$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146578.roa File: AS146578.roa (raw, json) Hash identifier: OjN2nif3hsNv8Bjn+Bv3HyT9GpwfTNIOSVBFoC2fLRA= Subject key identifier: 66:F7:78:FD:E2:D8:BE:FD:2D:07:51:02:AF:CE:B9:05:FD:89:97:7C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1894CC323C593EE39F5DFF3577FA7986056794A4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146578.roa Signing time: Wed 04 Mar 2026 06:39:15 +0000 ROA not before: Wed 04 Mar 2026 06:34:15 +0000 ROA not after: Wed 03 Mar 2027 06:39:15 +0000 asID: 146578 IP address blocks: 240a:af58::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:94:cc:32:3c:59:3e:e3:9f:5d:ff:35:77:fa:79:86:05:67:94:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:15 2026 GMT Not After : Mar 3 06:39:15 2027 GMT Subject: CN=66F778FDE2D8BEFD2D075102AFCEB905FD89977C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:31:5f:54:d7:38:bf:a2:5d:7b:57:18:4d:d1: 86:88:44:0c:f2:59:3b:5b:4e:ca:b4:1e:88:c8:eb: 1a:b4:ce:77:ab:8a:80:ea:1e:42:19:5d:fc:57:b2: 0e:0f:dc:00:a6:d3:5e:11:57:72:ec:57:98:0d:6f: b8:f3:06:37:c0:3a:07:0f:fd:fc:89:82:81:e7:55: 4e:13:f3:16:dc:f1:e8:4f:8f:7d:da:14:d3:2d:94: fe:b9:25:a1:7d:76:c8:3e:2b:47:6b:69:15:69:7a: 60:86:e5:f4:fd:6e:ef:16:d8:09:39:5c:ff:8d:5f: 98:e2:e5:38:7a:d5:c1:77:3e:2b:5d:ea:36:ca:41: 4c:8b:d9:82:a0:0b:64:1f:22:17:06:2c:86:8c:f3: 9d:33:cd:3b:8c:53:e5:91:0e:fd:8e:0e:d9:12:91: c5:be:a4:28:a2:52:23:52:64:94:ea:0e:a6:9b:bd: 14:b9:c3:32:e1:7e:32:8e:ba:f8:7d:7f:a5:86:03: d0:14:22:ae:f5:3d:aa:55:40:48:d9:c5:b9:e8:c3: b6:00:41:dc:a9:cf:19:33:49:ac:d2:04:63:84:82: d1:d3:c9:27:1b:45:aa:08:eb:5d:16:5e:8a:a8:c7: 7b:13:3d:02:bd:b0:66:3c:34:5c:4d:9c:d1:27:e2: bb:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:F7:78:FD:E2:D8:BE:FD:2D:07:51:02:AF:CE:B9:05:FD:89:97:7C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146578.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af58::/32 Signature Algorithm: sha256WithRSAEncryption 01:1a:89:c8:aa:4c:8f:c4:76:c3:2e:f2:fe:83:03:e8:c7:91: 18:3a:c0:aa:f7:d0:dd:3d:bc:d1:ad:a4:94:7d:0d:36:d4:ce: 2d:04:07:a0:67:1a:00:ce:17:86:dd:e1:5d:9e:1e:f8:7a:16: ef:a1:f0:a4:73:d0:56:58:5c:4a:a0:4c:71:1c:70:99:7b:c5: 6f:cc:dd:86:4a:92:b0:fd:2b:ba:75:8b:80:0b:94:76:ba:15: a3:81:ee:8b:e9:30:3a:30:2e:7f:8b:b1:53:21:62:01:90:ae: 00:e5:7a:86:5d:9b:6a:cc:e7:57:f8:ca:b0:eb:5e:fb:ba:6e: 3e:1f:3e:c8:c0:a6:d3:05:fc:66:fb:3c:ba:f1:93:39:03:d5: 53:5b:f7:4f:aa:a0:72:35:e6:97:34:cc:22:eb:a2:bf:3d:81: 98:54:cd:a5:c6:e5:a2:0a:09:e2:73:72:5a:15:89:87:9f:5d: f9:25:e0:79:81:42:ca:18:bf:f0:d1:d0:ba:5d:59:95:0c:ca: 9c:27:d2:3a:03:d9:e6:a0:0d:19:63:46:79:6f:26:72:0f:9d: 05:22:bf:4f:61:47:d2:10:b2:ff:7a:fd:dc:c2:2f:62:b8:b6: a9:02:4a:a2:e4:4b:dd:d0:2c:d2:42:99:f5:72:43:7b:67:5b: ec:2b:f4:44 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGJTMMjxZPuOfXf81d/p5hgVnlKQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQxNVoX DTI3MDMwMzA2MzkxNVowMzExMC8GA1UEAxMoNjZGNzc4RkRFMkQ4QkVGRDJEMDc1 MTAyQUZDRUI5MDVGRDg5OTc3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQxX1TXOL+iXXtXGE3RhohEDPJZO1tOyrQeiMjrGrTOd6uKgOoeQhld/Fey Dg/cAKbTXhFXcuxXmA1vuPMGN8A6Bw/9/ImCgedVThPzFtzx6E+PfdoU0y2U/rkl oX12yD4rR2tpFWl6YIbl9P1u7xbYCTlc/41fmOLlOHrVwXc+K13qNspBTIvZgqAL ZB8iFwYshozznTPNO4xT5ZEO/Y4O2RKRxb6kKKJSI1JklOoOppu9FLnDMuF+Mo66 +H1/pYYD0BQirvU9qlVASNnFuejDtgBB3KnPGTNJrNIEY4SC0dPJJxtFqgjrXRZe iqjHexM9Ar2wZjw0XE2c0Sfiu5sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRm93j9 4ti+/S0HUQKvzrkF/YmXfDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjU3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r1gwDQYJKoZIhvcNAQELBQADggEBAAEaiciqTI/EdsMu8v6DA+jHkRg6wKr30N09 vNGtpJR9DTbUzi0EB6BnGgDOF4bd4V2eHvh6Fu+h8KRz0FZYXEqgTHEccJl7xW/M 3YZKkrD9K7p1i4ALlHa6FaOB7ovpMDowLn+LsVMhYgGQrgDleoZdm2rM51f4yrDr Xvu6bj4fPsjAptMF/Gb7PLrxkzkD1VNb90+qoHI15pc0zCLror89gZhUzaXG5aIK CeJzcloViYefXfkl4HmBQsoYv/DR0LpdWZUMypwn0joD2eagDRljRnlvJnIPnQUi v09hR9IQsv96/dzCL2K4tqkCSqLkS93QLNJCmfVyQ3tnW+wr9EQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:59 2026 by rpki-client