$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146522.roa File: AS146522.roa (raw, json) Hash identifier: OhXPcJh+Ut/30CV9ruotsOwSZO8zSu4H58qVKJqaBIQ= Subject key identifier: 87:97:68:13:96:7E:B7:E4:5D:5F:09:D5:8B:7A:86:A5:85:72:05:E8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D3B5606307965C1319B46C287671F6D9640D459 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146522.roa Signing time: Wed 04 Mar 2026 06:39:49 +0000 ROA not before: Wed 04 Mar 2026 06:34:49 +0000 ROA not after: Wed 03 Mar 2027 06:39:49 +0000 asID: 146522 IP address blocks: 240a:af20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:3b:56:06:30:79:65:c1:31:9b:46:c2:87:67:1f:6d:96:40:d4:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:49 2026 GMT Not After : Mar 3 06:39:49 2027 GMT Subject: CN=87976813967EB7E45D5F09D58B7A86A5857205E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:3a:24:fc:5e:aa:34:16:05:a0:e2:67:b8:f8: 09:9b:45:dc:71:97:52:5e:92:de:ae:e5:c4:59:2f: c5:63:a7:58:25:b7:8d:32:7d:c4:bf:78:9a:b9:a9: bb:d5:69:35:69:fb:3d:63:bd:8d:6d:5c:fb:12:3d: 80:5b:9a:49:99:e9:0c:63:f9:e0:55:33:99:9a:db: 78:48:21:87:91:7b:5e:3f:1f:96:82:20:95:a4:94: c4:cd:c5:db:42:3c:bb:c9:0b:fb:54:1e:42:90:64: 90:36:94:16:fb:1e:c5:e7:d4:f9:6b:d3:07:e6:b0: 28:32:5d:16:a6:80:0c:e1:18:4d:49:a0:7a:74:9f: 64:c2:e5:12:63:cf:30:fa:37:3c:17:0a:f7:d5:b6: 5a:93:0f:c8:54:15:e4:ab:8a:0f:ab:9b:b6:69:5c: 68:4e:b5:24:77:61:1d:31:db:07:5c:10:30:85:a1: 12:83:e4:a0:53:18:ee:f9:a4:a2:73:de:00:8d:dc: d4:97:2e:1c:04:2a:27:18:20:25:2c:98:01:72:25: 9b:ba:b6:6d:99:f2:c5:84:b9:d0:5b:bb:d0:e5:ef: 6d:1c:34:e5:7c:0d:fb:7b:19:48:d3:d6:32:5f:c4: 70:8f:b8:06:f5:8b:b6:e2:f6:44:f0:ff:ee:3d:c9: 22:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:97:68:13:96:7E:B7:E4:5D:5F:09:D5:8B:7A:86:A5:85:72:05:E8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146522.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af20::/32 Signature Algorithm: sha256WithRSAEncryption 87:a9:26:72:09:a7:35:c9:97:89:41:52:d5:97:eb:6e:fb:db: 2a:f5:8d:24:3e:a0:46:7d:52:c7:98:b1:be:cf:cb:f0:a5:b3: f2:58:ec:a2:cf:e0:3d:cc:20:d7:ec:c4:77:1b:9e:4d:a9:78: 3f:28:bb:8c:0a:9a:dd:62:9a:0b:11:88:d4:f9:ca:0b:c2:97: 46:1e:5d:aa:02:f5:7f:85:ab:7d:68:67:e8:9c:d8:05:52:8d: 2c:61:91:cd:50:4e:b0:68:ba:f3:24:4d:06:75:5f:94:5a:ee: e4:98:19:42:e6:f2:59:5a:64:b1:3c:bf:f6:f7:47:1b:54:70: 38:51:a2:8e:ee:ce:2f:f4:4a:8a:98:eb:f4:ad:33:2b:71:71: a5:7c:4a:c1:3f:a0:68:56:bf:2c:84:43:7f:0e:a5:7d:c8:d3: 9f:12:6c:85:76:73:82:c2:db:67:70:1f:34:84:91:92:3d:15: 52:a7:42:33:47:57:12:44:3f:47:22:ce:a0:88:70:4c:85:14: 03:d8:d1:2d:9a:c7:da:7d:86:90:dc:fc:29:d2:9e:be:e6:9f: c8:89:a2:20:1d:b6:27:1b:6b:0f:87:5b:54:87:95:9c:5b:a8: ce:d3:ea:52:7f:5c:83:01:63:a7:13:22:56:87:cc:a4:f6:cb: ca:a5:22:0e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTTtWBjB5ZcExm0bCh2cfbZZA1FkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0OVoX DTI3MDMwMzA2Mzk0OVowMzExMC8GA1UEAxMoODc5NzY4MTM5NjdFQjdFNDVENUYw OUQ1OEI3QTg2QTU4NTcyMDVFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJw6JPxeqjQWBaDiZ7j4CZtF3HGXUl6S3q7lxFkvxWOnWCW3jTJ9xL94mrmp u9VpNWn7PWO9jW1c+xI9gFuaSZnpDGP54FUzmZrbeEghh5F7Xj8floIglaSUxM3F 20I8u8kL+1QeQpBkkDaUFvsexefU+WvTB+awKDJdFqaADOEYTUmgenSfZMLlEmPP MPo3PBcK99W2WpMPyFQV5KuKD6ubtmlcaE61JHdhHTHbB1wQMIWhEoPkoFMY7vmk onPeAI3c1JcuHAQqJxggJSyYAXIlm7q2bZnyxYS50Fu70OXvbRw05XwN+3sZSNPW Ml/EcI+4BvWLtuL2RPD/7j3JItsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSHl2gT ln635F1fCdWLeoalhXIF6DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjUyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ryAwDQYJKoZIhvcNAQELBQADggEBAIepJnIJpzXJl4lBUtWX62772yr1jSQ+oEZ9 UseYsb7Py/Cls/JY7KLP4D3MINfsxHcbnk2peD8ou4wKmt1imgsRiNT5ygvCl0Ye XaoC9X+Fq31oZ+ic2AVSjSxhkc1QTrBouvMkTQZ1X5Ra7uSYGULm8llaZLE8v/b3 RxtUcDhRoo7uzi/0SoqY6/StMytxcaV8SsE/oGhWvyyEQ38OpX3I058SbIV2c4LC 22dwHzSEkZI9FVKnQjNHVxJEP0cizqCIcEyFFAPY0S2ax9p9hpDc/CnSnr7mn8iJ oiAdticbaw+HW1SHlZxbqM7T6lJ/XIMBY6cTIlaHzKT2y8qlIg4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:21 2026 by rpki-client