$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146679.roa File: AS146679.roa (raw, json) Hash identifier: FANhBbS45ZLAjb9T1QwW8lp9HoroF6kSxAEQh+Tjb9w= Subject key identifier: BA:50:12:46:7C:18:FB:94:47:49:A7:44:51:4E:3F:00:B7:F5:0C:73 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7B414383DC4A1DBF1424BE6C47BFB6FB237437ED Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146679.roa Signing time: Wed 04 Mar 2026 06:39:45 +0000 ROA not before: Wed 04 Mar 2026 06:34:45 +0000 ROA not after: Wed 03 Mar 2027 06:39:45 +0000 asID: 146679 IP address blocks: 240a:afbd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:41:43:83:dc:4a:1d:bf:14:24:be:6c:47:bf:b6:fb:23:74:37:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:45 2026 GMT Not After : Mar 3 06:39:45 2027 GMT Subject: CN=BA5012467C18FB944749A744514E3F00B7F50C73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2d:f1:0a:24:6f:24:62:8d:a2:a1:9b:9c:81: 15:78:9d:b1:a8:dc:f4:81:34:71:93:a8:39:1f:85: 01:2d:cf:7e:d0:fa:f8:d7:21:61:eb:d9:39:5d:d9: ad:28:0d:a2:36:92:13:f1:df:7f:b3:2c:58:49:f7: a2:22:8f:ac:12:55:27:9a:a2:38:cf:07:9a:9e:2a: 3a:9a:16:3b:30:3c:de:79:55:71:95:55:9c:af:41: c2:35:ee:68:4a:c1:eb:bf:65:df:73:6c:41:fa:36: b8:b9:d3:cd:40:41:f2:71:1a:d7:6b:b5:17:c6:43: cc:14:29:6b:b6:ce:d9:a7:ee:ef:62:8d:0d:6e:26: d7:74:f3:15:1c:20:b5:79:23:ea:6e:a8:60:68:bb: d9:85:08:f0:84:7d:04:5e:df:7a:10:6e:6f:e9:18: 3e:54:e5:cc:bc:14:40:b5:58:82:0c:ac:1c:37:02: 6a:7b:32:ba:da:14:bc:ca:f8:41:46:7e:43:c0:9d: 74:54:7c:0b:10:af:41:73:de:44:5c:c0:eb:db:aa: dc:7e:69:f5:43:7c:3b:48:47:44:ed:28:e3:3a:b2: df:fc:29:0c:de:b5:c5:23:e2:ac:21:92:19:cc:1b: bb:3d:7e:5f:84:13:0f:8b:45:54:30:ea:83:be:23: a2:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:50:12:46:7C:18:FB:94:47:49:A7:44:51:4E:3F:00:B7:F5:0C:73 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146679.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afbd::/32 Signature Algorithm: sha256WithRSAEncryption d6:75:e4:b4:a5:7e:a1:01:ff:13:10:66:f5:61:58:50:a5:89: 8d:fb:81:69:e7:43:b8:95:dc:02:9e:2f:ee:90:3b:3b:1c:24: ab:46:26:80:09:75:4c:61:3f:8e:a8:70:7d:91:db:21:3b:de: 44:e0:b3:a5:35:d6:0d:20:e2:14:21:7d:d1:c5:3e:83:72:8c: 7d:e8:59:a3:2e:ff:7d:32:6e:33:27:d9:88:60:e5:72:7a:f4: 9f:81:a3:53:81:a6:b1:f3:81:f8:61:04:7e:89:30:c3:b7:94: 12:29:25:a6:44:06:29:27:92:c3:3a:67:ff:a7:1d:55:69:4d: d9:e7:b8:7a:28:b3:52:94:73:c3:e5:dd:f7:b2:5f:f2:89:6a: b6:e1:dc:be:14:b3:72:ad:ca:06:c9:d0:c8:9c:88:10:1c:b4: 07:a8:95:74:82:86:65:ac:de:9c:31:46:cc:48:44:72:ce:4b: c1:31:51:94:ab:e4:8b:ed:94:3e:df:02:5e:8d:c5:70:8d:c2: 08:b8:4a:6a:13:56:a9:25:98:da:4a:33:35:dc:5c:ff:f5:d9: f0:a8:63:ea:69:9a:9e:57:92:d9:5e:f0:3f:ab:ad:5b:75:9e: fc:0f:e2:89:62:b2:da:5a:89:62:bc:81:6b:05:d5:e2:af:3e: c6:9a:f7:fb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUe0FDg9xKHb8UJL5sR7+2+yN0N+0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0NVoX DTI3MDMwMzA2Mzk0NVowMzExMC8GA1UEAxMoQkE1MDEyNDY3QzE4RkI5NDQ3NDlB NzQ0NTE0RTNGMDBCN0Y1MEM3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYt8QokbyRijaKhm5yBFXidsajc9IE0cZOoOR+FAS3PftD6+NchYevZOV3Z rSgNojaSE/Hff7MsWEn3oiKPrBJVJ5qiOM8Hmp4qOpoWOzA83nlVcZVVnK9BwjXu aErB679l33NsQfo2uLnTzUBB8nEa12u1F8ZDzBQpa7bO2afu72KNDW4m13TzFRwg tXkj6m6oYGi72YUI8IR9BF7fehBub+kYPlTlzLwUQLVYggysHDcCansyutoUvMr4 QUZ+Q8CddFR8CxCvQXPeRFzA69uq3H5p9UN8O0hHRO0o4zqy3/wpDN61xSPirCGS Gcwbuz1+X4QTD4tFVDDqg74jojkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS6UBJG fBj7lEdJp0RRTj8At/UMczAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY3OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r70wDQYJKoZIhvcNAQELBQADggEBANZ15LSlfqEB/xMQZvVhWFCliY37gWnnQ7iV 3AKeL+6QOzscJKtGJoAJdUxhP46ocH2R2yE73kTgs6U11g0g4hQhfdHFPoNyjH3o WaMu/30ybjMn2Yhg5XJ69J+Bo1OBprHzgfhhBH6JMMO3lBIpJaZEBiknksM6Z/+n HVVpTdnnuHoos1KUc8Pl3feyX/KJarbh3L4Us3KtygbJ0MiciBActAeolXSChmWs 3pwxRsxIRHLOS8ExUZSr5IvtlD7fAl6NxXCNwgi4SmoTVqklmNpKMzXcXP/12fCo Y+ppmp5Xktle8D+rrVt1nvwP4olistpaiWK8gWsF1eKvPsaa9/s= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:10 2026 by rpki-client