$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146601.roa File: AS146601.roa (raw, json) Hash identifier: XHdXbkjDWwB4VxcfxqZ1V3tMUcLRmsbpXSzJY7lr4II= Subject key identifier: EE:AB:19:FA:42:B7:5D:36:C3:B1:2B:A6:8A:19:7D:37:23:23:AD:F7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4F32CBDF63495AB16329734FD9D3294B8292FBAD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146601.roa Signing time: Wed 04 Mar 2026 06:39:56 +0000 ROA not before: Wed 04 Mar 2026 06:34:56 +0000 ROA not after: Wed 03 Mar 2027 06:39:56 +0000 asID: 146601 IP address blocks: 240a:af6f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:32:cb:df:63:49:5a:b1:63:29:73:4f:d9:d3:29:4b:82:92:fb:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:56 2026 GMT Not After : Mar 3 06:39:56 2027 GMT Subject: CN=EEAB19FA42B75D36C3B12BA68A197D372323ADF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:10:fb:7a:ee:3a:89:8c:0e:b2:87:5b:c8:b2: 2f:8a:83:ef:7c:21:39:28:c4:88:80:12:92:f0:18: e7:a0:a1:36:c0:27:b3:59:53:a4:2c:56:b8:de:02: 7b:b5:f1:90:74:e5:e6:f9:e4:73:aa:08:93:e6:26: f5:23:08:e4:c4:f5:ca:5e:5e:ac:6f:ec:0f:76:64: 86:0d:71:d1:92:0c:54:23:15:ba:91:3e:33:98:01: 5d:15:a0:df:50:4e:c8:e6:76:23:2f:47:c7:15:dd: 69:46:89:96:e4:3e:b3:1c:18:22:20:73:49:c2:d1: db:38:b0:72:ea:79:94:ae:af:5d:b8:cf:c6:d5:cc: be:c7:86:e5:2a:2e:98:a2:1d:8d:ac:99:56:e1:99: f9:2b:17:4d:52:35:31:d6:db:1b:3b:1e:df:20:fc: e6:36:2c:f6:ee:e0:80:68:cb:14:e6:a0:1a:d8:a9: 23:01:69:a1:5a:68:7c:20:98:b8:be:66:d1:bc:3f: 18:ba:f3:17:bc:f7:48:b9:b3:75:9d:69:3b:8a:8f: 7c:78:02:da:3a:33:51:66:d6:8b:17:b2:9a:c3:ec: 9f:b0:86:a0:d6:d9:29:f0:4f:5d:4a:97:ae:56:04: 0c:f5:ea:10:97:85:07:25:0a:6c:6b:28:9c:00:2e: 15:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:AB:19:FA:42:B7:5D:36:C3:B1:2B:A6:8A:19:7D:37:23:23:AD:F7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146601.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af6f::/32 Signature Algorithm: sha256WithRSAEncryption 7f:c7:67:fb:9d:4b:ea:79:18:6f:78:f8:8f:9e:8c:08:04:bf: 0f:9d:33:da:52:a6:87:5d:f0:6c:ee:3f:5c:18:84:50:b4:aa: 52:cf:d8:25:24:1a:6d:43:bb:a6:f8:9d:d5:98:1c:09:94:b5: 98:21:58:0e:5f:be:04:23:c9:d1:48:68:a5:cd:d0:86:a1:51: b4:77:6f:c7:7b:ff:0b:53:34:ea:3c:a1:cb:33:1d:73:c7:02: d3:5b:47:64:8a:39:14:da:f7:85:6c:74:a6:c8:02:02:ec:36: 2a:dd:1c:7d:8d:8c:09:88:ca:c8:b1:9b:cd:3b:cb:a3:e7:b6: 85:51:e3:6a:a9:10:09:69:2f:33:27:48:dd:96:b5:28:0f:c9: 13:3b:ac:d8:8e:11:6c:7e:28:93:8f:bd:97:60:4c:c7:e0:2a: a6:7a:c5:89:f5:c7:22:91:1d:fe:e1:78:7a:38:5a:e7:85:f8: ce:c5:9b:51:81:2a:82:e2:d7:94:e5:8e:b4:b1:13:b6:2d:9c: 77:a8:48:b8:14:ed:9c:74:29:20:1e:88:03:92:62:6d:7f:d0: d5:fd:9c:4f:e2:c8:dc:64:be:c4:4d:27:83:57:96:50:c0:68: d4:43:09:43:27:89:de:9d:3a:bb:cd:10:55:d7:0f:ea:f7:d6: d0:8c:e4:70 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTzLL32NJWrFjKXNP2dMpS4KS+60wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ1NloX DTI3MDMwMzA2Mzk1NlowMzExMC8GA1UEAxMoRUVBQjE5RkE0MkI3NUQzNkMzQjEy QkE2OEExOTdEMzcyMzIzQURGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN8Q+3ruOomMDrKHW8iyL4qD73whOSjEiIASkvAY56ChNsAns1lTpCxWuN4C e7XxkHTl5vnkc6oIk+Ym9SMI5MT1yl5erG/sD3Zkhg1x0ZIMVCMVupE+M5gBXRWg 31BOyOZ2Iy9HxxXdaUaJluQ+sxwYIiBzScLR2ziwcup5lK6vXbjPxtXMvseG5Sou mKIdjayZVuGZ+SsXTVI1MdbbGzse3yD85jYs9u7ggGjLFOagGtipIwFpoVpofCCY uL5m0bw/GLrzF7z3SLmzdZ1pO4qPfHgC2jozUWbWixeymsPsn7CGoNbZKfBPXUqX rlYEDPXqEJeFByUKbGsonAAuFRcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTuqxn6 QrddNsOxK6aKGX03IyOt9zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjYwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r28wDQYJKoZIhvcNAQELBQADggEBAH/HZ/udS+p5GG94+I+ejAgEvw+dM9pSpodd 8GzuP1wYhFC0qlLP2CUkGm1Du6b4ndWYHAmUtZghWA5fvgQjydFIaKXN0IahUbR3 b8d7/wtTNOo8ocszHXPHAtNbR2SKORTa94VsdKbIAgLsNirdHH2NjAmIysixm807 y6PntoVR42qpEAlpLzMnSN2WtSgPyRM7rNiOEWx+KJOPvZdgTMfgKqZ6xYn1xyKR Hf7heHo4WueF+M7Fm1GBKoLi15TljrSxE7YtnHeoSLgU7Zx0KSAeiAOSYm1/0NX9 nE/iyNxkvsRNJ4NXllDAaNRDCUMnid6dOrvNEFXXD+r31tCM5HA= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:36 2026 by rpki-client