$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146461.roa File: AS146461.roa (raw, json) Hash identifier: EN3JTWNTGQCUH9N8yod8z0Vwe8ZT9pUd6LRPakT9uc8= Subject key identifier: 6F:D5:D9:B9:88:9A:6A:C4:69:92:1D:8C:1B:A8:2B:D6:61:AC:25:1D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4E0C64B4544E9D8E18387DF0D381699CCFDC9889 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146461.roa Signing time: Wed 04 Mar 2026 06:33:47 +0000 ROA not before: Wed 04 Mar 2026 06:28:47 +0000 ROA not after: Wed 03 Mar 2027 06:33:47 +0000 asID: 146461 IP address blocks: 240a:aee3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:0c:64:b4:54:4e:9d:8e:18:38:7d:f0:d3:81:69:9c:cf:dc:98:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:47 2026 GMT Not After : Mar 3 06:33:47 2027 GMT Subject: CN=6FD5D9B9889A6AC469921D8C1BA82BD661AC251D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f5:ca:1e:2d:08:6e:82:4a:db:92:35:dc:5e: 1a:ed:79:db:71:1c:a7:b1:9c:aa:bf:99:7f:f7:b9: 3a:ea:7c:f5:dc:0d:a4:85:ff:04:14:27:d0:09:ae: 1d:14:29:f4:d3:b4:ad:98:49:87:e7:c4:d6:21:a7: 7d:33:f2:03:6b:11:4c:25:db:13:56:59:b2:5c:91: ea:9f:ac:05:5d:66:95:bd:d2:75:17:0e:1e:0e:0f: 6b:88:7e:e9:19:5d:07:bc:1a:54:8e:ec:78:f9:c8: db:9d:81:da:61:1e:f5:2c:2f:1a:5e:3b:5d:cc:d9: f1:92:4b:fa:45:f9:7b:c9:df:6a:ef:84:28:b3:4d: 62:aa:83:a7:29:87:ae:4c:48:46:31:ea:3c:ad:30: b6:75:0b:56:67:2d:c8:c5:2d:a3:98:c6:2b:a3:98: 7b:75:59:2f:34:2b:61:dc:f5:d8:05:4d:4f:29:5d: 95:1c:f9:0d:15:5c:b5:8f:d5:4b:29:39:bc:b1:1f: 84:64:c7:6c:04:66:aa:77:ed:f8:a5:4b:30:ef:b9: dc:f0:ea:76:30:5d:7f:45:34:2b:39:8d:9c:79:6a: 5d:01:ae:e0:57:1e:ff:c1:67:31:a6:8c:ec:2a:2b: a7:be:a7:28:ce:8d:5e:83:2e:ea:bf:55:fc:d1:1c: 38:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:D5:D9:B9:88:9A:6A:C4:69:92:1D:8C:1B:A8:2B:D6:61:AC:25:1D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146461.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aee3::/32 Signature Algorithm: sha256WithRSAEncryption 9c:6e:fa:dd:48:c5:0e:7e:d5:2f:a3:91:36:2e:2a:40:48:ea: 56:1b:15:fa:87:a0:19:35:61:92:c4:06:26:72:d6:0a:71:1a: ee:38:54:56:1c:0c:e4:fb:27:7d:73:6e:23:8d:5f:96:4e:84: df:6e:e3:fb:91:a9:06:c4:29:4b:2c:f7:2c:b9:b7:b7:4e:a9: 72:e3:47:e4:33:dc:dd:9a:3a:03:3f:9b:46:3c:70:e9:ca:d8: df:84:2b:f3:40:70:bd:d8:d1:db:ce:7f:0d:85:3e:da:e8:79: 87:91:86:27:22:12:8f:e0:a1:92:0e:3c:d7:a1:8e:8d:a0:aa: 22:4e:df:c3:74:fb:ff:5f:f5:9e:b7:1d:7f:a7:0d:cb:bf:f0: de:a8:be:48:90:ea:fd:b8:36:37:dc:c7:6a:6b:53:f9:f5:28: 02:33:71:81:33:62:30:be:af:d9:dd:a3:44:58:f6:ec:70:06: c6:2a:70:7c:50:7d:f8:23:83:ed:f4:38:90:67:0c:00:29:36: 2d:a7:fb:3d:4a:dc:0d:fe:ec:c3:a2:66:98:51:b7:02:97:2c: 7f:5f:80:90:b9:4b:f7:42:43:00:a4:79:41:47:01:17:6a:51: 3d:47:30:ff:fa:b2:12:c9:8e:f3:23:e9:86:e9:2c:62:b2:42: 2b:9d:cf:c2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTgxktFROnY4YOH3w04FpnM/cmIkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg0N1oX DTI3MDMwMzA2MzM0N1owMzExMC8GA1UEAxMoNkZENUQ5Qjk4ODlBNkFDNDY5OTIx RDhDMUJBODJCRDY2MUFDMjUxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKf1yh4tCG6CStuSNdxeGu1523Ecp7Gcqr+Zf/e5Oup89dwNpIX/BBQn0Amu HRQp9NO0rZhJh+fE1iGnfTPyA2sRTCXbE1ZZslyR6p+sBV1mlb3SdRcOHg4Pa4h+ 6RldB7waVI7sePnI252B2mEe9SwvGl47XczZ8ZJL+kX5e8nfau+EKLNNYqqDpymH rkxIRjHqPK0wtnULVmctyMUto5jGK6OYe3VZLzQrYdz12AVNTyldlRz5DRVctY/V Syk5vLEfhGTHbARmqnft+KVLMO+53PDqdjBdf0U0KzmNnHlqXQGu4Fce/8FnMaaM 7Corp76nKM6NXoMu6r9V/NEcOFUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRv1dm5 iJpqxGmSHYwbqCvWYawlHTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ruMwDQYJKoZIhvcNAQELBQADggEBAJxu+t1IxQ5+1S+jkTYuKkBI6lYbFfqHoBk1 YZLEBiZy1gpxGu44VFYcDOT7J31zbiONX5ZOhN9u4/uRqQbEKUss9yy5t7dOqXLj R+Qz3N2aOgM/m0Y8cOnK2N+EK/NAcL3Y0dvOfw2FPtroeYeRhiciEo/goZIOPNeh jo2gqiJO38N0+/9f9Z63HX+nDcu/8N6ovkiQ6v24Njfcx2prU/n1KAIzcYEzYjC+ r9ndo0RY9uxwBsYqcHxQffgjg+30OJBnDAApNi2n+z1K3A3+7MOiZphRtwKXLH9f gJC5S/dCQwCkeUFHARdqUT1HMP/6shLJjvMj6YbpLGKyQiudz8I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:46 2026 by rpki-client