$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146552.roa File: AS146552.roa (raw, json) Hash identifier: nKCKKAAgojJGO2NllQlAEsz1w/IOdCp7vJfU07SOJts= Subject key identifier: BE:91:30:BC:1A:3A:D9:59:B9:10:A9:31:02:02:A1:2D:5E:E7:20:64 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 19707CA06F8D1EB3EC1D56AD654029F57073C877 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146552.roa Signing time: Wed 04 Mar 2026 06:39:21 +0000 ROA not before: Wed 04 Mar 2026 06:34:21 +0000 ROA not after: Wed 03 Mar 2027 06:39:21 +0000 asID: 146552 IP address blocks: 240a:af3e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:70:7c:a0:6f:8d:1e:b3:ec:1d:56:ad:65:40:29:f5:70:73:c8:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:21 2026 GMT Not After : Mar 3 06:39:21 2027 GMT Subject: CN=BE9130BC1A3AD959B910A9310202A12D5EE72064 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:18:b0:43:51:08:9a:6b:2d:83:df:94:e1:6b: 9b:64:83:af:37:95:5d:1f:5c:7f:81:3b:dd:25:8c: 72:38:6b:09:52:a7:2a:cb:0e:65:27:dc:d2:6f:cb: a1:4c:49:7d:38:47:07:1d:9f:48:20:b8:97:89:1a: 1a:c4:36:af:19:99:a9:df:3e:f2:67:ab:a6:61:38: e8:fb:24:81:bd:3c:61:12:12:a2:ac:5e:30:95:a1: 1a:8a:5b:67:57:e1:35:fe:a0:6a:36:46:6a:8c:f1: 74:74:94:c9:0f:85:52:9a:4e:3b:e8:b4:b0:94:b2: ab:4b:ff:1a:7f:92:f9:b9:1c:89:d2:42:6e:00:d7: b9:9b:44:7b:3f:ad:43:4b:39:b0:4f:10:3f:fb:8b: 2e:1f:bc:89:aa:66:f5:96:6a:6b:17:f9:ff:92:4b: 9a:05:55:c7:8a:20:f3:66:08:53:ee:24:e7:e6:4e: a4:a4:e0:e9:aa:e1:d4:03:75:c3:ff:3e:ff:22:be: 4d:3b:86:a3:36:11:19:3c:c4:ac:62:c9:f1:32:c3: ca:fb:7c:9f:76:50:42:c2:da:0b:91:02:4a:67:88: ae:f4:a9:a3:c1:7d:67:b2:e4:de:67:b6:8e:bb:3c: fc:ca:13:73:07:06:63:42:29:53:ac:18:00:d1:72: 9a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:91:30:BC:1A:3A:D9:59:B9:10:A9:31:02:02:A1:2D:5E:E7:20:64 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146552.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af3e::/32 Signature Algorithm: sha256WithRSAEncryption b6:44:07:0e:a0:a7:fb:5b:0b:38:84:48:f3:54:d1:e2:c2:99: ad:cd:99:48:ab:0d:4c:34:0d:45:a5:c5:07:c6:04:84:3f:0f: 97:e0:37:73:33:4e:73:cc:fb:a4:c1:23:54:63:99:07:eb:b6: ff:02:a1:89:49:9e:41:ad:b0:0a:ef:01:a9:cd:85:ee:e2:55: 1f:fd:81:b8:ac:35:58:3e:26:55:e6:12:62:73:c4:e5:3f:06: f2:d6:4e:c3:7c:4e:82:78:8a:bd:f1:37:01:e1:1a:2a:35:26: 09:4a:ff:dc:51:63:22:03:0b:2e:71:0c:ba:da:f0:98:be:6b: 4e:6c:e7:df:3d:64:a0:dc:04:97:b9:b6:7c:a9:52:1e:75:1f: a7:da:21:3c:1d:25:f7:1b:6a:b4:e8:13:e2:7c:25:58:9d:33: 0f:ec:56:b7:eb:a7:27:a4:73:c6:47:a6:23:5e:75:2c:3b:fe: e5:df:8b:4c:d1:88:b8:36:68:ae:0e:72:6d:3d:49:26:44:7a: ba:f2:41:bd:f8:4a:0f:8f:54:55:28:2f:59:cb:56:d6:ef:20: 8f:77:05:a7:b2:e1:59:ca:50:1f:87:53:0d:58:7d:11:e2:30: bd:32:98:af:89:ec:e0:0d:64:ce:94:14:b9:f7:f1:47:d7:25: e8:7f:a4:3f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGXB8oG+NHrPsHVatZUAp9XBzyHcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQyMVoX DTI3MDMwMzA2MzkyMVowMzExMC8GA1UEAxMoQkU5MTMwQkMxQTNBRDk1OUI5MTBB OTMxMDIwMkExMkQ1RUU3MjA2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKwYsENRCJprLYPflOFrm2SDrzeVXR9cf4E73SWMcjhrCVKnKssOZSfc0m/L oUxJfThHBx2fSCC4l4kaGsQ2rxmZqd8+8merpmE46Pskgb08YRISoqxeMJWhGopb Z1fhNf6gajZGaozxdHSUyQ+FUppOO+i0sJSyq0v/Gn+S+bkcidJCbgDXuZtEez+t Q0s5sE8QP/uLLh+8iapm9ZZqaxf5/5JLmgVVx4og82YIU+4k5+ZOpKTg6arh1AN1 w/8+/yK+TTuGozYRGTzErGLJ8TLDyvt8n3ZQQsLaC5ECSmeIrvSpo8F9Z7Lk3me2 jrs8/MoTcwcGY0IpU6wYANFymoUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS+kTC8 GjrZWbkQqTECAqEtXucgZDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjU1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK rz4wDQYJKoZIhvcNAQELBQADggEBALZEBw6gp/tbCziESPNU0eLCma3NmUirDUw0 DUWlxQfGBIQ/D5fgN3MzTnPM+6TBI1RjmQfrtv8CoYlJnkGtsArvAanNhe7iVR/9 gbisNVg+JlXmEmJzxOU/BvLWTsN8ToJ4ir3xNwHhGio1JglK/9xRYyIDCy5xDLra 8Ji+a05s5989ZKDcBJe5tnypUh51H6faITwdJfcbarToE+J8JVidMw/sVrfrpyek c8ZHpiNedSw7/uXfi0zRiLg2aK4Ocm09SSZEerryQb34Sg+PVFUoL1nLVtbvII93 Baey4VnKUB+HUw1YfRHiML0ymK+J7OANZM6UFLn38UfXJeh/pD8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:28 2026 by rpki-client