$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146468.roa File: AS146468.roa (raw, json) Hash identifier: CVAdiiGcrzYvVvgl2tXbVZxOVBONs9P+lCs5KC8sCEQ= Subject key identifier: 08:88:4E:C5:3D:55:69:24:20:A5:95:18:B3:C4:B4:78:31:50:45:DA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 158C500B4ECF231806BD249A950E0E7B9236421F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146468.roa Signing time: Wed 04 Mar 2026 06:34:04 +0000 ROA not before: Wed 04 Mar 2026 06:29:04 +0000 ROA not after: Wed 03 Mar 2027 06:34:04 +0000 asID: 146468 IP address blocks: 240a:aeea::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:8c:50:0b:4e:cf:23:18:06:bd:24:9a:95:0e:0e:7b:92:36:42:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:29:04 2026 GMT Not After : Mar 3 06:34:04 2027 GMT Subject: CN=08884EC53D55692420A59518B3C4B478315045DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:83:ab:a3:af:c4:7f:c0:72:70:d3:64:56:97: b0:cd:e3:cb:29:08:08:92:33:d9:a9:a2:2c:df:4f: 7d:85:3c:bf:49:30:10:19:0d:4e:01:7c:37:2e:a7: 15:3f:8f:4b:b5:a6:e4:57:4d:15:8e:42:11:39:9d: 97:b9:7c:34:01:ee:60:7a:32:6c:e3:b1:ff:df:1f: 51:04:30:3d:8b:6b:e9:10:15:28:51:8d:76:68:e2: 6a:b7:bb:5b:0b:47:47:9c:f5:2a:64:36:2d:1c:a2: 07:e6:98:85:25:24:26:ab:f5:c9:32:3a:6c:b2:5d: bb:98:b4:93:e3:3b:23:d7:41:6e:86:b8:fe:6b:a1: fa:a8:d4:0d:37:af:d3:69:df:71:31:40:fe:a0:32: 15:f1:85:4e:1e:fb:4c:e1:40:ac:01:d8:c0:49:d2: 31:c3:af:77:d6:90:07:05:ff:32:88:02:7c:8e:4e: 61:13:39:87:33:2f:67:2d:ba:97:7a:5d:33:dd:72: 29:71:cd:47:ad:c8:8f:b0:95:47:2a:ed:41:14:53: 38:da:01:6e:f6:a3:57:37:d9:3d:4b:5a:2a:f0:a0: 10:83:29:d4:37:42:ef:f0:39:94:6a:e6:11:bb:68: 1f:ac:7f:0f:ea:35:cb:52:b1:2c:d9:be:43:16:5b: 37:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:88:4E:C5:3D:55:69:24:20:A5:95:18:B3:C4:B4:78:31:50:45:DA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146468.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aeea::/32 Signature Algorithm: sha256WithRSAEncryption 80:5c:3c:26:51:73:e7:97:05:ce:ac:26:ea:0e:83:e8:60:29: e5:f3:84:d2:ed:60:9f:34:6d:82:90:7c:55:fa:bd:ab:7a:01: fe:88:5e:21:1e:80:83:4f:a9:8c:24:67:c6:27:09:0a:b2:cc: 4d:2a:f3:12:41:7d:f3:09:62:d4:1c:f8:b7:fd:eb:3f:19:27: 3b:39:7e:02:d0:08:9d:90:f6:99:42:2f:d6:31:09:ec:52:ab: e9:84:b4:a0:1b:dc:97:01:15:c7:42:a1:c2:63:9e:6a:83:a5: 7a:1f:19:43:f8:4e:81:93:5f:4a:4b:73:0f:a9:de:a5:49:20: da:53:89:02:a4:94:1a:1d:67:6a:28:a2:ba:ab:cd:7b:aa:90: 1f:16:36:d1:9c:22:29:a5:62:85:49:60:29:57:cb:e1:b8:f4: 38:90:04:e4:3e:2f:39:d7:5b:86:94:44:66:de:64:c1:59:d5: 2f:b2:ca:0d:65:58:98:c9:88:dc:1b:d7:0d:56:ac:3f:51:d1: 4e:c6:b4:6a:1a:79:0a:26:23:2c:57:8b:98:01:67:f4:53:bd: 03:2f:7d:e1:ed:4d:7b:15:6f:8e:95:75:37:e6:35:db:2e:e6: c1:bb:7f:bd:a7:4d:fa:a5:b9:57:47:f9:f5:00:38:c5:50:7c: 7f:7a:b1:65 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFYxQC07PIxgGvSSalQ4Oe5I2Qh8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MjkwNFoX DTI3MDMwMzA2MzQwNFowMzExMC8GA1UEAxMoMDg4ODRFQzUzRDU1NjkyNDIwQTU5 NTE4QjNDNEI0NzgzMTUwNDVEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPWDq6OvxH/AcnDTZFaXsM3jyykICJIz2amiLN9PfYU8v0kwEBkNTgF8Ny6n FT+PS7Wm5FdNFY5CETmdl7l8NAHuYHoybOOx/98fUQQwPYtr6RAVKFGNdmjiare7 WwtHR5z1KmQ2LRyiB+aYhSUkJqv1yTI6bLJdu5i0k+M7I9dBboa4/muh+qjUDTev 02nfcTFA/qAyFfGFTh77TOFArAHYwEnSMcOvd9aQBwX/MogCfI5OYRM5hzMvZy26 l3pdM91yKXHNR63Ij7CVRyrtQRRTONoBbvajVzfZPUtaKvCgEIMp1DdC7/A5lGrm EbtoH6x/D+o1y1KxLNm+QxZbN7kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQIiE7F PVVpJCCllRizxLR4MVBF2jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ruowDQYJKoZIhvcNAQELBQADggEBAIBcPCZRc+eXBc6sJuoOg+hgKeXzhNLtYJ80 bYKQfFX6vat6Af6IXiEegINPqYwkZ8YnCQqyzE0q8xJBffMJYtQc+Lf96z8ZJzs5 fgLQCJ2Q9plCL9YxCexSq+mEtKAb3JcBFcdCocJjnmqDpXofGUP4ToGTX0pLcw+p 3qVJINpTiQKklBodZ2ooorqrzXuqkB8WNtGcIimlYoVJYClXy+G49DiQBOQ+LznX W4aURGbeZMFZ1S+yyg1lWJjJiNwb1w1WrD9R0U7GtGoaeQomIyxXi5gBZ/RTvQMv feHtTXsVb46VdTfmNdsu5sG7f72nTfqluVdH+fUAOMVQfH96sWU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:13 2026 by rpki-client