$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146588.roa File: AS146588.roa (raw, json) Hash identifier: w1fU2CEAF0ogz4L3lJniMZCPVnZ8utvqU1yR8xVLxQ0= Subject key identifier: 9A:FC:4F:AF:53:90:DC:F8:00:22:68:13:1F:03:CA:C3:EA:1F:2B:E6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2DDBEDE06CFD96828B51C0B6751A5D10DCA9D779 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146588.roa Signing time: Wed 04 Mar 2026 06:39:53 +0000 ROA not before: Wed 04 Mar 2026 06:34:53 +0000 ROA not after: Wed 03 Mar 2027 06:39:53 +0000 asID: 146588 IP address blocks: 240a:af62::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:db:ed:e0:6c:fd:96:82:8b:51:c0:b6:75:1a:5d:10:dc:a9:d7:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:53 2026 GMT Not After : Mar 3 06:39:53 2027 GMT Subject: CN=9AFC4FAF5390DCF8002268131F03CAC3EA1F2BE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6e:98:08:a7:61:f7:e6:19:31:1e:17:d8:d9: c8:c8:ed:39:a8:85:bb:48:eb:8e:f6:6c:2b:ef:df: 2a:d0:ac:33:8a:d7:fa:64:8e:6e:07:21:f3:a2:83: 32:7d:eb:1d:00:3d:af:f9:80:b0:75:1f:9f:3c:fa: 6b:fb:20:bd:e2:5e:af:3d:22:86:09:a0:b2:98:58: 6f:76:70:6f:8b:d8:0f:53:74:70:8f:a2:8f:12:b5: a8:dd:49:92:60:7d:87:ab:db:8d:4e:4d:38:f9:d0: 59:22:93:d0:cf:a6:23:c3:f8:45:03:e6:32:ee:7f: 76:9f:19:b4:1d:2f:a6:e7:d4:e9:03:6d:56:7b:3e: 20:b6:8b:bb:42:09:0f:b4:79:5f:0d:9a:8b:d4:0a: 71:e8:d7:5b:bb:d2:c0:91:65:e0:fe:99:7f:a9:e2: 93:c1:14:1a:cc:8b:f7:25:bc:77:9a:aa:bd:52:2c: d8:bc:bc:48:6a:5d:a2:56:d8:fb:c6:ea:0f:b1:ba: c2:2d:3e:2b:e9:80:72:9f:f1:fb:0c:33:fb:3d:cf: d7:18:0a:f0:5e:53:28:8f:6a:0d:4c:c0:04:6e:13: 33:a1:95:2e:e7:7c:4d:48:4a:c4:91:dd:e3:9c:ac: 30:3e:3d:55:05:be:f8:14:b9:c1:82:cf:de:b3:e3: 35:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:FC:4F:AF:53:90:DC:F8:00:22:68:13:1F:03:CA:C3:EA:1F:2B:E6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146588.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af62::/32 Signature Algorithm: sha256WithRSAEncryption be:77:76:a5:ee:7f:23:b4:06:45:d5:d8:6c:49:15:49:8d:fb: ad:b3:a6:f0:75:68:2a:67:c7:97:0a:a8:7e:34:6d:90:69:ef: 9a:94:3d:ae:e2:53:35:52:fe:f8:26:27:c4:ae:b6:94:62:80: 3d:69:de:c6:9d:33:ee:e1:e5:1a:97:33:4e:30:ef:25:f9:35: 1e:55:ba:13:b7:6c:31:51:de:8a:00:ba:1f:ba:ee:bb:d9:2b: fc:39:a9:f5:07:20:a9:c6:af:6d:c6:e1:d9:cf:c2:1d:3d:24: 34:09:18:c0:54:20:ee:0b:39:50:ae:25:b2:15:48:11:b4:39: 83:47:78:e7:c5:11:03:fa:eb:21:8f:2a:66:ab:65:d0:79:cc: 45:c5:2e:ff:60:ff:73:9c:e0:61:41:de:f2:97:98:d2:cb:36: 93:14:91:f7:70:3d:4a:62:82:8e:b4:b9:30:2d:71:f8:d2:46: bb:94:b3:b4:d3:ae:24:67:28:69:76:78:73:cb:30:2d:88:b8: b6:d6:b3:d7:4f:48:ba:17:cf:31:ad:00:f7:f8:ce:86:90:dd: 11:4a:d9:b5:f1:7d:bc:16:ec:e1:ed:72:96:b9:b3:4a:0a:56: dc:3d:2d:a7:2a:e8:04:43:48:a5:3c:82:9c:b0:0a:80:a1:f7: 9e:bd:55:46 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULdvt4Gz9loKLUcC2dRpdENyp13kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ1M1oX DTI3MDMwMzA2Mzk1M1owMzExMC8GA1UEAxMoOUFGQzRGQUY1MzkwRENGODAwMjI2 ODEzMUYwM0NBQzNFQTFGMkJFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJumAinYffmGTEeF9jZyMjtOaiFu0jrjvZsK+/fKtCsM4rX+mSObgch86KD Mn3rHQA9r/mAsHUfnzz6a/sgveJerz0ihgmgsphYb3Zwb4vYD1N0cI+ijxK1qN1J kmB9h6vbjU5NOPnQWSKT0M+mI8P4RQPmMu5/dp8ZtB0vpufU6QNtVns+ILaLu0IJ D7R5Xw2ai9QKcejXW7vSwJFl4P6Zf6nik8EUGsyL9yW8d5qqvVIs2Ly8SGpdolbY +8bqD7G6wi0+K+mAcp/x+wwz+z3P1xgK8F5TKI9qDUzABG4TM6GVLud8TUhKxJHd 45ysMD49VQW++BS5wYLP3rPjNc0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSa/E+v U5Dc+AAiaBMfA8rD6h8r5jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjU4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r2IwDQYJKoZIhvcNAQELBQADggEBAL53dqXufyO0BkXV2GxJFUmN+62zpvB1aCpn x5cKqH40bZBp75qUPa7iUzVS/vgmJ8SutpRigD1p3sadM+7h5RqXM04w7yX5NR5V uhO3bDFR3ooAuh+67rvZK/w5qfUHIKnGr23G4dnPwh09JDQJGMBUIO4LOVCuJbIV SBG0OYNHeOfFEQP66yGPKmarZdB5zEXFLv9g/3Oc4GFB3vKXmNLLNpMUkfdwPUpi go60uTAtcfjSRruUs7TTriRnKGl2eHPLMC2IuLbWs9dPSLoXzzGtAPf4zoaQ3RFK 2bXxfbwW7OHtcpa5s0oKVtw9Lacq6ARDSKU8gpywCoCh9569VUY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:39 2026 by rpki-client