$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146682.roa File: AS146682.roa (raw, json) Hash identifier: 9gb6Z+nF1px1hNpG0jKKf57OMrciM0qsRyRAyQtNn4I= Subject key identifier: C1:C9:F1:03:C0:05:4E:80:8B:E8:F3:7E:C1:A9:F9:01:84:B7:16:BF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 016E5E95915819CF7B5995CB254601E8CB2086E5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146682.roa Signing time: Wed 04 Mar 2026 06:39:43 +0000 ROA not before: Wed 04 Mar 2026 06:34:43 +0000 ROA not after: Wed 03 Mar 2027 06:39:43 +0000 asID: 146682 IP address blocks: 240a:afc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:6e:5e:95:91:58:19:cf:7b:59:95:cb:25:46:01:e8:cb:20:86:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:43 2026 GMT Not After : Mar 3 06:39:43 2027 GMT Subject: CN=C1C9F103C0054E808BE8F37EC1A9F90184B716BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:89:8c:7b:be:59:7f:3f:5e:97:e6:0d:e3:d8: 48:7b:fa:55:8b:be:d5:14:52:7e:44:a1:a3:14:e9: 4c:73:e7:ad:5a:0a:5b:35:d8:c5:de:cc:c0:22:b8: 42:6c:9c:df:6a:00:6f:b3:71:b9:11:25:c8:0a:69: 9d:ae:6b:dd:2b:1a:6b:dc:20:03:f3:29:52:42:67: 27:ee:10:0d:96:78:5e:ad:0c:0d:ee:cf:9e:e7:c6: 9d:67:b2:52:a8:3e:de:d1:b0:ae:97:40:63:2f:07: 49:9d:ff:fd:2c:59:3a:dc:ac:4e:67:cd:c9:ed:0c: 0d:7f:df:51:0e:ad:b2:81:62:8b:67:cc:d4:aa:ee: 71:28:76:c6:6c:13:76:46:8e:c8:da:a8:3f:07:12: cb:08:43:3a:c0:2d:c9:a7:34:8f:bd:22:e8:10:d6: 37:28:87:e8:de:58:66:c4:2c:d9:12:f0:f5:5e:5c: 6e:2c:fe:6c:51:47:08:44:ff:a0:e5:c4:84:01:11: 17:e0:06:92:9e:bc:68:36:2b:27:16:60:4c:31:de: 79:d8:f4:30:7b:c5:c4:0c:28:f1:0a:ef:34:4f:c1: 34:76:68:03:7c:a1:fd:16:fa:78:4a:44:a8:85:fc: 63:41:b4:40:68:e3:e4:b0:3e:4b:3f:db:cd:45:66: f0:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:C9:F1:03:C0:05:4E:80:8B:E8:F3:7E:C1:A9:F9:01:84:B7:16:BF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146682.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afc0::/32 Signature Algorithm: sha256WithRSAEncryption bf:ee:bc:4e:ae:db:f8:77:51:2d:bf:2a:1a:b3:b6:7d:98:b5: 72:79:ce:1c:34:40:33:2b:0f:b2:ed:ca:fe:19:74:a0:0f:82: 9f:33:45:47:80:4c:8a:77:89:c6:c3:f0:d6:d1:20:64:be:41: 5a:42:7b:cd:ea:dc:02:90:4a:b2:1a:bf:35:ae:65:db:46:4b: 4e:97:35:98:93:58:d8:61:c2:b8:c0:eb:9c:98:de:9d:f0:c0: bc:a7:b8:5f:73:0c:36:16:e1:f9:09:2a:c4:65:25:bf:59:0d: e2:2e:fb:0d:c0:a5:a3:05:5a:6e:05:7f:cd:c6:bd:fa:6b:f3: a8:2d:b8:37:a4:52:db:76:e6:6a:f5:ef:ef:84:74:45:fa:87: 65:da:f1:67:45:f7:07:dd:02:6e:fb:4a:95:3a:4a:f5:b3:85: 13:b4:de:57:6c:e5:2d:e3:85:83:d7:75:dc:d0:d8:88:cd:f7: f3:b4:6e:f9:05:59:54:61:42:b0:0a:4a:a4:e4:99:d5:7e:04: e3:e6:c1:3f:b5:6b:fc:86:21:db:b4:e2:d9:47:c5:fd:c6:fb: 70:d7:06:25:30:95:d0:6e:3c:7d:9b:5d:7f:3b:9d:08:88:ac: 41:d9:a5:4c:49:90:4a:52:1c:bf:fc:a0:1c:a1:75:8e:64:b6: 95:59:ca:bb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAW5elZFYGc97WZXLJUYB6MsghuUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0M1oX DTI3MDMwMzA2Mzk0M1owMzExMC8GA1UEAxMoQzFDOUYxMDNDMDA1NEU4MDhCRThG MzdFQzFBOUY5MDE4NEI3MTZCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKyJjHu+WX8/XpfmDePYSHv6VYu+1RRSfkShoxTpTHPnrVoKWzXYxd7MwCK4 Qmyc32oAb7NxuRElyAppna5r3Ssaa9wgA/MpUkJnJ+4QDZZ4Xq0MDe7PnufGnWey Uqg+3tGwrpdAYy8HSZ3//SxZOtysTmfNye0MDX/fUQ6tsoFii2fM1KrucSh2xmwT dkaOyNqoPwcSywhDOsAtyac0j70i6BDWNyiH6N5YZsQs2RLw9V5cbiz+bFFHCET/ oOXEhAERF+AGkp68aDYrJxZgTDHeedj0MHvFxAwo8QrvNE/BNHZoA3yh/Rb6eEpE qIX8Y0G0QGjj5LA+Sz/bzUVm8N8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTByfED wAVOgIvo837BqfkBhLcWvzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY4Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r8AwDQYJKoZIhvcNAQELBQADggEBAL/uvE6u2/h3US2/Khqztn2YtXJ5zhw0QDMr D7Ltyv4ZdKAPgp8zRUeATIp3icbD8NbRIGS+QVpCe83q3AKQSrIavzWuZdtGS06X NZiTWNhhwrjA65yY3p3wwLynuF9zDDYW4fkJKsRlJb9ZDeIu+w3ApaMFWm4Ff83G vfpr86gtuDekUtt25mr17++EdEX6h2Xa8WdF9wfdAm77SpU6SvWzhRO03lds5S3j hYPXddzQ2IjN9/O0bvkFWVRhQrAKSqTkmdV+BOPmwT+1a/yGIdu04tlHxf3G+3DX BiUwldBuPH2bXX87nQiIrEHZpUxJkEpSHL/8oByhdY5ktpVZyrs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:17 2026 by rpki-client