$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146559.roa File: AS146559.roa (raw, json) Hash identifier: FKMVSUErZAi+hFphTF2CsIlYaHu1oNgpzgwJFuMHgG8= Subject key identifier: 4F:A2:66:37:17:F0:95:6D:FE:9D:BB:3B:F9:DA:AD:DE:69:C6:07:F2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 37D8F05729EE2F6F91405F465D4D60F53731E734 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146559.roa Signing time: Wed 04 Mar 2026 06:39:53 +0000 ROA not before: Wed 04 Mar 2026 06:34:53 +0000 ROA not after: Wed 03 Mar 2027 06:39:53 +0000 asID: 146559 IP address blocks: 240a:af45::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:d8:f0:57:29:ee:2f:6f:91:40:5f:46:5d:4d:60:f5:37:31:e7:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:53 2026 GMT Not After : Mar 3 06:39:53 2027 GMT Subject: CN=4FA2663717F0956DFE9DBB3BF9DAADDE69C607F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:84:65:ba:55:33:d4:8d:dc:45:ad:8f:9e:33: 9c:6f:8e:7e:4b:d4:b2:77:6c:08:d6:49:2c:73:05: 76:bd:96:b4:cf:8c:b7:5f:1f:fc:48:49:f2:87:dc: 38:1a:ad:a6:9a:85:02:34:48:39:7b:9f:84:1a:fa: 05:70:82:d5:bd:24:29:78:ec:e5:23:51:53:70:ae: 34:75:6b:b2:d7:a0:91:9a:50:ce:ed:02:95:75:32: c1:38:73:0a:a6:72:29:47:0c:5c:cb:77:84:c9:3d: de:20:96:bf:7e:80:8b:0a:85:68:84:25:72:30:83: 6b:98:92:75:68:f2:21:12:50:ba:c5:0d:07:fc:3e: e6:ce:38:20:f9:2b:bc:97:11:79:d5:27:1a:d4:21: 0a:bd:4d:44:a2:ea:b2:53:6f:d6:6e:2a:0f:38:cd: 19:8f:32:7e:ae:1b:78:3a:b2:ae:c0:c9:b3:12:6b: e5:4f:36:b0:76:8d:7c:95:7d:2b:67:25:6f:a3:eb: ee:53:2a:10:ca:e9:7e:c3:18:1c:31:79:c5:1f:fb: 91:8f:86:ad:d8:40:f0:bd:4b:48:8c:fb:6d:b0:50: c0:cd:a7:93:b1:e1:9d:63:2e:46:99:a8:e6:46:3b: f9:a1:7e:18:d2:79:57:88:ac:a7:93:1f:7a:45:df: bb:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:A2:66:37:17:F0:95:6D:FE:9D:BB:3B:F9:DA:AD:DE:69:C6:07:F2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146559.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af45::/32 Signature Algorithm: sha256WithRSAEncryption ad:81:9e:c2:7e:be:2b:7c:51:03:a3:7d:b5:79:9c:dc:d3:90: 3f:5c:6b:9e:bd:02:17:9a:7a:f6:3f:70:84:9b:d3:dc:f3:af: a2:b6:13:bc:0a:e1:f5:c0:63:db:de:c3:82:69:6b:c7:2f:2d: 18:a4:a8:3f:ad:e0:8d:8d:4d:96:c3:be:6a:0d:26:03:06:35: 52:74:4c:a4:03:db:69:2e:6a:c1:a9:65:39:68:99:94:12:4f: 31:46:a3:35:9d:aa:f7:19:9f:8d:8b:ec:1e:c5:50:7d:c6:55: 00:fc:12:e8:3b:d0:ce:7c:84:14:3a:02:c3:51:fa:da:27:a7: e4:85:77:58:fd:e2:81:68:50:66:f5:c3:ad:e1:d6:9b:ee:90: aa:71:e9:c7:f5:53:60:d3:16:34:79:39:f5:d3:a8:9a:2b:cb: be:bc:17:31:87:7f:4e:8c:ba:fb:c7:c4:c3:3c:22:15:dc:92: 12:3a:f8:45:c4:ef:d7:23:da:f1:a5:b6:4e:2f:03:eb:5f:fe: 92:4e:57:04:2b:b7:ca:f1:b4:db:3c:26:e4:17:ac:52:e4:68: c5:e1:b1:a7:b9:45:6e:8f:75:41:20:48:b8:da:d1:d1:39:c0: 6a:ad:7e:73:3a:42:79:50:28:4b:10:c7:5c:af:01:46:bf:db: 2b:88:b1:57 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUN9jwVynuL2+RQF9GXU1g9Tcx5zQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ1M1oX DTI3MDMwMzA2Mzk1M1owMzExMC8GA1UEAxMoNEZBMjY2MzcxN0YwOTU2REZFOURC QjNCRjlEQUFEREU2OUM2MDdGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKKEZbpVM9SN3EWtj54znG+OfkvUsndsCNZJLHMFdr2WtM+Mt18f/EhJ8ofc OBqtppqFAjRIOXufhBr6BXCC1b0kKXjs5SNRU3CuNHVrstegkZpQzu0ClXUywThz CqZyKUcMXMt3hMk93iCWv36AiwqFaIQlcjCDa5iSdWjyIRJQusUNB/w+5s44IPkr vJcRedUnGtQhCr1NRKLqslNv1m4qDzjNGY8yfq4beDqyrsDJsxJr5U82sHaNfJV9 K2clb6Pr7lMqEMrpfsMYHDF5xR/7kY+GrdhA8L1LSIz7bbBQwM2nk7HhnWMuRpmo 5kY7+aF+GNJ5V4isp5MfekXfuwUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRPomY3 F/CVbf6duzv52q3eacYH8jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjU1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r0UwDQYJKoZIhvcNAQELBQADggEBAK2BnsJ+vit8UQOjfbV5nNzTkD9ca569Ahea evY/cISb09zzr6K2E7wK4fXAY9vew4Jpa8cvLRikqD+t4I2NTZbDvmoNJgMGNVJ0 TKQD22kuasGpZTlomZQSTzFGozWdqvcZn42L7B7FUH3GVQD8Eug70M58hBQ6AsNR +tonp+SFd1j94oFoUGb1w63h1pvukKpx6cf1U2DTFjR5OfXTqJory768FzGHf06M uvvHxMM8IhXckhI6+EXE79cj2vGltk4vA+tf/pJOVwQrt8rxtNs8JuQXrFLkaMXh sae5RW6PdUEgSLja0dE5wGqtfnM6QnlQKEsQx1yvAUa/2yuIsVc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:17 2026 by rpki-client