$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146644.roa File: AS146644.roa (raw, json) Hash identifier: zACFAgQ+uFL11t4AsacWpLOh2F6Ti6s5HL01onbCvNg= Subject key identifier: 06:82:76:43:E8:D7:01:95:3C:14:73:46:2D:1A:E2:06:36:C3:99:29 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5856737B3884B09F33E57E932A42963A881357D7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146644.roa Signing time: Wed 04 Mar 2026 06:39:46 +0000 ROA not before: Wed 04 Mar 2026 06:34:46 +0000 ROA not after: Wed 03 Mar 2027 06:39:46 +0000 asID: 146644 IP address blocks: 240a:af9a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:56:73:7b:38:84:b0:9f:33:e5:7e:93:2a:42:96:3a:88:13:57:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:46 2026 GMT Not After : Mar 3 06:39:46 2027 GMT Subject: CN=06827643E8D701953C1473462D1AE20636C39929 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2d:68:54:c9:e9:5e:18:d1:8c:90:9b:ff:40: 0d:06:6b:50:a7:b6:39:0e:97:f0:30:19:cb:b4:65: dc:57:d7:58:15:0e:e9:a3:c8:2c:82:21:73:fc:fb: 2f:8c:a8:67:f0:9d:df:76:8d:e8:75:2a:9b:bf:91: b8:70:46:a9:47:38:b2:f1:24:17:53:b7:c8:e3:90: 1c:a2:68:25:9f:06:ef:1c:36:ba:6b:39:fc:cf:0d: 4c:c8:a6:91:9f:49:88:68:e0:0b:78:61:c5:5e:6e: 4f:1a:63:d8:f3:c7:9c:59:a3:b2:d6:ea:23:2d:69: ee:6c:6d:d4:b0:6a:7f:bc:c3:74:6f:b3:97:26:47: 6c:4a:ca:cf:40:ce:0b:18:52:39:e9:24:24:47:7c: 74:6c:f3:59:3f:0a:72:85:ee:03:2c:8e:11:1d:2f: 5d:09:33:18:ba:50:15:e7:e0:0c:13:07:85:de:a6: ff:0a:98:cf:70:93:b7:da:c6:58:8a:de:2a:27:53: b7:a7:13:df:28:ce:fc:2c:d7:3a:13:15:90:e9:77: 2c:e7:0a:f7:41:be:ea:81:fc:ff:aa:8a:53:4f:47: 91:fb:38:69:7e:18:fb:57:e8:d6:53:c7:8c:79:4e: 3f:16:50:4b:dc:d0:98:f4:30:41:7e:bb:a7:3d:cb: 47:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:82:76:43:E8:D7:01:95:3C:14:73:46:2D:1A:E2:06:36:C3:99:29 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146644.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:af9a::/32 Signature Algorithm: sha256WithRSAEncryption 9b:b1:f5:6e:e8:9f:e3:52:1a:3d:50:96:19:e9:64:20:cf:a7: 2d:2f:ca:00:e8:61:50:ec:33:63:7c:81:33:f0:60:0d:58:7e: d9:35:5a:fa:5c:04:76:e7:3e:53:8d:13:05:0d:a2:db:2f:cd: e5:48:40:47:71:38:d1:ce:3f:b7:19:72:bf:42:2a:bc:70:b5: b8:6b:65:d2:74:36:f9:b9:1b:1f:5c:e3:b5:a7:da:5a:13:e0: ac:bd:e3:4f:7e:86:32:44:b5:09:71:07:97:30:33:33:04:b9: 6d:72:7d:aa:ce:45:f9:cb:83:34:ac:57:d7:40:97:ea:91:56: 7f:46:7d:ec:7b:a1:df:51:82:4e:23:e6:cb:6d:4c:ad:a2:ed: ea:db:a4:83:e6:a0:ce:c4:25:2a:ad:ca:af:d5:80:1b:d9:6d: e4:7d:56:6e:ce:b7:ba:a9:6f:c2:15:82:24:f6:7f:3f:b5:46: 0b:e8:11:68:36:1a:40:b8:70:93:96:2c:2c:4b:49:d2:f4:9c: 47:42:5a:df:b4:bd:63:48:83:2d:92:3f:65:e3:e1:34:36:c0: cd:87:f1:92:0e:66:32:2b:40:ce:54:6e:97:5e:37:6a:08:6a: f6:d8:20:b2:51:1c:56:d2:dc:9f:26:63:61:83:df:b7:e6:f4: a8:c0:6b:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWFZzeziEsJ8z5X6TKkKWOogTV9cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0NloX DTI3MDMwMzA2Mzk0NlowMzExMC8GA1UEAxMoMDY4Mjc2NDNFOEQ3MDE5NTNDMTQ3 MzQ2MkQxQUUyMDYzNkMzOTkyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANctaFTJ6V4Y0YyQm/9ADQZrUKe2OQ6X8DAZy7Rl3FfXWBUO6aPILIIhc/z7 L4yoZ/Cd33aN6HUqm7+RuHBGqUc4svEkF1O3yOOQHKJoJZ8G7xw2ums5/M8NTMim kZ9JiGjgC3hhxV5uTxpj2PPHnFmjstbqIy1p7mxt1LBqf7zDdG+zlyZHbErKz0DO CxhSOekkJEd8dGzzWT8KcoXuAyyOER0vXQkzGLpQFefgDBMHhd6m/wqYz3CTt9rG WIreKidTt6cT3yjO/CzXOhMVkOl3LOcK90G+6oH8/6qKU09Hkfs4aX4Y+1fo1lPH jHlOPxZQS9zQmPQwQX67pz3LR8MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQGgnZD 6NcBlTwUc0YtGuIGNsOZKTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r5owDQYJKoZIhvcNAQELBQADggEBAJux9W7on+NSGj1QlhnpZCDPpy0vygDoYVDs M2N8gTPwYA1Yftk1WvpcBHbnPlONEwUNotsvzeVIQEdxONHOP7cZcr9CKrxwtbhr ZdJ0Nvm5Gx9c47Wn2loT4Ky9409+hjJEtQlxB5cwMzMEuW1yfarORfnLgzSsV9dA l+qRVn9Gfex7od9Rgk4j5sttTK2i7erbpIPmoM7EJSqtyq/VgBvZbeR9Vm7Ot7qp b8IVgiT2fz+1RgvoEWg2GkC4cJOWLCxLSdL0nEdCWt+0vWNIgy2SP2Xj4TQ2wM2H 8ZIOZjIrQM5UbpdeN2oIavbYILJRHFbS3J8mY2GD37fm9KjAa9Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:10 2026 by rpki-client