$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146681.roa File: AS146681.roa (raw, json) Hash identifier: LkPtGZJTQna8U5DO1913gREMJLvFxNQ5KZ+kkDtGo/Q= Subject key identifier: A3:21:11:18:24:1F:BC:D8:54:CC:DD:87:11:2E:B2:65:4B:92:5B:32 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 16598A3C8E62F774A040D0C29D067285769506BE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146681.roa Signing time: Wed 04 Mar 2026 06:39:47 +0000 ROA not before: Wed 04 Mar 2026 06:34:47 +0000 ROA not after: Wed 03 Mar 2027 06:39:47 +0000 asID: 146681 IP address blocks: 240a:afbf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:59:8a:3c:8e:62:f7:74:a0:40:d0:c2:9d:06:72:85:76:95:06:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:47 2026 GMT Not After : Mar 3 06:39:47 2027 GMT Subject: CN=A3211118241FBCD854CCDD87112EB2654B925B32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:93:6c:c7:08:22:12:77:44:b9:52:ed:10:9d: e2:37:5c:08:35:47:22:d6:47:2d:dd:24:78:20:10: 44:ec:e9:1e:72:a0:cf:4f:13:16:91:17:d4:cf:1c: af:63:42:2d:d8:27:d4:15:e1:0a:8a:ad:ab:bf:62: 92:fa:ce:50:25:0e:6e:75:40:40:c0:76:ac:14:22: 12:68:65:78:35:d2:6f:e4:24:5a:2f:6f:45:5f:82: 82:cb:b1:4b:c5:dd:a8:de:1b:05:2b:2f:1e:a8:78: 34:f5:e7:d9:41:46:0d:40:e1:64:26:b1:02:91:a0: 45:f2:68:36:cb:b5:f6:19:91:6d:e7:59:fc:5b:8a: c1:d2:e7:77:7e:5b:41:84:cb:c9:51:0a:7a:18:99: 8d:69:f0:02:12:18:41:c6:cd:68:0b:95:ea:9d:e1: 79:fa:58:46:50:c8:f8:87:55:66:99:76:91:5c:75: 77:98:b5:af:c5:37:4a:c1:79:5e:a0:de:dd:5d:32: 83:9b:9f:c9:b0:af:ff:4d:ef:b1:02:dc:b8:db:27: de:6a:fc:29:35:9e:aa:03:bb:c8:c5:28:9d:5f:81: d9:12:1a:68:46:d3:19:b1:15:7f:73:83:16:7d:86: 74:4d:2a:34:d1:9f:b9:0d:25:dd:52:3d:bf:f8:d0: 28:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:21:11:18:24:1F:BC:D8:54:CC:DD:87:11:2E:B2:65:4B:92:5B:32 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146681.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afbf::/32 Signature Algorithm: sha256WithRSAEncryption 24:54:61:d9:be:bc:42:f7:e7:15:88:70:a7:9b:cd:9e:c6:52: 2d:0b:fa:4f:8b:f6:18:85:45:c0:e5:bc:82:82:10:0c:ef:67: 67:ce:57:7f:74:b6:50:8b:0a:3e:d4:b3:33:fe:fb:d0:8f:33: 76:2f:21:b3:65:cb:82:4a:c2:1c:56:95:87:a8:e9:83:50:67: 87:a2:40:f5:aa:3a:0f:da:13:e0:98:53:fd:95:68:11:9d:a9: 35:21:14:29:2b:c4:6b:fb:6d:86:13:3c:02:49:35:8a:13:07: 38:a2:56:f4:87:d6:f1:33:5a:32:61:10:25:cf:5b:ec:d2:64: c3:4b:19:ed:48:dd:fc:13:1e:94:94:57:4b:06:77:cd:b9:c5: 65:9d:9e:2a:51:a0:e9:8b:ee:ed:57:24:a6:b5:7e:b4:fa:3f: 08:72:ef:bc:4b:ef:2b:00:6b:8d:c1:c8:6b:42:bb:b3:2d:61: 7b:1e:82:ff:83:bc:52:b2:2c:6f:d4:b1:08:86:86:a5:42:0e: 95:1e:84:82:65:c6:61:d2:d3:a4:4f:51:b6:e8:4b:d3:76:8f: f3:50:d9:2e:d6:29:29:fc:cb:03:b0:e8:ce:46:3e:97:63:a4: 30:4b:aa:89:ce:8e:0f:96:49:b5:e4:97:05:d5:3e:ca:f1:81: 1d:17:4f:6e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFlmKPI5i93SgQNDCnQZyhXaVBr4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0N1oX DTI3MDMwMzA2Mzk0N1owMzExMC8GA1UEAxMoQTMyMTExMTgyNDFGQkNEODU0Q0NE RDg3MTEyRUIyNjU0QjkyNUIzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKaTbMcIIhJ3RLlS7RCd4jdcCDVHItZHLd0keCAQROzpHnKgz08TFpEX1M8c r2NCLdgn1BXhCoqtq79ikvrOUCUObnVAQMB2rBQiEmhleDXSb+QkWi9vRV+Cgsux S8XdqN4bBSsvHqh4NPXn2UFGDUDhZCaxApGgRfJoNsu19hmRbedZ/FuKwdLnd35b QYTLyVEKehiZjWnwAhIYQcbNaAuV6p3hefpYRlDI+IdVZpl2kVx1d5i1r8U3SsF5 XqDe3V0yg5ufybCv/03vsQLcuNsn3mr8KTWeqgO7yMUonV+B2RIaaEbTGbEVf3OD Fn2GdE0qNNGfuQ0l3VI9v/jQKJECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSjIREY JB+82FTM3YcRLrJlS5JbMjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY4MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r78wDQYJKoZIhvcNAQELBQADggEBACRUYdm+vEL35xWIcKebzZ7GUi0L+k+L9hiF RcDlvIKCEAzvZ2fOV390tlCLCj7UszP++9CPM3YvIbNly4JKwhxWlYeo6YNQZ4ei QPWqOg/aE+CYU/2VaBGdqTUhFCkrxGv7bYYTPAJJNYoTBziiVvSH1vEzWjJhECXP W+zSZMNLGe1I3fwTHpSUV0sGd825xWWdnipRoOmL7u1XJKa1frT6Pwhy77xL7ysA a43ByGtCu7MtYXsegv+DvFKyLG/UsQiGhqVCDpUehIJlxmHS06RPUbboS9N2j/NQ 2S7WKSn8ywOw6M5GPpdjpDBLqonOjg+WSbXklwXVPsrxgR0XT24= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:51 2026 by rpki-client