$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146467.roa File: AS146467.roa (raw, json) Hash identifier: 0v4yFBIT3O5WrQS+mwg43ah/QRq3BI3pqTC+geuEMRA= Subject key identifier: 98:7E:C3:5F:80:76:6E:5F:9A:A3:66:EC:9F:BB:39:CB:22:BA:CE:AB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4C21711CB9FC260775F5ABAEE17FB343F59A0828 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146467.roa Signing time: Wed 04 Mar 2026 06:33:45 +0000 ROA not before: Wed 04 Mar 2026 06:28:45 +0000 ROA not after: Wed 03 Mar 2027 06:33:45 +0000 asID: 146467 IP address blocks: 240a:aee9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:21:71:1c:b9:fc:26:07:75:f5:ab:ae:e1:7f:b3:43:f5:9a:08:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:45 2026 GMT Not After : Mar 3 06:33:45 2027 GMT Subject: CN=987EC35F80766E5F9AA366EC9FBB39CB22BACEAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e4:80:62:98:18:e4:99:46:41:20:dd:e7:86: 2f:46:f5:fc:fc:a1:78:24:92:6a:66:be:9d:ca:9c: 0d:00:90:62:68:05:57:62:c1:79:9e:fe:a9:30:de: 47:7d:94:c0:fb:ca:d2:6d:45:7a:2c:73:df:5e:63: ba:45:dd:35:57:cc:48:9a:77:a7:48:5f:31:ca:c6: d7:57:f5:e9:7b:25:29:b3:66:99:9c:e5:0e:5a:8c: 01:51:b2:ed:ce:13:a7:d4:ac:79:85:1b:ea:dd:12: ee:ba:a7:b9:7f:2c:1d:4e:bf:76:57:6b:d9:8d:c6: 8c:fa:f0:a5:f1:49:18:51:09:d4:c8:d1:2b:a3:d3: 4d:cd:b7:c6:71:e6:88:34:c7:f1:ac:51:4d:4f:e6: 0f:4c:4d:83:07:08:1f:1c:3f:d1:70:20:dc:b2:eb: 8d:f6:9d:74:91:d3:cf:94:53:4d:0a:f3:76:05:01: 2e:73:d6:8a:da:c0:0e:7a:1d:ce:1e:67:68:e1:2b: fe:d0:35:78:28:4a:52:d0:7d:c1:28:ac:bc:39:fc: 28:45:85:cb:a7:78:c0:ef:40:4e:08:cb:4a:8e:3d: 4c:d0:db:6c:a3:e5:05:b6:a2:d9:04:45:1a:2c:b5: 90:2c:71:67:25:13:d5:1c:6c:15:83:59:0a:5c:d9: 66:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:7E:C3:5F:80:76:6E:5F:9A:A3:66:EC:9F:BB:39:CB:22:BA:CE:AB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146467.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aee9::/32 Signature Algorithm: sha256WithRSAEncryption 1a:c6:57:85:b7:a7:1f:01:c4:0a:83:4b:34:f6:c0:2b:b5:41: 16:5a:94:60:c6:a2:ca:c1:e3:b5:2c:19:23:e4:01:d7:ea:23: b1:d2:b6:ca:9a:95:d0:b2:c9:41:df:9e:34:08:af:0a:51:e6: 85:0d:ea:35:32:19:5f:9b:d5:10:65:17:d3:f8:71:ea:b2:64: a3:58:59:71:c5:da:2b:dd:ef:82:09:c5:2f:7e:a1:2d:bf:32: 90:54:15:8a:9c:1e:b3:27:eb:4e:70:5c:84:b2:eb:8a:a2:2a: 0a:ae:51:54:93:0c:a9:92:b5:04:b9:95:3a:67:76:e2:58:77: 3b:a6:e5:37:4f:0a:cb:3d:39:7b:83:ca:b7:f7:dc:df:fe:dd: e0:b8:8a:b2:6a:21:7e:9e:4c:63:d1:61:90:26:f3:36:33:6b: 6c:8c:e5:c6:9d:aa:ec:69:1b:6f:41:75:19:af:9b:78:83:46: 27:43:4b:3a:70:67:9d:a8:e4:61:80:f0:e7:05:56:d4:68:b6: 72:7f:9c:21:b7:a6:e6:6d:f8:5d:70:2b:00:7e:39:2b:73:53: 0f:f6:dc:14:c8:64:da:7e:0a:a3:3d:76:2e:82:a3:62:1a:4a: b4:61:a6:f5:2f:b2:a0:23:95:3a:8f:6e:22:16:e9:78:64:ed: 2c:19:30:f6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTCFxHLn8Jgd19auu4X+zQ/WaCCgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg0NVoX DTI3MDMwMzA2MzM0NVowMzExMC8GA1UEAxMoOTg3RUMzNUY4MDc2NkU1RjlBQTM2 NkVDOUZCQjM5Q0IyMkJBQ0VBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHkgGKYGOSZRkEg3eeGL0b1/PyheCSSama+ncqcDQCQYmgFV2LBeZ7+qTDe R32UwPvK0m1Feixz315jukXdNVfMSJp3p0hfMcrG11f16XslKbNmmZzlDlqMAVGy 7c4Tp9SseYUb6t0S7rqnuX8sHU6/dldr2Y3GjPrwpfFJGFEJ1MjRK6PTTc23xnHm iDTH8axRTU/mD0xNgwcIHxw/0XAg3LLrjfaddJHTz5RTTQrzdgUBLnPWitrADnod zh5naOEr/tA1eChKUtB9wSisvDn8KEWFy6d4wO9ATgjLSo49TNDbbKPlBbai2QRF Giy1kCxxZyUT1RxsFYNZClzZZscCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSYfsNf gHZuX5qjZuyfuznLIrrOqzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rukwDQYJKoZIhvcNAQELBQADggEBABrGV4W3px8BxAqDSzT2wCu1QRZalGDGosrB 47UsGSPkAdfqI7HStsqaldCyyUHfnjQIrwpR5oUN6jUyGV+b1RBlF9P4ceqyZKNY WXHF2ivd74IJxS9+oS2/MpBUFYqcHrMn605wXISy64qiKgquUVSTDKmStQS5lTpn duJYdzum5TdPCss9OXuDyrf33N/+3eC4irJqIX6eTGPRYZAm8zYza2yM5cadquxp G29BdRmvm3iDRidDSzpwZ52o5GGA8OcFVtRotnJ/nCG3puZt+F1wKwB+OStzUw/2 3BTIZNp+CqM9di6Co2IaSrRhpvUvsqAjlTqPbiIW6Xhk7SwZMPY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:26 2026 by rpki-client