$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146650.roa File: AS146650.roa (raw, json) Hash identifier: LXnr8SNYJ0s+jNfp89ybM6Jdo/WSyGPqj10iq7Wb7KY= Subject key identifier: F0:9C:82:C0:57:09:A2:07:2E:97:37:89:F1:9B:C2:D1:A1:EE:F5:AA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C7C10385AAA476B8C70D53F1A4EFE60CF26C56A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146650.roa Signing time: Wed 04 Mar 2026 06:39:47 +0000 ROA not before: Wed 04 Mar 2026 06:34:47 +0000 ROA not after: Wed 03 Mar 2027 06:39:47 +0000 asID: 146650 IP address blocks: 240a:afa0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:7c:10:38:5a:aa:47:6b:8c:70:d5:3f:1a:4e:fe:60:cf:26:c5:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:47 2026 GMT Not After : Mar 3 06:39:47 2027 GMT Subject: CN=F09C82C05709A2072E973789F19BC2D1A1EEF5AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:57:29:28:9f:0b:fe:b5:e7:a4:d6:3e:81:b0: 39:29:0e:82:29:a5:c2:7c:1e:04:7e:fa:95:b0:3a: 6e:26:88:9e:0a:63:35:7f:5f:09:92:66:ed:24:97: 58:31:57:d5:93:a1:7f:eb:ad:69:21:cf:59:60:ff: 82:db:cb:0d:82:cc:a0:f8:b3:fa:42:5e:43:ab:cc: 4c:50:cb:6a:71:a1:d9:3d:c6:ba:b8:2f:07:42:81: 3a:45:a6:a2:2b:36:38:0f:4c:30:7b:3b:7a:e0:28: 1f:6f:ac:33:fb:65:bf:8d:ea:ba:ca:64:97:17:06: 96:23:3a:fe:e9:71:2b:b6:2c:69:a8:5a:35:9d:06: 54:96:e9:ba:de:d1:f2:40:32:86:5d:00:d4:0b:44: 33:e5:fc:98:af:a8:02:ff:0c:98:f1:3f:92:da:0d: 8e:9c:8f:2e:17:f8:55:6b:fa:cb:6c:41:62:9b:75: 6c:07:14:df:32:35:90:80:fe:96:42:3a:b3:f4:16: 61:d2:2a:81:40:0f:1a:61:f0:43:c5:c9:17:c7:e7: db:c7:34:ae:8b:c8:72:77:1a:3e:b5:f5:94:42:96: 20:37:a4:f7:cd:e4:54:65:d3:38:5c:f3:f1:32:d2: 2f:8f:7c:9d:a6:18:e9:c7:02:ee:8f:d8:27:b8:82: 13:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:9C:82:C0:57:09:A2:07:2E:97:37:89:F1:9B:C2:D1:A1:EE:F5:AA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146650.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afa0::/32 Signature Algorithm: sha256WithRSAEncryption 72:a0:d5:6a:0f:d0:34:74:07:c7:52:ef:36:f3:8d:aa:fc:30: 4e:9b:d6:35:bc:2d:24:81:d9:e1:2e:19:e8:d5:2e:0e:8e:55: 6b:a0:8b:c3:1d:f0:ea:ce:85:79:6d:91:ce:07:40:87:95:b9: a1:9c:18:f9:59:71:37:8d:a4:2b:40:90:67:6b:d8:56:3a:4c: 5b:f3:d7:b5:04:35:b8:04:0d:45:16:fc:1d:4b:4e:68:85:ec: 00:28:62:07:e4:28:8f:70:ba:6c:1b:73:04:79:94:19:84:6d: 28:99:90:95:c7:05:68:d4:4f:2f:da:f1:8a:a3:75:73:64:94: 12:cd:d2:5f:3f:8b:8f:60:7f:09:79:43:8d:8a:cb:85:a7:93: fc:46:7c:b5:03:67:58:ee:f7:58:4f:41:53:5f:68:83:3a:a9: 7d:db:63:57:4c:ee:17:dd:2c:0d:d3:cf:b3:1a:01:84:d0:f7: 22:61:8c:49:15:69:28:01:80:42:a1:8c:51:49:63:29:75:47: 78:8e:92:3c:f1:79:b6:80:25:62:24:a2:50:48:4d:75:59:63: 32:93:14:e4:f2:23:c4:3d:24:ef:6a:76:dd:1f:2f:f1:d6:5d: 7b:1c:e6:25:66:f3:30:4d:1b:bc:6b:30:af:a2:24:9d:9f:13: c4:e6:92:71 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPHwQOFqqR2uMcNU/Gk7+YM8mxWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0N1oX DTI3MDMwMzA2Mzk0N1owMzExMC8GA1UEAxMoRjA5QzgyQzA1NzA5QTIwNzJFOTcz Nzg5RjE5QkMyRDFBMUVFRjVBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVXKSifC/6156TWPoGwOSkOgimlwnweBH76lbA6biaIngpjNX9fCZJm7SSX WDFX1ZOhf+utaSHPWWD/gtvLDYLMoPiz+kJeQ6vMTFDLanGh2T3GurgvB0KBOkWm ois2OA9MMHs7euAoH2+sM/tlv43quspklxcGliM6/ulxK7YsaahaNZ0GVJbput7R 8kAyhl0A1AtEM+X8mK+oAv8MmPE/ktoNjpyPLhf4VWv6y2xBYpt1bAcU3zI1kID+ lkI6s/QWYdIqgUAPGmHwQ8XJF8fn28c0rovIcncaPrX1lEKWIDek983kVGXTOFzz 8TLSL498naYY6ccC7o/YJ7iCE6kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTwnILA VwmiBy6XN4nxm8LRoe71qjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r6AwDQYJKoZIhvcNAQELBQADggEBAHKg1WoP0DR0B8dS7zbzjar8ME6b1jW8LSSB 2eEuGejVLg6OVWugi8Md8OrOhXltkc4HQIeVuaGcGPlZcTeNpCtAkGdr2FY6TFvz 17UENbgEDUUW/B1LTmiF7AAoYgfkKI9wumwbcwR5lBmEbSiZkJXHBWjUTy/a8Yqj dXNklBLN0l8/i49gfwl5Q42Ky4Wnk/xGfLUDZ1ju91hPQVNfaIM6qX3bY1dM7hfd LA3Tz7MaAYTQ9yJhjEkVaSgBgEKhjFFJYyl1R3iOkjzxebaAJWIkolBITXVZYzKT FOTyI8Q9JO9qdt0fL/HWXXsc5iVm8zBNG7xrMK+iJJ2fE8TmknE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:03 2026 by rpki-client