487FE16756EDCE5C315D548C49D7D01269D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146440.roa Signing time: Wed 04 Mar 2026 06:34:14 +0000 ROA not before: Wed 04 Mar 2026 06:29:14 +0000 ROA not after: Wed 03 Mar 2027 06:34:14 +0000 asID: 146440 IP address blocks: 240a:aece::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:23:f4:87:fe:16:75:6e:dc:e5:c3:15:d5:48:c4:9d:7d:01:26:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:14 2026 GMT Not After : Mar 3 06:34:14 2027 GMT Subject: CN=DFE938F0E39FDE8BD2CC5E83F92B7FF6B5AF9543 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:76:91:01:2d:51:8e:cc:cd:cc:b0:22:42:9e: b3:2d:a5:db:d3:52:85:f9:3d:b8:a1:b7:0f:ef:d4: f6:58:7c:a8:f7:1c:78:56:2b:43:99:b4:40:66:ca: b3:96:2c:ac:13:0e:86:97:7c:cd:09:75:61:d9:86: 40:a0:97:73:6b:9d:ab:49:2c:08:6c:3e:05:02:ed: ee:ae:37:f9:30:51:6d:1f:7e:29:db:0b:72:b3:94: 95:20:11:e1:2d:af:73:b3:3c:f1:05:2b:73:ea:17: 0e:54:5e:19:b0:a1:ad:d4:fd:2a:74:69:4c:b7:55: 26:95:5e:61:64:90:2d:fe:80:30:fc:93:4a:b9:ee: 4e:28:22:99:dd:93:6b:01:d1:20:de:26:3a:49:a9: 59:f3:e8:aa:1f:29:c6:68:95:47:ff:7c:d6:1e:c7: 20:99:29:16:d1:26:24:13:d8:52:8c:70:44:af:a8: c1:63:ab:15:61:55:8a:fe:16:00:ac:3e:f8:a2:52: ab:11:d4:33:1f:70:e3:38:33:2b:1e:b7:b7:1d:b0: 1a:12:a9:97:b8:72:2e:3f:95:66:ab:b3:e3:5a:72: de:f4:fe:66:d2:1a:43:fa:b3:63:5d:ff:7b:d2:84: 10:f0:28:53:1a:50:ff:3e:bb:b7:c4:01:d8:5f:77: e3:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:E9:38:F0:E3:9F:DE:8B:D2:CC:5E:83:F9:2B:7F:F6:B5:AF:95:43 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146440.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aece::/32 Signature Algorithm: sha256WithRSAEncryption a4:ea:ab:e3:f6:af:4d:3f:c9:a2:fe:58:a4:b2:8b:99:b3:81: 88:7e:7d:09:bf:8e:a7:3c:94:ee:3b:b5:fb:d3:08:19:51:28: cb:f2:c2:9a:4d:3c:57:98:43:f0:ed:7d:0f:e2:21:95:c6:dc: 5d:89:fc:f4:3c:63:fc:db:9d:22:18:5b:57:f7:89:a5:8c:f8: 15:76:16:5f:0f:88:75:0e:4e:91:1c:1c:f6:c2:f5:ad:d2:79: bb:ba:79:f0:a4:b8:30:e1:de:3f:40:9f:63:41:1d:d0:6c:29: 38:cd:ca:6a:b2:20:70:5a:e3:ce:49:c5:c1:c5:e0:57:96:38: 79:9f:4a:06:2c:45:bc:cf:02:98:f1:ef:f9:95:d6:86:6c:8d: 9b:ae:dc:dd:8c:9a:c5:3d:ec:2a:09:ab:ea:e0:17:44:54:34: 05:19:0d:50:52:f4:1c:c5:59:d8:09:b5:e5:0a:bd:56:12:40: 8e:f0:e8:d4:83:24:e3:c8:d0:2e:3d:b4:de:ff:ea:e2:67:ca: db:66:d6:64:0e:d7:0b:1b:e6:d5:41:57:c1:36:af:20:22:7d: b1:af:4c:b7:67:d1:36:51:5e:39:63:30:01:74:33:2e:25:e6: 9c:66:b7:62:2d:39:10:55:7a:3f:a4:0b:68:cf:a9:9e:f9:c2: 70:22:32:02 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULyP0h/4WdW7c5cMV1UjEnX0BJp0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxNFoX DTI3MDMwMzA2MzQxNFowMzExMC8GA1UEAxMoREZFOTM4RjBFMzlGREU4QkQyQ0M1 RTgzRjkyQjdGRjZCNUFGOTU0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIx2kQEtUY7MzcywIkKesy2l29NShfk9uKG3D+/U9lh8qPcceFYrQ5m0QGbK s5YsrBMOhpd8zQl1YdmGQKCXc2udq0ksCGw+BQLt7q43+TBRbR9+KdsLcrOUlSAR 4S2vc7M88QUrc+oXDlReGbChrdT9KnRpTLdVJpVeYWSQLf6AMPyTSrnuTigimd2T awHRIN4mOkmpWfPoqh8pxmiVR/981h7HIJkpFtEmJBPYUoxwRK+owWOrFWFViv4W AKw++KJSqxHUMx9w4zgzKx63tx2wGhKpl7hyLj+VZquz41py3vT+ZtIaQ/qzY13/ e9KEEPAoUxpQ/z67t8QB2F9345kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTf6Tjw 45/ei9LMXoP5K3/2ta+VQzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rs4wDQYJKoZIhvcNAQELBQADggEBAKTqq+P2r00/yaL+WKSyi5mzgYh+fQm/jqc8 lO47tfvTCBlRKMvywppNPFeYQ/DtfQ/iIZXG3F2J/PQ8Y/zbnSIYW1f3iaWM+BV2 Fl8PiHUOTpEcHPbC9a3Sebu6efCkuDDh3j9An2NBHdBsKTjNymqyIHBa485JxcHF 4FeWOHmfSgYsRbzPApjx7/mV1oZsjZuu3N2MmsU97CoJq+rgF0RUNAUZDVBS9BzF WdgJteUKvVYSQI7w6NSDJOPI0C49tN7/6uJnyttm1mQO1wsb5tVBV8E2ryAifbGv TLdn0TZRXjljMAF0My4l5pxmt2ItORBVej+kC2jPqZ75wnAiMgI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:07 2026 by rpki-client