$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146570.roa File: AS146570.roa (raw, json) Hash identifier: 2G+cAcnpYgFBXa9hackfUl25il3kwz33DlG1YExipiU= Subject key identifier: 86:D1:D3:2A:97:4A:88:9D:01:EB:81:C8:49:7E:3E:40:FC:FF:D2:94 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 767BD1997A33780B31DA3E890844EBCD9B8A7EA6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146570.roa Signing time: Wed 04 Mar 2026 06:39:46 +0000 ROA not before: Wed 04 Mar 2026 06:34:46 +0000 ROA not after: Wed 03 Mar 2027 06:39:46 +0000 asID: 146570 IP address blocks: 240a:af50::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:7b:d1:99:7a:33:78:0b:31:da:3e:89:08:44:eb:cd:9b:8a:7e:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:46 2026 GMT Not After : Mar 3 06:39:46 2027 GMT Subject: CN=86D1D32A974A889D01EB81C8497E3E40FCFFD294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a1:44:33:94:a6:db:be:7e:bc:c7:f9:61:0b: 71:8c:db:06:ee:16:48:05:7c:14:7f:b4:82:f8:c3: 06:38:12:8e:4c:e6:54:57:2e:02:41:29:8f:da:b6: 8b:43:2e:ca:94:c8:20:8b:35:e6:06:63:2a:7e:81: 1f:7e:e0:6d:30:28:73:8c:cd:90:09:c8:01:cd:17: ae:1c:e5:5d:d0:ce:98:bb:0f:8d:46:92:7c:7a:76: 00:42:03:9c:ed:27:e4:e5:27:2b:18:bc:91:a9:50: 15:dd:e6:d0:81:5b:b2:16:62:66:bf:dc:5d:87:82: d8:4d:55:b2:be:f9:82:c3:b7:cd:1b:55:a1:61:31: 4e:ec:a1:c8:84:c2:09:12:ca:ae:59:01:9b:93:79: 2e:4a:46:27:c0:41:a1:81:87:a9:ab:2f:77:fa:59: 2e:43:85:b3:d4:1e:f6:9b:7c:9c:d0:56:0e:d2:75: e9:06:8d:21:8b:63:21:ff:a5:ce:03:43:61:a9:11: ea:b2:d8:d4:c3:d0:ff:0a:e5:33:29:d3:8b:e3:4c: 54:c6:10:e7:ab:50:41:27:19:53:00:f5:3c:3f:54: f8:56:c0:08:68:94:4f:01:de:6d:0a:da:81:73:73: 49:5a:10:da:a8:7a:88:72:07:23:78:3f:ac:8d:26: 30:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:D1:D3:2A:97:4A:88:9D:01:EB:81:C8:49:7E:3E:40:FC:FF:D2:94 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146570.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af50::/32 Signature Algorithm: sha256WithRSAEncryption 6c:d0:0f:89:2d:f2:15:86:94:6a:e0:77:35:09:f3:09:3f:4f: 27:e0:d0:0f:ea:42:3e:e6:4a:00:01:18:0a:0a:0c:05:82:ba: 6c:42:e6:ac:bd:64:d9:bf:b9:8d:68:68:99:83:9f:29:40:7c: 7b:f8:26:b8:18:32:f6:b2:88:7d:b9:6b:b2:d3:ae:81:62:a1: 93:bd:30:96:e0:c7:7c:14:6d:ea:e4:48:4a:82:f2:f2:e6:8a: 03:7b:ef:bf:b7:48:71:61:03:b1:c9:e8:c3:44:72:a3:d5:45: ae:e7:80:7b:89:bf:ec:83:c2:17:9a:a8:94:78:a5:4d:85:5b: ed:62:7e:af:1d:22:8e:5d:cc:cb:ab:e6:47:73:f3:10:e0:e3: d3:33:10:2f:81:05:9f:f0:f6:0b:4a:9b:42:2f:09:8b:ff:2e: 7e:b8:3d:a6:25:51:2c:8b:d7:6d:2d:4e:fe:1e:08:a3:0e:47: 45:68:3a:7c:6d:c5:7e:94:d9:f0:bf:a6:19:b4:d5:6a:c0:85: f9:f5:03:63:28:54:4e:e9:85:7d:20:45:a1:72:1d:f1:d6:7a: e5:b7:ea:24:11:06:87:90:5f:6d:66:6b:07:65:cb:21:45:72: 04:84:0a:0c:71:5e:33:6e:07:f5:1d:53:b3:85:f3:fe:0e:ac: fc:fc:4f:82 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdnvRmXozeAsx2j6JCETrzZuKfqYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0NloX DTI3MDMwMzA2Mzk0NlowMzExMC8GA1UEAxMoODZEMUQzMkE5NzRBODg5RDAxRUI4 MUM4NDk3RTNFNDBGQ0ZGRDI5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALmhRDOUptu+frzH+WELcYzbBu4WSAV8FH+0gvjDBjgSjkzmVFcuAkEpj9q2 i0MuypTIIIs15gZjKn6BH37gbTAoc4zNkAnIAc0XrhzlXdDOmLsPjUaSfHp2AEID nO0n5OUnKxi8kalQFd3m0IFbshZiZr/cXYeC2E1Vsr75gsO3zRtVoWExTuyhyITC CRLKrlkBm5N5LkpGJ8BBoYGHqasvd/pZLkOFs9Qe9pt8nNBWDtJ16QaNIYtjIf+l zgNDYakR6rLY1MPQ/wrlMynTi+NMVMYQ56tQQScZUwD1PD9U+FbACGiUTwHebQra gXNzSVoQ2qh6iHIHI3g/rI0mMLkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSG0dMq l0qInQHrgchJfj5A/P/SlDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjU3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r1AwDQYJKoZIhvcNAQELBQADggEBAGzQD4kt8hWGlGrgdzUJ8wk/Tyfg0A/qQj7m SgABGAoKDAWCumxC5qy9ZNm/uY1oaJmDnylAfHv4JrgYMvayiH25a7LTroFioZO9 MJbgx3wUberkSEqC8vLmigN777+3SHFhA7HJ6MNEcqPVRa7ngHuJv+yDwheaqJR4 pU2FW+1ifq8dIo5dzMur5kdz8xDg49MzEC+BBZ/w9gtKm0IvCYv/Ln64PaYlUSyL 120tTv4eCKMOR0VoOnxtxX6U2fC/phm01WrAhfn1A2MoVE7phX0gRaFyHfHWeuW3 6iQRBoeQX21mawdlyyFFcgSECgxxXjNuB/UdU7OF8/4OrPz8T4I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:56 2026 by rpki-client