$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146642.roa File: AS146642.roa (raw, json) Hash identifier: W76wI6SOKqgCg0lBdyl/x/kLdqi2MtZHgyMbtzfEAH0= Subject key identifier: 36:B9:3F:6B:A4:DE:29:5A:D3:98:6E:47:A0:63:66:31:E9:EE:B1:4B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 32770106E7CE00DFB37E401833F116ABB9C7650F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146642.roa Signing time: Wed 04 Mar 2026 06:39:29 +0000 ROA not before: Wed 04 Mar 2026 06:34:29 +0000 ROA not after: Wed 03 Mar 2027 06:39:29 +0000 asID: 146642 IP address blocks: 240a:af98::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:77:01:06:e7:ce:00:df:b3:7e:40:18:33:f1:16:ab:b9:c7:65:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:29 2026 GMT Not After : Mar 3 06:39:29 2027 GMT Subject: CN=36B93F6BA4DE295AD3986E47A0636631E9EEB14B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:9a:bd:db:a2:91:11:e1:a4:0d:b0:56:2a:da: 8c:e3:36:33:a4:56:71:20:ea:1f:89:f1:e4:b0:65: be:91:01:98:b2:4d:2a:3f:fe:26:a9:6f:84:3c:1d: d9:3d:1b:ad:1f:ba:2f:70:c7:59:92:d8:24:8e:e4: 33:b0:2e:e5:88:2e:dd:30:1e:30:d1:15:c1:6c:d6: 9c:a0:41:4e:fd:20:4b:9e:07:55:a9:cc:61:e7:97: 6d:23:07:20:46:6e:a0:9f:9d:17:9c:d1:18:0d:34: de:11:93:49:73:46:6e:f4:34:07:ca:60:af:ae:f8: 01:f2:db:64:a8:0e:38:74:2d:4e:18:9f:46:97:e0: a5:4a:78:6a:62:5e:f7:e3:5f:67:71:16:c5:57:f7: fc:38:2c:bb:3b:ab:b8:42:f2:5a:b6:7a:3b:a8:de: 82:f9:96:80:f9:48:19:ac:4a:27:95:be:de:16:d6: ff:5a:9d:29:75:37:03:93:0f:e8:e5:11:4e:da:dd: 53:0a:5f:d5:b4:18:46:94:4b:b9:e4:de:ba:eb:8c: 97:80:4a:b4:bc:f9:b2:75:da:69:2a:17:d0:84:9c: 89:73:c2:77:1a:36:a7:3d:16:ad:be:17:8a:3a:98: 5d:21:e9:68:ef:26:43:e9:51:73:2d:f1:7b:ba:5a: 27:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:B9:3F:6B:A4:DE:29:5A:D3:98:6E:47:A0:63:66:31:E9:EE:B1:4B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146642.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af98::/32 Signature Algorithm: sha256WithRSAEncryption 90:53:46:75:6d:99:2d:f2:45:59:87:8e:7c:d8:64:fa:13:14: 88:d9:92:1e:a1:1a:43:fd:68:99:9d:20:9f:38:be:43:ab:e3: 87:6a:54:87:73:d5:d3:c7:2e:3f:3b:10:1b:33:3b:a9:7d:65: 04:8c:5d:db:b2:d7:4c:6b:67:2a:ad:ab:14:b3:d6:f4:b2:1e: f7:da:52:19:7c:41:14:8c:28:dd:e8:3a:bc:b9:22:fa:80:f5: 6c:d7:af:b6:ec:0c:3d:58:85:32:6f:d1:d6:de:5d:1d:4a:37: a1:2b:0c:06:b7:c4:3b:59:c4:1b:a9:73:5c:78:34:6a:57:b7: e6:02:dc:ac:2e:b3:45:3a:04:6f:ca:16:d7:33:78:a7:62:d2: 48:c5:0c:b8:84:8b:a1:1f:dc:14:76:7e:e1:c0:79:71:98:91: 79:b6:c7:9b:92:86:3a:75:8a:07:bf:9a:94:4d:40:cc:c9:19: 4f:f7:9b:f6:63:d3:0a:f9:e2:4e:70:2a:85:81:98:52:10:04: 94:a5:c8:a6:c8:f9:01:97:d0:7c:f5:11:91:e7:c5:8c:ea:6e: db:66:8c:47:15:51:9e:5d:a4:a5:b1:21:cb:1c:b1:33:64:d7: fc:f1:4e:2c:cb:8e:3f:b1:05:7a:7f:63:f5:91:5d:a0:26:a5: e8:c9:16:49 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMncBBufOAN+zfkAYM/EWq7nHZQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQyOVoX DTI3MDMwMzA2MzkyOVowMzExMC8GA1UEAxMoMzZCOTNGNkJBNERFMjk1QUQzOTg2 RTQ3QTA2MzY2MzFFOUVFQjE0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANyavduikRHhpA2wVirajOM2M6RWcSDqH4nx5LBlvpEBmLJNKj/+JqlvhDwd 2T0brR+6L3DHWZLYJI7kM7Au5Ygu3TAeMNEVwWzWnKBBTv0gS54HVanMYeeXbSMH IEZuoJ+dF5zRGA003hGTSXNGbvQ0B8pgr674AfLbZKgOOHQtThifRpfgpUp4amJe 9+NfZ3EWxVf3/DgsuzuruELyWrZ6O6jegvmWgPlIGaxKJ5W+3hbW/1qdKXU3A5MP 6OURTtrdUwpf1bQYRpRLueTeuuuMl4BKtLz5snXaaSoX0ISciXPCdxo2pz0Wrb4X ijqYXSHpaO8mQ+lRcy3xe7paJ+sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ2uT9r pN4pWtOYbkegY2Yx6e6xSzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r5gwDQYJKoZIhvcNAQELBQADggEBAJBTRnVtmS3yRVmHjnzYZPoTFIjZkh6hGkP9 aJmdIJ84vkOr44dqVIdz1dPHLj87EBszO6l9ZQSMXduy10xrZyqtqxSz1vSyHvfa Uhl8QRSMKN3oOry5IvqA9WzXr7bsDD1YhTJv0dbeXR1KN6ErDAa3xDtZxBupc1x4 NGpXt+YC3Kwus0U6BG/KFtczeKdi0kjFDLiEi6Ef3BR2fuHAeXGYkXm2x5uShjp1 ige/mpRNQMzJGU/3m/Zj0wr54k5wKoWBmFIQBJSlyKbI+QGX0Hz1EZHnxYzqbttm jEcVUZ5dpKWxIcscsTNk1/zxTizLjj+xBXp/Y/WRXaAmpejJFkk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:58 2026 by rpki-client