$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146658.roa File: AS146658.roa (raw, json) Hash identifier: TelZ41WPOUPtBrJ2IuWRugZhvulK32VtlTOcGCew9ps= Subject key identifier: E3:90:1A:92:6B:50:28:27:AC:C2:A1:B4:26:A4:E0:DD:06:9C:B1:9D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1BF85C8D48CD84C8D2A6FF670998C9AD83FE9C16 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146658.roa Signing time: Wed 04 Mar 2026 06:39:20 +0000 ROA not before: Wed 04 Mar 2026 06:34:20 +0000 ROA not after: Wed 03 Mar 2027 06:39:20 +0000 asID: 146658 IP address blocks: 240a:afa8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:f8:5c:8d:48:cd:84:c8:d2:a6:ff:67:09:98:c9:ad:83:fe:9c:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:20 2026 GMT Not After : Mar 3 06:39:20 2027 GMT Subject: CN=E3901A926B502827ACC2A1B426A4E0DD069CB19D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:75:e9:7c:bc:5d:cd:e0:85:ce:57:ea:74:60: fd:c5:5d:b6:a5:90:b5:da:32:75:5b:ac:15:5b:39: 54:97:6c:53:c7:2e:2f:f5:58:d7:f1:5c:1d:75:d2: ee:59:22:cf:81:c6:66:15:2e:72:1c:e2:d3:96:bc: de:20:40:e6:57:9d:81:e0:82:ed:74:4a:a2:15:21: b3:fe:20:79:e3:67:9b:64:a4:89:78:59:06:11:f5: 2a:60:58:c2:0c:8a:e5:ec:0a:2c:d9:ea:e9:de:4f: 1a:78:f8:a7:81:21:5f:67:c0:2a:1a:a5:6c:87:b3: 97:cc:e4:95:83:7b:1d:84:c2:0d:96:fc:95:ae:38: ac:b1:c9:f1:53:1d:ae:05:cb:84:f8:4f:b3:9b:e5: b2:cd:b2:03:f7:e0:3c:2d:58:44:b6:a4:5c:4e:f8: 42:95:cc:dd:1d:78:72:83:c0:53:be:8b:c1:80:e2: 0d:ec:30:20:48:5e:de:d7:44:f7:ed:49:08:9f:d9: ea:29:0f:53:8d:4c:70:f9:d3:5f:25:64:6c:1f:63: 23:1e:02:78:7f:61:d5:8a:df:01:1e:33:cd:95:c1: b3:ba:7e:f8:f3:50:7d:b1:ac:31:a0:d4:46:c0:01: ed:1d:37:a9:bd:73:b8:fc:c1:c7:8a:64:20:34:b5: df:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:90:1A:92:6B:50:28:27:AC:C2:A1:B4:26:A4:E0:DD:06:9C:B1:9D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146658.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afa8::/32 Signature Algorithm: sha256WithRSAEncryption 2d:48:29:da:c8:42:74:f1:39:69:76:85:1a:c2:4a:59:66:18: 18:be:30:d3:2d:fc:8c:a6:47:da:c6:0c:e3:6a:d5:d8:d8:6e: 74:7a:30:64:46:7c:9f:3a:3b:bd:10:0a:fb:7f:0e:c7:04:ff: 9e:b7:34:1f:da:76:5f:87:89:fd:6a:86:0b:57:d7:87:5d:30: c0:17:0b:df:c8:42:b7:a7:ad:d5:fd:0d:65:96:79:0d:3c:bf: 79:66:8f:ca:f6:e9:d5:d2:5d:c7:86:0c:8b:91:78:b9:18:bc: aa:f2:02:dc:b8:ab:4d:08:f2:5c:19:98:31:f1:ad:92:74:b1: a8:32:f3:95:42:1b:7d:fb:3e:16:fe:db:c2:11:36:38:56:0b: b9:02:98:4e:3b:b0:0b:39:14:bf:61:9d:5c:fd:f5:05:cd:71: 41:5f:fe:62:ea:9e:dd:23:5f:3a:71:11:8f:a1:44:f5:77:e6: 24:f2:bd:d6:72:75:82:d0:8f:ff:6b:bb:4a:8c:70:9c:97:50: 26:f9:ef:e4:08:02:2a:f7:47:f9:5f:7f:9f:94:4e:59:c7:b6: 09:84:46:a3:f3:ce:4a:df:7b:aa:4e:52:4f:a0:74:4a:8e:84: cb:70:be:37:57:44:db:06:b0:9e:12:f1:eb:5c:78:9c:2c:a4: 4f:b1:a7:d8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG/hcjUjNhMjSpv9nCZjJrYP+nBYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQyMFoX DTI3MDMwMzA2MzkyMFowMzExMC8GA1UEAxMoRTM5MDFBOTI2QjUwMjgyN0FDQzJB MUI0MjZBNEUwREQwNjlDQjE5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKp16Xy8Xc3ghc5X6nRg/cVdtqWQtdoydVusFVs5VJdsU8cuL/VY1/FcHXXS 7lkiz4HGZhUuchzi05a83iBA5ledgeCC7XRKohUhs/4geeNnm2SkiXhZBhH1KmBY wgyK5ewKLNnq6d5PGnj4p4EhX2fAKhqlbIezl8zklYN7HYTCDZb8la44rLHJ8VMd rgXLhPhPs5vlss2yA/fgPC1YRLakXE74QpXM3R14coPAU76LwYDiDewwIEhe3tdE 9+1JCJ/Z6ikPU41McPnTXyVkbB9jIx4CeH9h1YrfAR4zzZXBs7p++PNQfbGsMaDU RsAB7R03qb1zuPzBx4pkIDS13/0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTjkBqS a1AoJ6zCobQmpODdBpyxnTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r6gwDQYJKoZIhvcNAQELBQADggEBAC1IKdrIQnTxOWl2hRrCSllmGBi+MNMt/Iym R9rGDONq1djYbnR6MGRGfJ86O70QCvt/DscE/563NB/adl+Hif1qhgtX14ddMMAX C9/IQrenrdX9DWWWeQ08v3lmj8r26dXSXceGDIuReLkYvKryAty4q00I8lwZmDHx rZJ0sagy85VCG337Phb+28IRNjhWC7kCmE47sAs5FL9hnVz99QXNcUFf/mLqnt0j XzpxEY+hRPV35iTyvdZydYLQj/9ru0qMcJyXUCb57+QIAir3R/lff5+UTlnHtgmE RqPzzkrfe6pOUk+gdEqOhMtwvjdXRNsGsJ4S8etceJwspE+xp9g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:07 2026 by rpki-client