$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146672.roa File: AS146672.roa (raw, json) Hash identifier: 1/l+gFncC3rc5M4ReNe2YDz3npfQ3jyG6++jOp9O9Ok= Subject key identifier: E2:16:E3:E1:5B:90:5A:F5:7D:B4:29:45:1B:31:CF:26:24:7E:17:F8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 21EA0C4AB433F1D07B0ED97760F1FF0AA8A1A874 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146672.roa Signing time: Wed 04 Mar 2026 06:39:47 +0000 ROA not before: Wed 04 Mar 2026 06:34:47 +0000 ROA not after: Wed 03 Mar 2027 06:39:47 +0000 asID: 146672 IP address blocks: 240a:afb6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:ea:0c:4a:b4:33:f1:d0:7b:0e:d9:77:60:f1:ff:0a:a8:a1:a8:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:47 2026 GMT Not After : Mar 3 06:39:47 2027 GMT Subject: CN=E216E3E15B905AF57DB429451B31CF26247E17F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:01:92:c0:b4:16:5e:78:c4:07:65:4a:30:6e: 54:a3:24:70:27:b6:b8:4c:31:a6:1e:e2:56:c7:b2: 2b:31:54:0e:75:7d:26:f2:7d:7f:22:85:b7:bc:8c: d4:d9:49:ca:b8:c1:fc:bf:fd:64:1b:7f:dd:fb:65: f6:c5:6e:48:e9:c1:34:08:85:73:50:c7:c1:c6:2d: f0:1c:a2:15:4a:be:e1:3e:22:5e:c6:b7:44:5d:b8: 68:c1:5d:2c:bb:d8:55:af:40:c1:5d:2c:cd:2f:f5: b7:6a:a0:01:2f:a0:79:44:72:25:62:56:67:f2:73: f4:68:ab:b3:72:6d:f7:13:a5:5e:d0:df:a7:41:c1: f6:e6:89:ea:da:0d:b1:65:25:0b:5e:5c:54:fc:b2: 3b:9d:ec:b1:28:79:ac:24:15:6e:f7:5d:a3:90:7d: 62:94:73:36:8e:28:59:8f:b9:06:a0:75:57:ae:49: 95:b7:ef:2f:1e:57:41:64:bd:b0:eb:0c:1e:dd:81: 6e:eb:5c:1e:b4:9f:c3:8f:a2:b3:6b:1b:d2:17:42: c2:c4:ac:45:99:dc:6b:0c:d3:f0:d9:81:2b:5a:8c: a4:c8:c3:10:c4:8b:70:82:e7:d9:9a:85:c0:35:84: c7:14:4c:00:da:53:70:2c:be:39:bc:53:b4:c8:4c: 4c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:16:E3:E1:5B:90:5A:F5:7D:B4:29:45:1B:31:CF:26:24:7E:17:F8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146672.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afb6::/32 Signature Algorithm: sha256WithRSAEncryption 56:78:ed:18:3d:16:84:f5:98:c5:b1:81:73:cd:5b:7c:69:60: 05:d4:aa:f4:90:27:3c:06:c2:45:59:72:9e:83:4a:b7:dc:6b: 13:b8:50:b2:78:8d:e4:30:53:b5:41:ed:67:be:39:bb:89:77: fa:15:e0:0d:ea:1c:02:ed:25:ae:17:58:60:1e:80:4c:a0:b4: b9:f5:aa:b0:fe:9c:cf:fa:c3:ce:0c:c1:dd:68:33:fd:3f:1d: 52:4a:06:11:7d:68:b8:a8:90:04:fa:be:77:ca:43:1e:e9:af: 95:e2:80:e9:6b:55:b0:fb:7a:51:cb:71:64:36:fa:27:1d:d4: 3c:6c:e7:23:fc:10:da:e3:d7:df:e1:4a:71:9c:03:f8:09:a9: 7f:e7:ca:3b:5b:dd:89:62:ef:50:9d:23:f4:b7:53:84:d3:27: d7:9e:15:a0:46:0b:14:f9:ee:b8:17:23:ed:7a:51:27:60:18: b4:cc:05:0c:03:20:40:87:4c:35:1e:37:ce:b0:2e:b4:6a:5f: 2b:9c:db:8e:8b:fa:c3:12:62:cf:9d:84:ed:21:97:c5:76:18: 63:3e:1d:87:25:01:72:b4:a3:38:7b:c7:a0:bb:97:f8:55:c3: 04:32:f2:39:9f:6c:a5:42:18:31:f5:3a:13:bf:15:da:2f:79: 2b:95:93:9b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIeoMSrQz8dB7Dtl3YPH/CqihqHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0N1oX DTI3MDMwMzA2Mzk0N1owMzExMC8GA1UEAxMoRTIxNkUzRTE1QjkwNUFGNTdEQjQy OTQ1MUIzMUNGMjYyNDdFMTdGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKUBksC0Fl54xAdlSjBuVKMkcCe2uEwxph7iVseyKzFUDnV9JvJ9fyKFt7yM 1NlJyrjB/L/9ZBt/3ftl9sVuSOnBNAiFc1DHwcYt8ByiFUq+4T4iXsa3RF24aMFd LLvYVa9AwV0szS/1t2qgAS+geURyJWJWZ/Jz9Girs3Jt9xOlXtDfp0HB9uaJ6toN sWUlC15cVPyyO53ssSh5rCQVbvddo5B9YpRzNo4oWY+5BqB1V65JlbfvLx5XQWS9 sOsMHt2BbutcHrSfw4+is2sb0hdCwsSsRZncawzT8NmBK1qMpMjDEMSLcILn2ZqF wDWExxRMANpTcCy+ObxTtMhMTCMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTiFuPh W5Ba9X20KUUbMc8mJH4X+DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r7YwDQYJKoZIhvcNAQELBQADggEBAFZ47Rg9FoT1mMWxgXPNW3xpYAXUqvSQJzwG wkVZcp6DSrfcaxO4ULJ4jeQwU7VB7We+ObuJd/oV4A3qHALtJa4XWGAegEygtLn1 qrD+nM/6w84Mwd1oM/0/HVJKBhF9aLiokAT6vnfKQx7pr5XigOlrVbD7elHLcWQ2 +icd1Dxs5yP8ENrj19/hSnGcA/gJqX/nyjtb3Yli71CdI/S3U4TTJ9eeFaBGCxT5 7rgXI+16USdgGLTMBQwDIECHTDUeN86wLrRqXyuc246L+sMSYs+dhO0hl8V2GGM+ HYclAXK0ozh7x6C7l/hVwwQy8jmfbKVCGDH1OhO/FdoveSuVk5s= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:27 2026 by rpki-client