$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146625.roa File: AS146625.roa (raw, json) Hash identifier: 8ltbSs/dLIctniZNL2QwP5sjOYcsjgF3r9PguP8+jVg= Subject key identifier: 06:C3:7B:8D:DC:95:13:30:9A:D4:C9:76:22:14:71:A4:42:59:31:C0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6E2444EDB82850A6E34D448597A7F0C57F6A6FB9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146625.roa Signing time: Wed 04 Mar 2026 06:39:33 +0000 ROA not before: Wed 04 Mar 2026 06:34:33 +0000 ROA not after: Wed 03 Mar 2027 06:39:33 +0000 asID: 146625 IP address blocks: 240a:af87::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:24:44:ed:b8:28:50:a6:e3:4d:44:85:97:a7:f0:c5:7f:6a:6f:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:33 2026 GMT Not After : Mar 3 06:39:33 2027 GMT Subject: CN=06C37B8DDC9513309AD4C976221471A4425931C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5a:32:6e:35:ba:24:a7:c9:59:19:af:1f:45: 33:d9:7a:70:60:0c:88:9d:56:98:9c:8c:e1:7e:4b: f4:32:f5:dc:e2:97:ec:2a:fe:30:56:db:21:24:87: 98:ce:12:9a:9e:b9:1c:39:0e:27:48:04:eb:41:03: d4:2b:40:f1:bc:fe:d1:ec:06:9d:92:be:52:fe:7c: e7:4b:02:1b:33:f4:f4:9c:4b:bd:06:50:fe:3d:65: c4:9f:34:3c:65:f7:3b:43:a0:f4:0a:33:6d:3c:2d: e1:8d:d5:26:46:8c:92:1e:4f:e9:0f:b9:de:31:42: 42:26:aa:77:aa:c5:13:1f:66:d0:4c:3e:6e:ee:66: cd:79:db:8b:60:d6:72:c1:59:fd:e9:67:89:c3:30: 03:16:6f:9a:f3:e5:e1:fc:62:58:26:12:d1:3c:9c: 01:3d:43:70:6c:6f:47:b4:b9:32:c1:38:a6:d9:0d: be:ef:06:b7:a3:72:fd:c6:77:53:d4:3d:93:27:29: 6c:cd:a3:97:3f:aa:36:33:45:22:45:30:41:86:62: ca:cc:74:83:26:53:7e:ef:f2:2d:c7:27:d0:47:65: 81:1d:c3:aa:81:d5:a4:93:3c:48:93:44:12:04:e1: 20:87:8a:49:3c:4a:e6:7f:3c:a0:41:14:03:27:6d: 50:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:C3:7B:8D:DC:95:13:30:9A:D4:C9:76:22:14:71:A4:42:59:31:C0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146625.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af87::/32 Signature Algorithm: sha256WithRSAEncryption 9c:00:b2:c6:f7:e3:3e:c5:23:23:25:b1:2a:b3:be:25:ce:86: cd:21:31:17:5c:2d:9f:dd:a6:35:25:b3:4f:c0:25:5a:f2:84: d8:07:d2:b3:15:9d:7f:8a:8b:ed:ea:6b:61:aa:f6:12:c5:80: 41:20:0b:a7:1a:35:39:d6:e9:01:cb:6b:f1:45:04:8a:c3:78: b4:38:e9:38:6b:19:a1:16:51:3c:7a:1c:7d:ae:e8:9c:56:ed: 7e:49:4b:15:dc:93:a5:75:4f:27:4b:c1:6b:e8:79:65:41:87: 47:03:03:e0:21:89:cb:8a:5c:91:0c:59:88:f7:53:01:e1:ab: c7:30:94:79:b1:43:6f:2d:81:b8:e7:3b:53:a6:73:89:35:a8: ac:89:08:71:53:34:f4:80:22:c8:87:91:5e:ac:3c:ad:34:ca: 09:7e:e1:ea:4b:38:69:68:93:79:e2:04:60:81:e6:a1:b4:83: 9a:08:6a:12:e7:fb:ab:92:3f:cd:5c:4c:d9:53:35:e8:84:67: 4e:a8:bd:ec:ba:68:11:01:68:b8:ae:a1:68:55:db:44:36:7f: d9:fe:90:d0:0c:2b:00:11:73:ae:30:44:4e:df:98:ea:a2:6d: c2:39:8b:29:e7:6e:4a:46:e0:a8:e4:e2:e2:82:c3:55:94:63: 2d:e4:a7:f3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbiRE7bgoUKbjTUSFl6fwxX9qb7kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzM1oX DTI3MDMwMzA2MzkzM1owMzExMC8GA1UEAxMoMDZDMzdCOEREQzk1MTMzMDlBRDRD OTc2MjIxNDcxQTQ0MjU5MzFDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVaMm41uiSnyVkZrx9FM9l6cGAMiJ1WmJyM4X5L9DL13OKX7Cr+MFbbISSH mM4Smp65HDkOJ0gE60ED1CtA8bz+0ewGnZK+Uv5850sCGzP09JxLvQZQ/j1lxJ80 PGX3O0Og9AozbTwt4Y3VJkaMkh5P6Q+53jFCQiaqd6rFEx9m0Ew+bu5mzXnbi2DW csFZ/elnicMwAxZvmvPl4fxiWCYS0TycAT1DcGxvR7S5MsE4ptkNvu8Gt6Ny/cZ3 U9Q9kycpbM2jlz+qNjNFIkUwQYZiysx0gyZTfu/yLccn0EdlgR3DqoHVpJM8SJNE EgThIIeKSTxK5n88oEEUAydtUNsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQGw3uN 3JUTMJrUyXYiFHGkQlkxwDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjYyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r4cwDQYJKoZIhvcNAQELBQADggEBAJwAssb34z7FIyMlsSqzviXOhs0hMRdcLZ/d pjUls0/AJVryhNgH0rMVnX+Ki+3qa2Gq9hLFgEEgC6caNTnW6QHLa/FFBIrDeLQ4 6ThrGaEWUTx6HH2u6JxW7X5JSxXck6V1TydLwWvoeWVBh0cDA+AhicuKXJEMWYj3 UwHhq8cwlHmxQ28tgbjnO1Omc4k1qKyJCHFTNPSAIsiHkV6sPK00ygl+4epLOGlo k3niBGCB5qG0g5oIahLn+6uSP81cTNlTNeiEZ06ovey6aBEBaLiuoWhV20Q2f9n+ kNAMKwARc64wRE7fmOqibcI5iynnbkpG4Kjk4uKCw1WUYy3kp/M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:41 2026 by rpki-client