$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146608.roa File: AS146608.roa (raw, json) Hash identifier: pqWDXLnaR465IYm3ap4H1o4vbjza09Kic1rBANpSW8Y= Subject key identifier: 07:76:22:D5:48:40:73:5F:33:54:1F:A4:3C:CA:7D:2E:76:10:BF:64 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 49E85E94B2BD590B60D17B5FB2E70BE665211DDA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146608.roa Signing time: Wed 04 Mar 2026 06:39:14 +0000 ROA not before: Wed 04 Mar 2026 06:34:14 +0000 ROA not after: Wed 03 Mar 2027 06:39:14 +0000 asID: 146608 IP address blocks: 240a:af76::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:e8:5e:94:b2:bd:59:0b:60:d1:7b:5f:b2:e7:0b:e6:65:21:1d:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:14 2026 GMT Not After : Mar 3 06:39:14 2027 GMT Subject: CN=077622D54840735F33541FA43CCA7D2E7610BF64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:e2:48:9a:ae:22:ea:97:7b:0b:39:ea:8c:29: 76:68:e3:d9:76:13:36:dd:7b:76:1a:de:d6:29:d5: 55:02:9d:c2:cf:ed:7e:8c:1c:d9:4d:66:53:95:4d: a0:b1:6e:bf:49:30:c5:ab:b7:83:d9:7b:85:a8:cc: af:69:31:75:20:c6:bc:ef:f9:60:ab:01:3f:86:f9: ef:41:16:bf:99:5a:12:9d:b0:9d:85:fe:d7:3c:30: 11:35:8f:dd:5f:52:78:2c:b5:66:cb:0c:60:bc:83: 43:a8:03:c0:ba:04:da:6d:de:c5:1e:75:a9:a4:4c: 14:c7:d1:a2:d0:9a:84:59:7a:f8:74:2a:99:42:1b: c0:6a:cf:c6:d6:4c:2c:cb:a4:9d:e3:c4:f7:cf:c5: e6:14:70:69:a4:79:c1:db:d4:a2:b6:82:3c:1e:e0: f4:92:94:f7:5b:eb:be:74:83:e0:0c:9e:9b:11:a8: 5c:8b:32:c6:ef:70:38:c5:d4:6b:c2:e3:d2:3e:b2: 9f:44:3e:d2:3b:60:21:23:e9:79:c6:b9:a3:d8:df: 0f:67:bf:e7:0c:d6:40:a8:85:fa:a2:16:77:df:ae: 92:af:1f:2f:ae:4a:fd:82:c8:dc:31:32:9b:9d:de: 6d:2b:69:a9:95:e3:89:19:3d:28:27:7e:bd:1c:5b: 60:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:76:22:D5:48:40:73:5F:33:54:1F:A4:3C:CA:7D:2E:76:10:BF:64 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146608.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af76::/32 Signature Algorithm: sha256WithRSAEncryption 9f:b3:b0:d4:e6:c4:e9:17:d7:07:54:79:ab:a9:ca:21:0d:11: 54:8f:6d:18:5c:3d:6a:24:80:a9:40:fe:03:3d:d7:5b:11:5c: 7d:66:4d:40:2a:88:36:87:e5:fe:ff:5c:db:0e:3f:51:a3:e0: 5b:83:a5:64:03:09:ac:02:20:37:95:ef:8d:70:80:da:11:df: 0f:9d:22:03:2f:42:94:ab:aa:0b:65:5d:2e:9a:71:63:f8:97: 2c:f6:c1:73:29:6c:96:c8:66:2f:14:d1:d9:dd:8b:3a:5a:bd: 0c:76:56:69:ec:d3:e0:ee:b4:96:5c:f2:4d:2a:67:9e:45:06: 1a:eb:a3:bb:f5:2b:67:f0:df:4a:8b:62:8b:a0:2f:e8:b2:ac: 77:13:b2:e5:f8:a5:01:0e:26:2d:f2:5c:9c:8e:dc:5e:fe:a6: 98:75:e6:65:d9:74:0a:f9:e1:cd:b3:55:ad:4f:97:93:4e:ff: 1c:71:07:48:dc:4a:b5:d8:fb:cc:31:16:17:64:b1:d8:d8:01: c8:5f:52:76:1f:ab:50:cb:69:73:48:0e:37:5f:3c:f3:f9:8c: f7:37:8e:00:2d:5e:49:af:dc:56:54:4f:30:c6:d1:b5:01:26: 66:38:b2:32:2b:04:ca:09:bc:72:54:68:16:ff:f6:ad:b0:14: 1d:93:b8:d4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSehelLK9WQtg0XtfsucL5mUhHdowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQxNFoX DTI3MDMwMzA2MzkxNFowMzExMC8GA1UEAxMoMDc3NjIyRDU0ODQwNzM1RjMzNTQx RkE0M0NDQTdEMkU3NjEwQkY2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANriSJquIuqXews56owpdmjj2XYTNt17dhre1inVVQKdws/tfowc2U1mU5VN oLFuv0kwxau3g9l7hajMr2kxdSDGvO/5YKsBP4b570EWv5laEp2wnYX+1zwwETWP 3V9SeCy1ZssMYLyDQ6gDwLoE2m3exR51qaRMFMfRotCahFl6+HQqmUIbwGrPxtZM LMuknePE98/F5hRwaaR5wdvUoraCPB7g9JKU91vrvnSD4AyemxGoXIsyxu9wOMXU a8Lj0j6yn0Q+0jtgISPpeca5o9jfD2e/5wzWQKiF+qIWd9+ukq8fL65K/YLI3DEy m53ebStpqZXjiRk9KCd+vRxbYJ0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQHdiLV SEBzXzNUH6Q8yn0udhC/ZDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjYwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r3YwDQYJKoZIhvcNAQELBQADggEBAJ+zsNTmxOkX1wdUeaupyiENEVSPbRhcPWok gKlA/gM911sRXH1mTUAqiDaH5f7/XNsOP1Gj4FuDpWQDCawCIDeV741wgNoR3w+d IgMvQpSrqgtlXS6acWP4lyz2wXMpbJbIZi8U0dndizpavQx2Vmns0+DutJZc8k0q Z55FBhrro7v1K2fw30qLYougL+iyrHcTsuX4pQEOJi3yXJyO3F7+pph15mXZdAr5 4c2zVa1Pl5NO/xxxB0jcSrXY+8wxFhdksdjYAchfUnYfq1DLaXNIDjdfPPP5jPc3 jgAtXkmv3FZUTzDG0bUBJmY4sjIrBMoJvHJUaBb/9q2wFB2TuNQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:19 2026 by rpki-client