$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146447.roa File: AS146447.roa (raw, json) Hash identifier: vWnX/Sb+6BqWUaNEltwisQAHtiApugulD6ABwyVz734= Subject key identifier: 72:BB:06:61:8C:3B:FA:6C:5F:C7:26:25:92:DE:EA:86:78:7D:1A:54 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 47A5FC1DD74AF824B00843A3F13AB926AD706946 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146447.roa Signing time: Wed 04 Mar 2026 06:34:16 +0000 ROA not before: Wed 04 Mar 2026 06:29:16 +0000 ROA not after: Wed 03 Mar 2027 06:34:16 +0000 asID: 146447 IP address blocks: 240a:aed5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:a5:fc:1d:d7:4a:f8:24:b0:08:43:a3:f1:3a:b9:26:ad:70:69:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:16 2026 GMT Not After : Mar 3 06:34:16 2027 GMT Subject: CN=72BB06618C3BFA6C5FC7262592DEEA86787D1A54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f0:b7:8f:a9:21:8c:4e:85:5f:93:38:0c:e6: bd:29:a9:b0:84:aa:fc:8b:e9:ca:d2:65:26:57:ce: a1:14:ee:8c:5b:10:52:04:5f:c6:da:5c:41:22:f3: e5:fa:4c:27:35:3a:cf:7a:1c:cd:dd:c9:1c:36:b9: a2:b1:58:86:e3:00:65:2a:f1:1e:b0:09:0e:34:74: 0a:11:93:d5:b2:d9:cf:36:43:f9:50:84:ce:e1:94: 36:63:b4:e7:78:27:58:8d:d6:13:6a:47:a0:6b:9a: 78:8f:11:06:c6:91:d2:e2:59:91:15:83:01:ff:0e: 89:bf:cf:d3:2e:d6:74:3a:c8:c6:c8:f4:b4:36:dc: b6:0e:71:4d:40:72:a5:28:fd:81:4f:88:0d:bf:7e: a2:90:9f:ec:69:db:94:28:2c:aa:96:5c:d6:7e:fd: 0f:84:e7:fa:7c:72:6b:b4:9c:5c:71:19:21:71:74: c2:2e:4e:60:97:c1:5f:db:c9:37:44:8f:5b:08:b5: 32:c7:b9:ef:99:ac:0c:cc:53:20:1b:68:f9:92:9a: 33:e6:fa:e4:87:60:30:74:a7:7e:4e:8e:25:3b:e7: 7b:e0:9d:5e:f6:ab:85:91:bc:83:9e:8c:6b:ac:29: a6:8c:04:2e:5b:0a:72:cd:6b:32:59:47:aa:b9:68: e4:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:BB:06:61:8C:3B:FA:6C:5F:C7:26:25:92:DE:EA:86:78:7D:1A:54 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146447.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aed5::/32 Signature Algorithm: sha256WithRSAEncryption c2:31:06:e1:dd:f1:c4:1a:18:90:17:d2:34:d1:45:a0:be:9f: 12:89:93:9d:04:49:12:48:e3:ed:4f:bc:b8:e4:dd:3b:32:17: 0b:d4:72:70:c5:d9:fa:9c:70:97:d3:3d:af:7e:ab:af:c3:80: b1:02:5e:79:2d:03:b0:64:14:b1:a4:fe:10:46:9e:c4:46:f2: 86:7b:93:1d:eb:b7:3a:f7:e9:ca:6f:c5:79:c3:af:31:5a:2a: 13:f6:db:84:d7:7e:45:19:71:a5:9a:50:36:c0:4b:91:d2:a7: cf:0c:a0:f3:b3:c6:97:79:da:ca:16:b7:3d:cf:a1:b2:d5:e1: fa:cd:33:fc:23:54:7c:77:8a:72:08:64:9e:12:50:49:76:60: 90:59:52:e6:01:20:89:a3:3c:33:14:b1:dd:ef:a9:26:3d:09: 24:a9:2f:6e:5c:90:97:4d:89:ca:d9:6d:be:52:e7:ff:8a:02: c5:3b:81:c1:5f:38:f2:35:ba:56:78:5c:37:5b:90:a7:83:7e: d1:87:a2:04:67:6b:3f:d8:91:94:70:86:31:ef:a5:1a:d3:38: 96:91:ac:7e:8f:85:37:7a:e7:65:24:3c:31:2a:f0:2d:c6:25: 9e:8a:c7:40:6a:ff:c9:ea:f7:1b:fe:2d:d0:f4:e2:37:15:1c: ec:5c:2a:1c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUR6X8HddK+CSwCEOj8Tq5Jq1waUYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkxNloX DTI3MDMwMzA2MzQxNlowMzExMC8GA1UEAxMoNzJCQjA2NjE4QzNCRkE2QzVGQzcy NjI1OTJERUVBODY3ODdEMUE1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjwt4+pIYxOhV+TOAzmvSmpsISq/IvpytJlJlfOoRTujFsQUgRfxtpcQSLz 5fpMJzU6z3oczd3JHDa5orFYhuMAZSrxHrAJDjR0ChGT1bLZzzZD+VCEzuGUNmO0 53gnWI3WE2pHoGuaeI8RBsaR0uJZkRWDAf8Oib/P0y7WdDrIxsj0tDbctg5xTUBy pSj9gU+IDb9+opCf7GnblCgsqpZc1n79D4Tn+nxya7ScXHEZIXF0wi5OYJfBX9vJ N0SPWwi1Mse575msDMxTIBto+ZKaM+b65IdgMHSnfk6OJTvne+CdXvarhZG8g56M a6wppowELlsKcs1rMllHqrlo5P8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRyuwZh jDv6bF/HJiWS3uqGeH0aVDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rtUwDQYJKoZIhvcNAQELBQADggEBAMIxBuHd8cQaGJAX0jTRRaC+nxKJk50ESRJI 4+1PvLjk3TsyFwvUcnDF2fqccJfTPa9+q6/DgLECXnktA7BkFLGk/hBGnsRG8oZ7 kx3rtzr36cpvxXnDrzFaKhP224TXfkUZcaWaUDbAS5HSp88MoPOzxpd52soWtz3P obLV4frNM/wjVHx3inIIZJ4SUEl2YJBZUuYBIImjPDMUsd3vqSY9CSSpL25ckJdN icrZbb5S5/+KAsU7gcFfOPI1ulZ4XDdbkKeDftGHogRnaz/YkZRwhjHvpRrTOJaR rH6PhTd652UkPDEq8C3GJZ6Kx0Bq/8nq9xv+LdD04jcVHOxcKhw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:08 2026 by rpki-client