$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146489.roa File: AS146489.roa (raw, json) Hash identifier: DvH21RiYNzfHUA2IM6Fhmg4x6IbRbO7nfP+1e1/NN/Y= Subject key identifier: 18:78:A2:53:C3:EA:7A:BF:21:B7:51:AF:14:74:38:50:3F:11:00:E8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 19C3508487BA87788A4C028DC9EF61818CACECEF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146489.roa Signing time: Wed 04 Mar 2026 06:33:56 +0000 ROA not before: Wed 04 Mar 2026 06:28:56 +0000 ROA not after: Wed 03 Mar 2027 06:33:56 +0000 asID: 146489 IP address blocks: 240a:aeff::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:c3:50:84:87:ba:87:78:8a:4c:02:8d:c9:ef:61:81:8c:ac:ec:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:28:56 2026 GMT Not After : Mar 3 06:33:56 2027 GMT Subject: CN=1878A253C3EA7ABF21B751AF147438503F1100E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:18:e3:44:f2:dc:a3:78:83:37:7b:0d:a1:b0: da:c2:5d:33:6a:4f:b0:92:4e:b7:5e:f6:a0:6e:06: b3:ed:cb:fc:a6:ae:e9:ea:26:f9:4a:ee:5a:6c:04: e7:e2:76:50:97:d4:ae:6b:bb:12:d6:c3:0d:63:2b: 15:9b:82:ac:aa:69:72:18:e1:58:9c:82:82:b4:ba: 42:13:eb:95:a2:4e:da:43:08:e9:76:7f:73:3d:11: 11:51:e7:5c:ff:65:96:f8:fd:ee:a0:bd:9e:ff:62: 6a:7a:5b:b8:a5:19:15:dc:10:8e:0b:62:76:a8:d0: 25:ec:ad:0e:35:95:22:94:92:94:aa:bb:99:b5:ed: 33:da:19:a5:e9:a2:2d:e8:52:4e:94:ad:ff:76:8a: 0e:a0:ce:ae:8e:77:7e:aa:a9:4b:40:6f:14:8d:3e: 1b:76:2c:9e:ec:b8:f3:31:19:df:2a:17:89:9c:a2: fa:3e:7f:89:f6:cd:e3:0f:a0:6e:ce:13:d8:ad:89: 8c:e3:13:fe:87:8a:19:b6:e9:ea:36:85:82:c0:03: c1:98:f5:cc:7d:e1:59:ed:ba:74:14:52:66:35:dd: 7e:40:7c:b6:1b:cc:e8:1a:4e:04:0a:22:62:c9:b3: ea:aa:f5:da:e2:b8:98:8a:91:5b:35:f6:2b:ae:72: b6:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:78:A2:53:C3:EA:7A:BF:21:B7:51:AF:14:74:38:50:3F:11:00:E8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146489.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aeff::/32 Signature Algorithm: sha256WithRSAEncryption 57:0c:16:ea:ad:55:2c:e5:d7:5d:18:be:1f:12:b5:5d:3f:aa: 43:7d:70:dc:df:75:db:b8:4a:01:05:64:54:0d:38:58:e5:9d: ed:97:a1:62:de:12:31:50:d0:c5:e9:f2:70:fa:bc:b9:77:62: 55:70:c2:d3:36:b7:01:e5:02:51:ce:0d:2b:81:c5:34:e2:84: 5d:66:27:fd:34:02:bf:41:37:4d:a5:10:a8:36:1b:aa:a7:a9: 33:67:7f:f0:62:7b:a7:a5:ed:82:25:e8:a9:31:da:ca:49:a1: 88:a8:e9:c5:93:4c:7d:e8:5a:b9:ec:6d:a5:aa:41:7f:52:cc: 1c:ff:47:62:51:ec:f1:84:c8:0e:3c:9a:d9:27:91:85:97:1e: 24:4d:2e:dc:c2:37:55:a7:eb:be:9c:d8:70:f6:7e:4d:40:bb: 75:54:a5:b2:08:56:ee:b9:a2:eb:9b:1f:55:17:8d:c9:b2:69: ec:98:a4:d9:2e:58:78:64:6c:9f:3a:11:2c:b7:3c:a5:95:e9: ad:e8:5d:6d:9e:85:26:a3:b2:70:00:66:88:e4:1b:3f:eb:84: be:f3:da:2a:32:93:32:81:93:90:40:ee:d1:4c:85:9e:e9:be: 34:63:54:3c:a2:50:01:7d:e7:f6:85:33:45:87:52:21:51:92: ef:13:8c:1b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGcNQhIe6h3iKTAKNye9hgYys7O8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2Mjg1NloX DTI3MDMwMzA2MzM1NlowMzExMC8GA1UEAxMoMTg3OEEyNTNDM0VBN0FCRjIxQjc1 MUFGMTQ3NDM4NTAzRjExMDBFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALkY40Ty3KN4gzd7DaGw2sJdM2pPsJJOt172oG4Gs+3L/Kau6eom+UruWmwE 5+J2UJfUrmu7EtbDDWMrFZuCrKppchjhWJyCgrS6QhPrlaJO2kMI6XZ/cz0REVHn XP9llvj97qC9nv9ianpbuKUZFdwQjgtidqjQJeytDjWVIpSSlKq7mbXtM9oZpemi LehSTpSt/3aKDqDOro53fqqpS0BvFI0+G3Ysnuy48zEZ3yoXiZyi+j5/ifbN4w+g bs4T2K2JjOMT/oeKGbbp6jaFgsADwZj1zH3hWe26dBRSZjXdfkB8thvM6BpOBAoi Ysmz6qr12uK4mIqRWzX2K65ytrUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQYeKJT w+p6vyG3Ua8UdDhQPxEA6DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjQ4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rv8wDQYJKoZIhvcNAQELBQADggEBAFcMFuqtVSzl110Yvh8StV0/qkN9cNzfddu4 SgEFZFQNOFjlne2XoWLeEjFQ0MXp8nD6vLl3YlVwwtM2twHlAlHODSuBxTTihF1m J/00Ar9BN02lEKg2G6qnqTNnf/Bie6el7YIl6Kkx2spJoYio6cWTTH3oWrnsbaWq QX9SzBz/R2JR7PGEyA48mtknkYWXHiRNLtzCN1Wn676c2HD2fk1Au3VUpbIIVu65 ouubH1UXjcmyaeyYpNkuWHhkbJ86ESy3PKWV6a3oXW2ehSajsnAAZojkGz/rhL7z 2ioykzKBk5BA7tFMhZ7pvjRjVDyiUAF95/aFM0WHUiFRku8TjBs= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:22 2026 by rpki-client