$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146657.roa File: AS146657.roa (raw, json) Hash identifier: xShyLV1fFARL/9HYrsgSbdbJi0/47wW0/UE/3zj+OTI= Subject key identifier: D1:E0:BD:9B:E2:68:80:90:BA:8A:A0:F1:8D:F5:2D:34:51:10:73:56 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 16542F51AF950F14397A03ACE6C09DE72A03CC79 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146657.roa Signing time: Wed 04 Mar 2026 06:39:35 +0000 ROA not before: Wed 04 Mar 2026 06:34:35 +0000 ROA not after: Wed 03 Mar 2027 06:39:35 +0000 asID: 146657 IP address blocks: 240a:afa7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:54:2f:51:af:95:0f:14:39:7a:03:ac:e6:c0:9d:e7:2a:03:cc:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:35 2026 GMT Not After : Mar 3 06:39:35 2027 GMT Subject: CN=D1E0BD9BE2688090BA8AA0F18DF52D3451107356 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:57:a1:d7:7d:d2:f3:ab:c4:23:e3:af:e9:50: a3:fd:3b:11:6f:9e:6b:2b:64:fb:47:ac:41:01:93: cd:cb:e1:7d:06:ba:28:1f:d1:76:a7:22:e2:a0:c3: 13:4f:cc:11:6c:d1:48:c2:da:7d:7a:7c:ba:94:60: 2c:6e:2f:4f:60:68:ed:8a:b7:33:31:03:e7:5f:95: 1b:cf:da:53:75:4b:40:58:12:b1:b7:c4:56:83:b3: 0e:a8:7f:4d:f4:20:87:29:b2:08:39:b1:36:db:67: a4:25:4b:d8:9a:24:c8:29:3f:1c:3f:1e:ed:8e:14: 43:a2:a1:a4:13:52:ed:2b:66:d5:ee:a9:6d:a1:fd: de:24:cc:05:3f:af:d8:e3:f6:9f:84:0b:c5:d9:aa: 7d:5c:71:dc:a5:8f:f8:09:ad:42:c9:a9:96:ab:a1: 56:da:31:fa:bd:1f:a8:1d:98:ee:dd:4e:42:ef:d2: 7d:1d:d4:b8:e7:29:56:2a:83:df:d4:8c:b6:a2:5d: c4:e3:fa:4f:25:8e:d1:bb:91:51:34:57:79:9f:2a: 4f:a9:b6:5b:e1:10:9d:82:fe:11:7a:0b:e4:0f:f7: a9:d0:db:f4:8f:4d:22:e7:4f:4d:3e:77:c3:68:50: 57:74:22:4d:c1:bc:0e:a0:30:2f:7c:3f:52:2b:d6: a0:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:E0:BD:9B:E2:68:80:90:BA:8A:A0:F1:8D:F5:2D:34:51:10:73:56 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146657.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afa7::/32 Signature Algorithm: sha256WithRSAEncryption a4:36:3c:98:68:01:c5:6d:7e:f2:2a:9f:8e:25:21:76:80:40: 4b:d1:b7:0d:8d:3d:59:b7:62:b4:86:6d:d2:0b:10:27:45:2b: 1a:98:a8:99:41:5f:c0:45:be:cf:63:c5:89:d8:6a:a4:c2:59: 59:5d:a8:bd:33:d5:a4:8b:26:df:16:6e:e6:26:e0:26:0f:14: 9a:ef:93:35:db:8f:96:e4:4c:70:e2:7e:56:c8:c8:1d:44:a1: 06:36:34:49:71:46:a6:b0:89:49:fd:70:00:3d:2a:bc:90:b5: 73:e3:0e:28:d1:bb:6f:cd:12:98:f6:05:17:e3:48:3e:70:0e: 1c:9c:8a:c7:28:df:84:93:8a:b1:c1:12:9a:86:43:a0:7f:a8: f0:ed:ce:b8:64:ee:ee:18:fb:cf:55:36:1a:45:46:d2:4a:12: 22:fd:7a:ef:6d:8b:14:96:d4:c2:c9:56:cb:dd:a3:52:e4:83: ca:4b:4b:19:10:10:f7:8c:d7:a1:a7:9b:82:3b:f2:23:8c:be: 18:96:14:12:66:36:d7:b4:13:0c:be:cc:42:4e:3f:4c:20:80: 34:bd:02:1e:6a:03:24:08:c8:5f:20:b8:28:61:4e:14:a5:3e: 79:21:5d:4c:d5:ee:4a:a8:90:0d:05:4d:de:ee:82:f3:06:11: 6d:6d:d9:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFlQvUa+VDxQ5egOs5sCd5yoDzHkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzNVoX DTI3MDMwMzA2MzkzNVowMzExMC8GA1UEAxMoRDFFMEJEOUJFMjY4ODA5MEJBOEFB MEYxOERGNTJEMzQ1MTEwNzM1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOZXodd90vOrxCPjr+lQo/07EW+eaytk+0esQQGTzcvhfQa6KB/Rdqci4qDD E0/MEWzRSMLafXp8upRgLG4vT2Bo7Yq3MzED51+VG8/aU3VLQFgSsbfEVoOzDqh/ TfQghymyCDmxNttnpCVL2JokyCk/HD8e7Y4UQ6KhpBNS7Stm1e6pbaH93iTMBT+v 2OP2n4QLxdmqfVxx3KWP+AmtQsmplquhVtox+r0fqB2Y7t1OQu/SfR3UuOcpViqD 39SMtqJdxOP6TyWO0buRUTRXeZ8qT6m2W+EQnYL+EXoL5A/3qdDb9I9NIudPTT53 w2hQV3QiTcG8DqAwL3w/UivWoLUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTR4L2b 4miAkLqKoPGN9S00URBzVjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r6cwDQYJKoZIhvcNAQELBQADggEBAKQ2PJhoAcVtfvIqn44lIXaAQEvRtw2NPVm3 YrSGbdILECdFKxqYqJlBX8BFvs9jxYnYaqTCWVldqL0z1aSLJt8WbuYm4CYPFJrv kzXbj5bkTHDiflbIyB1EoQY2NElxRqawiUn9cAA9KryQtXPjDijRu2/NEpj2BRfj SD5wDhycisco34STirHBEpqGQ6B/qPDtzrhk7u4Y+89VNhpFRtJKEiL9eu9tixSW 1MLJVsvdo1Lkg8pLSxkQEPeM16Gnm4I78iOMvhiWFBJmNte0Ewy+zEJOP0wggDS9 Ah5qAyQIyF8guChhThSlPnkhXUzV7kqokA0FTd7ugvMGEW1t2SQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:46 2026 by rpki-client