$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146598.roa File: AS146598.roa (raw, json) Hash identifier: lP4+015CXfaUQceKI+eI9h4UWceVFWw1EmT8FdLQWAo= Subject key identifier: B5:67:F6:0D:52:6B:E1:13:C0:46:CA:7A:04:5A:FC:EA:35:2A:47:0B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0398AE592AD15543BE65407EDEA3EB6CC125F041 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146598.roa Signing time: Wed 04 Mar 2026 06:39:54 +0000 ROA not before: Wed 04 Mar 2026 06:34:54 +0000 ROA not after: Wed 03 Mar 2027 06:39:54 +0000 asID: 146598 IP address blocks: 240a:af6c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:98:ae:59:2a:d1:55:43:be:65:40:7e:de:a3:eb:6c:c1:25:f0:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:54 2026 GMT Not After : Mar 3 06:39:54 2027 GMT Subject: CN=B567F60D526BE113C046CA7A045AFCEA352A470B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:8a:bb:3a:7b:ae:0b:43:aa:5f:3e:a5:30:6d: 80:4f:e2:38:cf:1c:51:e2:c4:df:ce:30:f4:dc:19: 9e:ce:93:d4:1e:6a:4b:5c:f8:26:4d:99:fb:46:98: 16:f0:08:19:fc:e6:09:0f:95:0b:51:57:c2:d1:44: 56:c9:a0:44:95:e3:27:d7:fa:b2:93:33:86:ce:1e: c5:c8:bf:86:9c:fe:cb:1f:38:00:51:00:c7:71:b1: 3b:5a:d5:8c:24:36:d9:b6:e9:bd:79:94:b5:18:a2: df:ea:0c:48:61:35:ed:45:e5:7d:11:41:55:63:52: a4:8f:55:aa:7e:c6:53:cd:a1:a7:66:1c:3e:b1:6d: 17:1a:d4:b9:b1:fb:f1:d9:fe:d7:a3:6a:07:b6:25: fc:e6:83:0d:65:e3:65:3b:8f:db:c1:1c:f0:e8:83: 27:32:bb:60:b7:cf:e2:69:9d:df:a4:7e:66:0f:89: 26:33:94:c5:06:4c:20:57:86:24:74:7a:ae:3c:96: 98:47:4d:65:14:ce:ce:72:64:18:71:75:0f:a9:83: 4e:e2:d8:d9:7c:8e:fa:9f:fe:9b:f9:8b:95:6e:38: cd:17:55:be:c3:4f:78:67:e2:d2:cb:5d:f0:af:b0: ae:33:62:0c:fc:40:34:0c:3f:1d:5c:6a:47:a2:0a: 80:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:67:F6:0D:52:6B:E1:13:C0:46:CA:7A:04:5A:FC:EA:35:2A:47:0B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146598.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af6c::/32 Signature Algorithm: sha256WithRSAEncryption 42:e7:7a:ff:b0:e7:f2:4d:e4:6c:58:db:a5:60:50:6f:95:10: e6:73:5d:d3:85:3a:c6:01:89:34:b2:3f:d8:da:82:c0:90:33: 80:f0:07:d9:4b:76:28:ed:a4:6d:78:7a:66:e2:e5:db:79:13: b7:83:86:36:b6:91:d9:75:90:a4:80:03:0d:f0:52:bb:a6:c9: a9:90:fc:f9:3b:33:87:08:07:80:38:84:ea:8c:52:e6:12:80: 98:af:fd:9e:ff:16:21:ff:75:66:cc:0e:01:b5:1b:d7:3b:10: 1d:11:5f:57:94:f9:65:de:72:a6:6c:c9:d2:7e:30:f1:b8:e4: 2f:e4:43:ee:80:cf:b1:36:24:3b:42:e3:a9:ef:4c:55:3e:7c: 46:61:8e:5b:b5:e1:ce:91:24:d9:43:10:5c:20:a5:3a:80:9f: 38:b5:73:03:03:e7:71:ee:14:31:d6:51:df:5d:a6:62:fa:1b: 54:54:ad:14:57:fd:13:35:15:12:97:fb:c5:97:1d:28:f4:d0: 02:e2:01:84:56:05:87:c3:65:e2:2d:2d:b1:f8:b3:38:64:00: 1f:9b:a1:52:0d:bb:10:50:ed:dd:4d:69:37:bf:c7:3e:c6:44: b9:6e:84:42:fd:e0:66:05:39:41:54:80:eb:25:e4:64:42:ac: 94:3e:fb:71 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUA5iuWSrRVUO+ZUB+3qPrbMEl8EEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ1NFoX DTI3MDMwMzA2Mzk1NFowMzExMC8GA1UEAxMoQjU2N0Y2MEQ1MjZCRTExM0MwNDZD QTdBMDQ1QUZDRUEzNTJBNDcwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMWKuzp7rgtDql8+pTBtgE/iOM8cUeLE384w9NwZns6T1B5qS1z4Jk2Z+0aY FvAIGfzmCQ+VC1FXwtFEVsmgRJXjJ9f6spMzhs4exci/hpz+yx84AFEAx3GxO1rV jCQ22bbpvXmUtRii3+oMSGE17UXlfRFBVWNSpI9Vqn7GU82hp2YcPrFtFxrUubH7 8dn+16NqB7Yl/OaDDWXjZTuP28Ec8OiDJzK7YLfP4mmd36R+Zg+JJjOUxQZMIFeG JHR6rjyWmEdNZRTOznJkGHF1D6mDTuLY2XyO+p/+m/mLlW44zRdVvsNPeGfi0std 8K+wrjNiDPxANAw/HVxqR6IKgCkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS1Z/YN UmvhE8BGynoEWvzqNSpHCzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjU5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r2wwDQYJKoZIhvcNAQELBQADggEBAELnev+w5/JN5GxY26VgUG+VEOZzXdOFOsYB iTSyP9jagsCQM4DwB9lLdijtpG14embi5dt5E7eDhja2kdl1kKSAAw3wUrumyamQ /Pk7M4cIB4A4hOqMUuYSgJiv/Z7/FiH/dWbMDgG1G9c7EB0RX1eU+WXecqZsydJ+ MPG45C/kQ+6Az7E2JDtC46nvTFU+fEZhjlu14c6RJNlDEFwgpTqAnzi1cwMD53Hu FDHWUd9dpmL6G1RUrRRX/RM1FRKX+8WXHSj00ALiAYRWBYfDZeItLbH4szhkAB+b oVINuxBQ7d1NaTe/xz7GRLluhEL94GYFOUFUgOsl5GRCrJQ++3E= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:35 2026 by rpki-client