$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146621.roa File: AS146621.roa (raw, json) Hash identifier: vEKf9p/JxSf2hhCiGm2mjMJDV7D5CwjhOxfeT5PnYEk= Subject key identifier: F0:FF:9C:EC:82:FB:FC:E8:B7:63:05:4D:98:35:8C:CE:C9:D0:C4:B5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 024877D747A3857646225AC0C6B5C38DE7E1A9AE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146621.roa Signing time: Wed 04 Mar 2026 06:39:25 +0000 ROA not before: Wed 04 Mar 2026 06:34:25 +0000 ROA not after: Wed 03 Mar 2027 06:39:25 +0000 asID: 146621 IP address blocks: 240a:af83::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:48:77:d7:47:a3:85:76:46:22:5a:c0:c6:b5:c3:8d:e7:e1:a9:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:25 2026 GMT Not After : Mar 3 06:39:25 2027 GMT Subject: CN=F0FF9CEC82FBFCE8B763054D98358CCEC9D0C4B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:25:35:9b:ca:00:7b:23:f2:1c:96:0b:9d:6d: fb:22:8b:f5:57:87:8f:be:07:28:2c:60:08:21:2c: a4:5a:9a:32:0a:05:26:09:82:08:0b:15:dc:c2:6a: 88:ae:15:11:c4:27:2b:5a:66:03:29:f9:48:3e:45: d7:d7:e7:68:c8:c3:e3:f7:36:c3:a2:1a:f1:41:44: 74:a6:73:a8:89:df:57:7d:e3:ae:3a:db:2f:96:22: c3:b0:16:01:98:8c:a8:d2:4c:da:bb:e2:bd:2d:6f: ca:c4:7c:f7:d8:0d:8a:6a:00:b9:b5:b4:32:de:c8: d6:b4:53:0d:67:c6:7f:58:fb:a4:85:a2:4e:cd:83: bc:f6:4f:ef:6e:44:0e:c1:04:1d:87:5b:c3:cc:7f: cb:10:1d:7e:67:86:c4:08:2c:c2:05:30:a4:82:06: 20:f2:cb:4e:7e:77:bc:90:af:da:51:d0:05:45:73: fc:5e:ea:bb:59:04:69:5a:47:bc:41:05:a0:6b:ca: 37:51:d4:16:79:b1:06:fa:1b:cf:26:20:ac:cf:43: c1:73:5f:74:97:df:1c:ee:f0:15:c7:56:4d:ca:dd: a2:05:d8:da:37:0f:f4:8d:b5:a8:97:c7:52:d5:8e: 82:8b:b4:ab:3c:08:bf:b4:4c:7a:53:b0:ec:52:62: 6b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:FF:9C:EC:82:FB:FC:E8:B7:63:05:4D:98:35:8C:CE:C9:D0:C4:B5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af83::/32 Signature Algorithm: sha256WithRSAEncryption bf:fb:26:31:72:de:17:dc:f2:34:1a:76:c6:69:e3:10:45:89: 40:d1:a6:46:90:28:b2:23:5d:e5:63:23:9b:6e:28:97:1c:a6: fb:69:e9:2d:e9:35:62:e0:2a:56:93:d2:55:94:2e:58:90:3e: 50:27:ca:f9:f9:8b:2f:ce:d1:c2:ac:d9:e4:71:f1:36:6b:3e: 88:4d:d2:a3:50:0a:fc:47:33:2f:24:37:d2:3b:18:53:23:c3: f6:e3:76:9e:d7:1b:15:31:f6:83:d6:b4:b3:25:f2:4a:51:37: 60:32:30:14:fe:2e:1d:49:64:30:4e:aa:1e:87:a2:bf:69:b8: 5e:6e:9c:1f:27:f8:b5:b5:8b:c6:6a:a4:21:d4:ab:38:41:39: 90:6b:37:07:9a:65:75:f1:8e:5f:76:d3:30:3d:1b:f2:f5:c3: 18:41:04:97:87:23:92:78:d5:e4:ec:3d:0a:96:ef:49:54:e7: 80:f1:0f:2f:31:99:2e:4e:2f:6a:19:65:dc:ac:0c:61:74:58: ad:9c:62:e9:2a:08:66:5b:e5:97:b1:26:33:ca:cf:d0:46:23: 7e:5b:36:0c:4a:38:f3:22:6b:a9:26:ab:d8:83:c7:14:b5:f0: 5d:12:ec:9f:17:18:5f:45:10:aa:2a:38:dc:7b:53:a0:cb:4d: 7b:50:b5:e3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAkh310ejhXZGIlrAxrXDjefhqa4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQyNVoX DTI3MDMwMzA2MzkyNVowMzExMC8GA1UEAxMoRjBGRjlDRUM4MkZCRkNFOEI3NjMw NTREOTgzNThDQ0VDOUQwQzRCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN4lNZvKAHsj8hyWC51t+yKL9VeHj74HKCxgCCEspFqaMgoFJgmCCAsV3MJq iK4VEcQnK1pmAyn5SD5F19fnaMjD4/c2w6Ia8UFEdKZzqInfV33jrjrbL5Yiw7AW AZiMqNJM2rvivS1vysR899gNimoAubW0Mt7I1rRTDWfGf1j7pIWiTs2DvPZP725E DsEEHYdbw8x/yxAdfmeGxAgswgUwpIIGIPLLTn53vJCv2lHQBUVz/F7qu1kEaVpH vEEFoGvKN1HUFnmxBvobzyYgrM9DwXNfdJffHO7wFcdWTcrdogXY2jcP9I21qJfH UtWOgou0qzwIv7RMelOw7FJiazUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTw/5zs gvv86LdjBU2YNYzOydDEtTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjYyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r4MwDQYJKoZIhvcNAQELBQADggEBAL/7JjFy3hfc8jQadsZp4xBFiUDRpkaQKLIj XeVjI5tuKJccpvtp6S3pNWLgKlaT0lWULliQPlAnyvn5iy/O0cKs2eRx8TZrPohN 0qNQCvxHMy8kN9I7GFMjw/bjdp7XGxUx9oPWtLMl8kpRN2AyMBT+Lh1JZDBOqh6H or9puF5unB8n+LW1i8ZqpCHUqzhBOZBrNweaZXXxjl920zA9G/L1wxhBBJeHI5J4 1eTsPQqW70lU54DxDy8xmS5OL2oZZdysDGF0WK2cYukqCGZb5ZexJjPKz9BGI35b NgxKOPMia6kmq9iDxxS18F0S7J8XGF9FEKoqONx7U6DLTXtQteM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:39 2026 by rpki-client