$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146655.roa File: AS146655.roa (raw, json) Hash identifier: gbzrwZSzlax0snTRWJsT1hhPbu2/ay5prM73Yn9TbCo= Subject key identifier: 33:D4:8B:BC:E5:AF:04:C1:82:3C:C8:E1:29:09:BC:59:2D:4E:8E:48 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 12A8E97143803B3566A302D5364636A1B6A0E290 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146655.roa Signing time: Wed 04 Mar 2026 06:39:31 +0000 ROA not before: Wed 04 Mar 2026 06:34:31 +0000 ROA not after: Wed 03 Mar 2027 06:39:31 +0000 asID: 146655 IP address blocks: 240a:afa5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:a8:e9:71:43:80:3b:35:66:a3:02:d5:36:46:36:a1:b6:a0:e2:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:31 2026 GMT Not After : Mar 3 06:39:31 2027 GMT Subject: CN=33D48BBCE5AF04C1823CC8E12909BC592D4E8E48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0d:17:c7:5d:29:2e:86:1e:61:91:2a:8b:ac: 0d:e2:5b:e8:97:6b:fc:78:f0:fc:e1:9f:a1:44:ba: 2d:ed:59:91:63:d6:62:2f:d1:26:e6:3f:b6:22:61: fe:60:e6:a2:ca:c7:9c:60:ec:24:2b:3c:12:3a:18: 89:3b:d7:ac:02:aa:1b:3d:be:ab:85:fd:c5:28:fc: d1:68:b3:ec:ed:a5:18:15:f9:5b:4e:18:fd:65:f6: 37:c2:59:3a:bb:cd:bc:0d:00:9d:d6:38:d2:7c:48: a2:58:57:04:46:51:3f:ae:7f:76:87:1e:ba:77:69: e2:81:69:f5:9d:52:ba:cd:bb:9c:a0:fb:fa:6f:59: ad:19:f8:3e:a0:bf:7d:9e:b8:0b:a4:5e:d6:c0:76: 14:69:10:5c:ae:61:4b:f6:dd:db:c8:09:cd:a3:25: 73:3e:13:55:aa:6c:3b:3b:93:cf:c5:cd:48:0a:55: 6d:54:9c:1f:7f:3c:9b:23:2e:c6:5a:c4:24:25:57: cf:f4:e4:03:1b:2b:6f:f3:10:af:08:61:d2:92:3e: ae:6a:7c:38:1c:01:4e:c1:4f:54:e6:87:ac:05:c0: 8c:06:27:26:60:94:44:48:54:2b:ec:f6:3d:2e:d5: 33:03:33:df:b6:69:23:c2:38:51:e3:75:51:86:2e: 39:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:D4:8B:BC:E5:AF:04:C1:82:3C:C8:E1:29:09:BC:59:2D:4E:8E:48 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146655.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afa5::/32 Signature Algorithm: sha256WithRSAEncryption 21:c5:19:df:8e:c8:3b:ab:73:f0:d5:2f:73:ae:8a:a1:3b:e9: 13:05:9e:d0:a8:3a:3c:80:a2:e9:dd:df:a0:e0:65:68:72:0a: 28:c4:0f:64:a9:d9:e6:47:41:75:19:66:48:bc:50:e1:a9:88: ba:aa:10:79:42:40:3d:ef:19:02:e5:c8:f2:b5:76:d6:6a:cf: c4:0d:26:4b:71:a4:82:6b:41:4c:3b:b5:6e:8e:17:12:e2:21: d1:53:d2:8a:a2:2d:c0:a7:98:ea:48:00:65:75:ad:15:5e:00: f3:31:35:fd:b2:e4:9e:f7:7d:d5:e6:b0:80:8e:95:65:d7:d9: 37:ee:cf:e6:3d:af:fc:32:52:f8:f5:74:1b:ba:11:82:7d:2d: e3:05:ab:b0:ae:fe:ca:f6:c3:cd:6f:2c:06:1a:f5:7d:e7:44: 5a:6e:ad:eb:31:d7:bc:26:cc:ad:87:50:0c:66:c8:12:eb:93: af:8e:8d:bf:d5:9e:2b:27:79:3d:a4:33:04:ea:82:de:4a:a2: 40:f3:67:91:9e:f2:e7:7c:52:b3:27:a8:a7:84:50:c0:ce:63: a5:9f:56:7a:89:e5:7a:f2:21:1f:0f:8e:89:44:82:f2:56:25: 4c:7d:c6:ee:c0:d7:ce:27:f3:40:32:c2:84:49:76:fc:b6:60: 1a:7a:0a:d4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEqjpcUOAOzVmowLVNkY2obag4pAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzMVoX DTI3MDMwMzA2MzkzMVowMzExMC8GA1UEAxMoMzNENDhCQkNFNUFGMDRDMTgyM0ND OEUxMjkwOUJDNTkyRDRFOEU0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKANF8ddKS6GHmGRKousDeJb6Jdr/Hjw/OGfoUS6Le1ZkWPWYi/RJuY/tiJh /mDmosrHnGDsJCs8EjoYiTvXrAKqGz2+q4X9xSj80Wiz7O2lGBX5W04Y/WX2N8JZ OrvNvA0AndY40nxIolhXBEZRP65/doceundp4oFp9Z1Sus27nKD7+m9ZrRn4PqC/ fZ64C6Re1sB2FGkQXK5hS/bd28gJzaMlcz4TVapsOzuTz8XNSApVbVScH388myMu xlrEJCVXz/TkAxsrb/MQrwhh0pI+rmp8OBwBTsFPVOaHrAXAjAYnJmCUREhUK+z2 PS7VMwMz37ZpI8I4UeN1UYYuOXECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQz1Iu8 5a8EwYI8yOEpCbxZLU6OSDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r6UwDQYJKoZIhvcNAQELBQADggEBACHFGd+OyDurc/DVL3OuiqE76RMFntCoOjyA ound36DgZWhyCijED2Sp2eZHQXUZZki8UOGpiLqqEHlCQD3vGQLlyPK1dtZqz8QN JktxpIJrQUw7tW6OFxLiIdFT0oqiLcCnmOpIAGV1rRVeAPMxNf2y5J73fdXmsICO lWXX2Tfuz+Y9r/wyUvj1dBu6EYJ9LeMFq7Cu/sr2w81vLAYa9X3nRFpuresx17wm zK2HUAxmyBLrk6+Ojb/VnisneT2kMwTqgt5KokDzZ5Ge8ud8UrMnqKeEUMDOY6Wf VnqJ5XryIR8PjolEgvJWJUx9xu7A184n80AywoRJdvy2YBp6CtQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:18 2026 by rpki-client