$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146640.roa File: AS146640.roa (raw, json) Hash identifier: LovgnUHCJww+jCJ4jzCEq4EMYvO/9kMMkeVLTZeHqpI= Subject key identifier: 12:60:66:AA:4B:03:EF:62:09:AF:80:43:B6:8F:34:5C:66:2A:9C:44 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F3C2BB613A3BD6D3CAEC8B8CC4B08601872ACCE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146640.roa Signing time: Wed 04 Mar 2026 06:39:23 +0000 ROA not before: Wed 04 Mar 2026 06:34:23 +0000 ROA not after: Wed 03 Mar 2027 06:39:23 +0000 asID: 146640 IP address blocks: 240a:af96::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:3c:2b:b6:13:a3:bd:6d:3c:ae:c8:b8:cc:4b:08:60:18:72:ac:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:23 2026 GMT Not After : Mar 3 06:39:23 2027 GMT Subject: CN=126066AA4B03EF6209AF8043B68F345C662A9C44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f4:c2:c8:b8:67:64:99:6c:05:cf:18:3a:50: e4:2c:90:80:3c:61:8e:92:b4:3b:b5:b0:c4:6e:79: b9:8c:2a:36:5d:dd:03:ae:79:97:1e:5f:fc:24:55: c8:64:09:18:a8:bf:68:be:8f:3a:b0:20:68:57:0f: 64:83:2a:55:7d:11:0b:5e:b9:20:27:12:4a:80:09: 6c:43:41:56:88:9a:4a:c3:54:03:95:9d:00:0b:66: ba:68:60:ac:5a:18:c2:a8:ee:ad:f9:ca:f2:ba:0c: 4f:fc:d6:1c:83:8f:58:b7:4c:b0:e8:f1:ee:85:12: 05:63:f5:41:de:11:d2:2a:68:75:d4:69:e2:ac:54: bf:de:ec:4b:32:73:e0:e8:a4:bd:63:53:f3:b3:96: 1c:38:72:e6:a5:7e:24:4f:68:23:1b:0e:11:f3:d7: 92:83:4a:90:3b:07:6c:87:6e:ba:d2:4e:77:88:05: bd:d0:8d:65:27:4d:d1:cd:ba:22:2f:46:d6:10:30: 17:d9:d2:52:23:ed:ae:1e:45:1f:0c:94:70:d5:61: 2f:e2:a3:8c:8f:b7:de:39:c5:8c:f6:7a:25:6f:03: 0b:46:eb:24:fa:82:9c:2c:6f:d7:3b:87:8e:e1:a8: 07:7f:f2:4f:99:4a:73:40:fa:d7:dc:c4:1a:6f:d6: af:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:60:66:AA:4B:03:EF:62:09:AF:80:43:B6:8F:34:5C:66:2A:9C:44 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146640.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af96::/32 Signature Algorithm: sha256WithRSAEncryption 32:5c:23:0d:b9:61:39:30:0f:00:e1:c9:0d:63:e4:d5:76:74: 77:24:3a:96:ec:75:1a:60:0d:99:d2:d0:6f:39:28:94:7f:a9: 9b:36:a0:03:e5:c6:77:2c:77:a0:85:89:af:9e:6e:61:85:9b: e7:de:fb:bf:6d:44:13:18:0a:64:3e:a0:14:2a:e5:99:d2:f0: 8f:40:14:9b:aa:da:fe:5f:d5:06:fd:dd:47:93:ad:a2:ad:d3: 1f:e2:a7:bd:8f:50:02:9b:9a:68:57:89:ba:0b:ec:9c:9f:e0: 9a:18:28:20:34:79:af:4f:e4:64:3c:95:a2:19:5d:32:21:c7: 18:34:d1:ea:fa:38:dc:01:8f:2d:b9:66:e3:79:02:05:16:4c: a5:1b:ff:6c:bc:c9:16:be:97:8b:fd:c9:1c:16:7f:df:bf:56: 73:2c:14:c0:ae:a2:ab:65:6c:fa:50:1c:61:36:e0:f5:3d:a8: e7:9f:d6:c9:41:86:33:a2:f8:8c:59:a2:3a:dc:0b:c6:f7:46: 91:51:af:a2:72:ee:68:5b:9f:9d:75:0b:66:1f:14:71:5c:62: 7b:92:aa:90:b9:31:0c:8d:88:ad:4c:7e:23:81:9c:d6:a9:43: 15:73:62:80:62:df:9a:f9:d5:6c:50:c0:6b:57:00:ff:a7:21: b1:56:d0:e2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULzwrthOjvW08rsi4zEsIYBhyrM4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQyM1oX DTI3MDMwMzA2MzkyM1owMzExMC8GA1UEAxMoMTI2MDY2QUE0QjAzRUY2MjA5QUY4 MDQzQjY4RjM0NUM2NjJBOUM0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKX0wsi4Z2SZbAXPGDpQ5CyQgDxhjpK0O7WwxG55uYwqNl3dA655lx5f/CRV yGQJGKi/aL6POrAgaFcPZIMqVX0RC165ICcSSoAJbENBVoiaSsNUA5WdAAtmumhg rFoYwqjurfnK8roMT/zWHIOPWLdMsOjx7oUSBWP1Qd4R0ipoddRp4qxUv97sSzJz 4OikvWNT87OWHDhy5qV+JE9oIxsOEfPXkoNKkDsHbIduutJOd4gFvdCNZSdN0c26 Ii9G1hAwF9nSUiPtrh5FHwyUcNVhL+KjjI+33jnFjPZ6JW8DC0brJPqCnCxv1zuH juGoB3/yT5lKc0D619zEGm/Wr1kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQSYGaq SwPvYgmvgEO2jzRcZiqcRDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r5YwDQYJKoZIhvcNAQELBQADggEBADJcIw25YTkwDwDhyQ1j5NV2dHckOpbsdRpg DZnS0G85KJR/qZs2oAPlxncsd6CFia+ebmGFm+fe+79tRBMYCmQ+oBQq5ZnS8I9A FJuq2v5f1Qb93UeTraKt0x/ip72PUAKbmmhXiboL7Jyf4JoYKCA0ea9P5GQ8laIZ XTIhxxg00er6ONwBjy25ZuN5AgUWTKUb/2y8yRa+l4v9yRwWf9+/VnMsFMCuoqtl bPpQHGE24PU9qOef1slBhjOi+IxZojrcC8b3RpFRr6Jy7mhbn511C2YfFHFcYnuS qpC5MQyNiK1MfiOBnNapQxVzYoBi35r51WxQwGtXAP+nIbFW0OI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:48 2026 by rpki-client