$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146652.roa File: AS146652.roa (raw, json) Hash identifier: s4uZV1s4/ILJgpAQdJOuFB2fRfqGQaJi8yN+DnT803Q= Subject key identifier: 5A:5B:C3:B7:EA:9B:05:E1:B7:87:50:C8:00:54:48:E3:A2:7C:F2:12 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E06CF58EE6ED2106274B571DF42B15EA4B47629 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146652.roa Signing time: Wed 04 Mar 2026 06:39:31 +0000 ROA not before: Wed 04 Mar 2026 06:34:31 +0000 ROA not after: Wed 03 Mar 2027 06:39:31 +0000 asID: 146652 IP address blocks: 240a:afa2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:06:cf:58:ee:6e:d2:10:62:74:b5:71:df:42:b1:5e:a4:b4:76:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:31 2026 GMT Not After : Mar 3 06:39:31 2027 GMT Subject: CN=5A5BC3B7EA9B05E1B78750C8005448E3A27CF212 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:42:e0:6e:35:72:92:87:fd:59:5a:10:bb:bb: ea:74:2a:ca:81:86:5f:92:27:b6:ea:43:b6:d4:d8: 10:86:6c:6b:9a:30:74:6a:e5:9e:61:33:f5:fe:fb: 64:59:e0:04:c3:f5:ba:5d:45:4a:d9:54:ac:25:f7: f1:45:30:80:c1:2d:ff:97:89:a9:33:34:f7:68:70: 41:f8:6b:5c:d7:28:ad:c3:7c:80:b7:11:d2:71:07: 22:ab:09:21:42:64:68:39:92:ea:b7:12:ac:56:b5: 70:95:8d:b0:cd:2f:7a:c7:69:ac:cf:2a:6d:3f:d2: b1:89:50:fb:33:17:25:d9:af:0c:13:ad:e0:c4:5b: bf:ba:de:8c:f3:d0:9d:6e:b4:ea:b1:61:52:2a:53: c9:12:97:6c:35:7e:70:a0:0c:f8:a9:fc:08:50:18: cc:e8:40:05:8c:81:8a:0f:a6:cb:66:28:d9:e6:e8: 0f:40:08:58:c1:67:07:a8:e8:58:3f:f3:fc:0f:f4: bc:98:d6:d7:6c:6a:bd:17:ef:23:41:10:66:a4:ca: b1:6d:c1:e1:78:43:94:bc:a3:9c:a2:d1:c7:96:d8: 0b:cb:8c:fb:46:12:ee:13:95:b8:1e:04:22:8c:29: 76:f1:f1:56:ec:a8:5c:85:80:e8:95:5d:fc:ce:8e: e4:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:5B:C3:B7:EA:9B:05:E1:B7:87:50:C8:00:54:48:E3:A2:7C:F2:12 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146652.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afa2::/32 Signature Algorithm: sha256WithRSAEncryption 0e:cd:80:6a:4c:42:c3:e1:c6:d9:f0:39:98:25:be:78:b2:05: b0:d0:f2:e6:0f:28:f5:d2:a7:07:ce:a6:b4:8f:a1:6f:2f:de: 8f:bc:3b:1c:7e:40:09:c4:00:4e:77:82:b3:c0:8f:e7:e3:25: 92:37:26:5f:cd:83:73:e1:0a:ec:36:a1:a3:dc:ab:9e:f2:3a: 3a:18:c9:d9:64:b0:58:8f:23:fe:52:de:9d:a3:34:64:9c:43: 93:d9:de:ec:e8:8a:0b:1b:3e:f2:06:6e:15:99:58:07:76:f2: a1:09:10:59:c4:ce:63:ed:2d:79:f3:39:97:77:50:d9:55:39: 93:9f:07:d9:16:22:c0:db:b8:91:93:90:65:07:a0:e3:03:e8: 1e:f1:33:1c:3b:17:80:e4:b3:b1:c1:4d:5d:fe:9e:87:a3:93: ba:46:e1:fe:77:3a:51:5e:83:37:fc:98:34:38:f9:09:00:dd: 0e:2e:80:5d:f7:b0:3c:ba:77:5b:bd:12:ff:2a:6e:bd:cc:98: d0:56:bd:b9:e7:b6:d5:a0:c2:0b:fc:89:98:c9:a8:19:de:e3: a8:63:18:af:cf:f1:0d:9a:9f:cd:38:b2:1e:ce:70:6e:bf:93: 5a:77:3f:18:2b:24:00:2a:9d:1b:92:57:8b:e5:c4:05:f1:cd: ea:3b:6c:16 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHgbPWO5u0hBidLVx30KxXqS0dikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzMVoX DTI3MDMwMzA2MzkzMVowMzExMC8GA1UEAxMoNUE1QkMzQjdFQTlCMDVFMUI3ODc1 MEM4MDA1NDQ4RTNBMjdDRjIxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALRC4G41cpKH/VlaELu76nQqyoGGX5IntupDttTYEIZsa5owdGrlnmEz9f77 ZFngBMP1ul1FStlUrCX38UUwgMEt/5eJqTM092hwQfhrXNcorcN8gLcR0nEHIqsJ IUJkaDmS6rcSrFa1cJWNsM0vesdprM8qbT/SsYlQ+zMXJdmvDBOt4MRbv7rejPPQ nW606rFhUipTyRKXbDV+cKAM+Kn8CFAYzOhABYyBig+my2Yo2eboD0AIWMFnB6jo WD/z/A/0vJjW12xqvRfvI0EQZqTKsW3B4XhDlLyjnKLRx5bYC8uM+0YS7hOVuB4E IowpdvHxVuyoXIWA6JVd/M6O5F0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRaW8O3 6psF4beHUMgAVEjjonzyEjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r6IwDQYJKoZIhvcNAQELBQADggEBAA7NgGpMQsPhxtnwOZglvniyBbDQ8uYPKPXS pwfOprSPoW8v3o+8Oxx+QAnEAE53grPAj+fjJZI3Jl/Ng3PhCuw2oaPcq57yOjoY ydlksFiPI/5S3p2jNGScQ5PZ3uzoigsbPvIGbhWZWAd28qEJEFnEzmPtLXnzOZd3 UNlVOZOfB9kWIsDbuJGTkGUHoOMD6B7xMxw7F4Dks7HBTV3+noejk7pG4f53OlFe gzf8mDQ4+QkA3Q4ugF33sDy6d1u9Ev8qbr3MmNBWvbnnttWgwgv8iZjJqBne46hj GK/P8Q2an804sh7OcG6/k1p3PxgrJAAqnRuSV4vlxAXxzeo7bBY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:47 2026 by rpki-client