$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146521.roa File: AS146521.roa (raw, json) Hash identifier: zdBBdY84mV+R6RBT4V+C7crhkNy6w7y9H0MHjon/M2E= Subject key identifier: 52:D3:0B:A9:25:2F:27:39:BC:83:A1:6B:FD:E0:2B:90:6C:65:E3:80 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 556A22E9094F796F67A0F5E8839511F895AF1A11 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146521.roa Signing time: Wed 04 Mar 2026 06:39:16 +0000 ROA not before: Wed 04 Mar 2026 06:34:16 +0000 ROA not after: Wed 03 Mar 2027 06:39:16 +0000 asID: 146521 IP address blocks: 240a:af1f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:6a:22:e9:09:4f:79:6f:67:a0:f5:e8:83:95:11:f8:95:af:1a:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:16 2026 GMT Not After : Mar 3 06:39:16 2027 GMT Subject: CN=52D30BA9252F2739BC83A16BFDE02B906C65E380 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:f0:d4:67:f8:12:f4:2c:df:68:f1:b7:04:fd: fa:ce:fb:6a:d2:81:f9:a7:64:d2:66:ea:47:04:2d: c8:4f:d7:57:49:0a:51:ff:06:21:03:8a:c5:36:1c: 07:c1:a1:f9:e6:55:8c:b2:e8:cd:18:8d:4e:20:a5: a0:8a:07:24:a2:80:3a:b4:b1:9e:98:aa:bc:40:a2: 62:ce:06:f8:e1:f3:b4:61:07:29:98:4e:79:a9:cd: 0c:17:a0:3f:2e:97:54:cb:f5:06:95:f0:a8:1b:64: 18:39:0b:81:a6:20:55:40:0a:bd:b8:97:26:c8:ec: d3:42:84:b0:cd:56:b3:52:6c:b3:1a:dc:5b:2f:c8: d1:c2:db:9c:78:59:5c:bd:e0:3e:b1:a4:e4:0b:11: 3e:44:d9:de:dc:ad:d2:47:a2:d3:d5:01:7c:d6:23: 4b:c6:a2:5f:23:1f:41:6c:86:87:84:90:b8:ca:a5: 45:82:de:ee:4e:28:93:ef:81:30:d5:ce:b7:22:51: 4a:c4:1f:1e:04:b1:e0:54:5b:bd:f1:f7:40:97:18: f8:9d:83:45:a6:6b:bc:62:41:eb:cd:87:8f:8e:ae: fc:8c:a6:fa:87:87:ba:97:b2:45:0a:d7:a9:b6:4c: 53:3e:62:4d:81:7e:21:00:75:18:15:26:41:26:34: 0c:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:D3:0B:A9:25:2F:27:39:BC:83:A1:6B:FD:E0:2B:90:6C:65:E3:80 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af1f::/32 Signature Algorithm: sha256WithRSAEncryption 6d:05:af:c6:45:e8:00:20:12:b4:7a:b2:e8:c9:6d:d0:8c:d3: 5d:42:9c:9c:1f:21:82:63:62:6d:48:cd:db:0c:f6:c8:a8:67: 8d:c1:0b:8e:91:81:f1:77:03:54:c8:30:5e:a3:73:74:43:2a: d3:e1:5e:21:4e:b5:be:ea:f8:e4:1b:be:68:e3:ac:50:27:86: a9:97:35:72:3b:b8:b8:18:4a:d6:02:85:34:aa:c1:1f:42:9a: 3e:92:b8:4b:5a:dd:4a:72:bb:a6:8e:c9:a3:6e:0b:8a:90:8c: 4a:e1:e6:fc:57:de:01:b2:ec:fc:40:13:fb:25:22:36:f3:b7: 0d:bf:3b:6a:1f:c8:6c:3b:28:82:08:59:3f:2a:44:23:7d:ad: 7f:35:4e:af:9f:26:aa:61:ef:5a:9c:77:83:1e:da:dc:ba:a2: db:56:82:92:4a:0a:b1:c1:c0:95:f9:4c:be:87:2c:d2:6e:33: a4:73:69:23:95:49:ed:52:f6:fe:99:1a:b2:8e:68:0c:94:13: 69:0b:03:2c:0e:75:85:6c:c4:72:3d:1d:0a:a5:dd:05:89:08: ff:4c:e0:20:78:4e:e0:78:c9:dd:ac:d3:1d:97:4f:31:ea:b2: f9:b1:ae:8b:68:00:19:33:bb:e1:53:14:1a:5e:8d:3a:c8:e8: d9:f5:f9:36 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVWoi6QlPeW9noPXog5UR+JWvGhEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQxNloX DTI3MDMwMzA2MzkxNlowMzExMC8GA1UEAxMoNTJEMzBCQTkyNTJGMjczOUJDODNB MTZCRkRFMDJCOTA2QzY1RTM4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANPw1Gf4EvQs32jxtwT9+s77atKB+adk0mbqRwQtyE/XV0kKUf8GIQOKxTYc B8Gh+eZVjLLozRiNTiCloIoHJKKAOrSxnpiqvECiYs4G+OHztGEHKZhOeanNDBeg Py6XVMv1BpXwqBtkGDkLgaYgVUAKvbiXJsjs00KEsM1Ws1JssxrcWy/I0cLbnHhZ XL3gPrGk5AsRPkTZ3tyt0kei09UBfNYjS8aiXyMfQWyGh4SQuMqlRYLe7k4ok++B MNXOtyJRSsQfHgSx4FRbvfH3QJcY+J2DRaZrvGJB682Hj46u/Iym+oeHupeyRQrX qbZMUz5iTYF+IQB1GBUmQSY0DNUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRS0wup JS8nObyDoWv94CuQbGXjgDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjUyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rx8wDQYJKoZIhvcNAQELBQADggEBAG0Fr8ZF6AAgErR6sujJbdCM011CnJwfIYJj Ym1IzdsM9sioZ43BC46RgfF3A1TIMF6jc3RDKtPhXiFOtb7q+OQbvmjjrFAnhqmX NXI7uLgYStYChTSqwR9Cmj6SuEta3Upyu6aOyaNuC4qQjErh5vxX3gGy7PxAE/sl Ijbztw2/O2ofyGw7KIIIWT8qRCN9rX81Tq+fJqph71qcd4Me2ty6ottWgpJKCrHB wJX5TL6HLNJuM6RzaSOVSe1S9v6ZGrKOaAyUE2kLAywOdYVsxHI9HQql3QWJCP9M 4CB4TuB4yd2s0x2XTzHqsvmxrotoABkzu+FTFBpejTrI6Nn1+TY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:46 2026 by rpki-client