$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146667.roa File: AS146667.roa (raw, json) Hash identifier: ualZdu5TNblMdfHtYQMAnQ7WX6FxrpnxVajQacQsH6o= Subject key identifier: 73:1F:68:BF:30:DD:B8:97:70:35:69:71:3C:59:3A:2A:8E:50:36:2A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1357ED0D7062F6AFB5162BC5F1C136F8A8FF88DA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146667.roa Signing time: Wed 04 Mar 2026 06:39:51 +0000 ROA not before: Wed 04 Mar 2026 06:34:51 +0000 ROA not after: Wed 03 Mar 2027 06:39:51 +0000 asID: 146667 IP address blocks: 240a:afb1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:57:ed:0d:70:62:f6:af:b5:16:2b:c5:f1:c1:36:f8:a8:ff:88:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:51 2026 GMT Not After : Mar 3 06:39:51 2027 GMT Subject: CN=731F68BF30DDB897703569713C593A2A8E50362A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:c8:32:45:25:6d:9e:e1:a8:7b:b0:7b:a9:8a: 5f:f4:5c:83:2b:e6:1c:b3:23:83:c0:0b:94:03:88: 84:f6:48:b1:78:62:30:58:f8:9a:08:65:7d:07:8f: 35:1a:fd:b6:28:b1:c4:a7:1b:5a:ac:19:79:c7:d0: 0c:7a:ef:44:0d:aa:11:35:ac:03:76:41:ce:34:f6: 48:4e:94:22:d1:c7:f8:e4:d0:70:6a:db:53:4d:0d: 90:62:a4:1b:8e:71:87:d4:2f:01:52:35:64:35:79: af:3b:6d:30:78:9d:b9:d1:6d:1c:ca:f8:ff:89:ed: ae:fc:f1:13:47:7d:56:38:f8:bc:ce:23:98:f9:bb: 0f:be:c2:3a:8c:f1:c4:b9:0a:6d:87:b5:a0:ab:e8: 25:ad:ed:37:a9:cb:69:60:3d:2b:50:19:e3:a9:8a: 19:08:52:86:c3:06:0d:05:a7:b8:8c:ad:fd:69:a5: d0:c5:c6:6f:65:16:cb:07:e7:f5:10:be:0e:b0:06: f3:75:74:20:7f:a7:f7:9c:0c:f6:c5:3b:f6:d6:94: 7d:18:bf:cb:34:07:a7:c6:ac:64:88:95:59:16:ae: bb:32:49:37:5d:4a:75:a3:93:18:ed:7c:e0:4d:f7: b4:3a:b2:68:39:55:62:15:07:7e:6f:25:8f:9d:4b: 5a:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:1F:68:BF:30:DD:B8:97:70:35:69:71:3C:59:3A:2A:8E:50:36:2A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146667.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afb1::/32 Signature Algorithm: sha256WithRSAEncryption a2:d2:e6:bd:97:aa:f5:c5:55:17:da:78:b1:27:af:3f:a7:c4: 39:25:de:86:f7:4f:12:4a:b8:8a:98:aa:ff:31:89:aa:ae:87: 9d:26:95:ab:34:f4:93:a4:16:08:f4:b5:1e:3b:af:5a:76:1d: 96:75:c7:0f:e2:ef:ad:53:b3:31:54:dd:d9:a4:58:e1:23:1e: 41:37:5e:fa:1a:a5:48:9f:97:91:44:e8:12:c8:b4:62:73:38: 5e:e5:89:14:d3:97:b7:0d:7d:d2:ce:2e:14:14:91:ba:3b:45: 85:c5:a4:9b:9a:15:81:ef:b8:dd:47:06:2c:94:d9:20:c8:c1: 0b:9d:62:6b:4e:40:fe:0c:fa:73:2a:85:72:c2:c4:20:9d:7a: 6b:af:86:c6:01:a7:59:c5:d5:5f:f9:44:f0:aa:40:ff:93:f2: 16:06:db:96:7e:61:ba:cc:d5:5c:01:03:18:1d:c2:39:d6:32: 35:29:dd:bf:18:02:0f:1c:f7:56:13:06:59:8b:b1:56:7a:1c: 74:12:fc:b4:30:2e:c7:dd:1c:e1:b5:df:f8:26:14:5d:3b:84: 7d:72:37:02:05:fa:80:bd:a0:f7:5a:04:f0:54:a7:c1:c7:e3: 5a:1a:e2:c4:d6:77:f1:f6:4c:f0:0c:de:45:83:f8:58:9e:ce: 2b:59:e3:16 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUE1ftDXBi9q+1FivF8cE2+Kj/iNowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ1MVoX DTI3MDMwMzA2Mzk1MVowMzExMC8GA1UEAxMoNzMxRjY4QkYzMEREQjg5NzcwMzU2 OTcxM0M1OTNBMkE4RTUwMzYyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOTIMkUlbZ7hqHuwe6mKX/RcgyvmHLMjg8ALlAOIhPZIsXhiMFj4mghlfQeP NRr9tiixxKcbWqwZecfQDHrvRA2qETWsA3ZBzjT2SE6UItHH+OTQcGrbU00NkGKk G45xh9QvAVI1ZDV5rzttMHidudFtHMr4/4ntrvzxE0d9Vjj4vM4jmPm7D77COozx xLkKbYe1oKvoJa3tN6nLaWA9K1AZ46mKGQhShsMGDQWnuIyt/Wml0MXGb2UWywfn 9RC+DrAG83V0IH+n95wM9sU79taUfRi/yzQHp8asZIiVWRauuzJJN11KdaOTGO18 4E33tDqyaDlVYhUHfm8lj51LWkECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRzH2i/ MN24l3A1aXE8WToqjlA2KjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r7EwDQYJKoZIhvcNAQELBQADggEBAKLS5r2XqvXFVRfaeLEnrz+nxDkl3ob3TxJK uIqYqv8xiaquh50mlas09JOkFgj0tR47r1p2HZZ1xw/i761TszFU3dmkWOEjHkE3 XvoapUifl5FE6BLItGJzOF7liRTTl7cNfdLOLhQUkbo7RYXFpJuaFYHvuN1HBiyU 2SDIwQudYmtOQP4M+nMqhXLCxCCdemuvhsYBp1nF1V/5RPCqQP+T8hYG25Z+YbrM 1VwBAxgdwjnWMjUp3b8YAg8c91YTBlmLsVZ6HHQS/LQwLsfdHOG13/gmFF07hH1y NwIF+oC9oPdaBPBUp8HH41oa4sTWd/H2TPAM3kWD+FiezitZ4xY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:48 2026 by rpki-client