$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146688.roa File: AS146688.roa (raw, json) Hash identifier: ZPkFPboJHrk+FkgB1nMntxtMFlphrBOGiY3/h9BozQY= Subject key identifier: 39:79:08:6D:F6:7C:37:5E:E6:EC:F2:91:4C:F1:5F:8A:B5:EB:F5:94 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C47420D2BC27984B6A57741D18301D830589903 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146688.roa Signing time: Wed 04 Mar 2026 06:39:39 +0000 ROA not before: Wed 04 Mar 2026 06:34:39 +0000 ROA not after: Wed 03 Mar 2027 06:39:39 +0000 asID: 146688 IP address blocks: 240a:afc6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:47:42:0d:2b:c2:79:84:b6:a5:77:41:d1:83:01:d8:30:58:99:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:39 2026 GMT Not After : Mar 3 06:39:39 2027 GMT Subject: CN=3979086DF67C375EE6ECF2914CF15F8AB5EBF594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4f:40:8e:4c:3e:08:50:7f:fd:80:a5:a0:3f: 65:a1:34:c5:3b:11:1d:78:64:32:48:ad:05:e2:69: f9:b7:54:ff:21:60:00:b1:c3:97:70:b7:36:0f:21: 04:35:36:5f:68:32:14:63:75:b5:bd:34:ff:4a:6e: 0d:8d:9b:68:43:ff:2d:71:b6:65:b3:46:7b:c5:ed: 8b:ca:07:bf:fe:ff:d2:da:48:6e:27:0e:3b:48:ff: a9:91:17:51:b0:b1:f7:f1:c0:4f:24:bd:7d:98:29: f5:13:3c:ba:01:40:ce:e3:d6:6c:27:07:55:b7:01: fb:33:c8:55:46:91:04:3f:fd:5f:c5:39:37:12:9d: cb:72:ea:1b:16:f8:8b:78:56:e2:22:e8:2e:f8:06: ba:74:c2:d0:ce:9e:0f:a7:d1:fd:0e:2c:ab:df:d9: b3:1d:d0:77:b3:f5:ca:46:4c:9f:ee:60:9c:93:36: c0:c9:34:92:23:30:e3:28:e8:85:1d:55:11:8a:b9: 93:07:04:79:98:52:84:af:2b:f9:4c:db:58:7c:a4: 05:25:f6:c8:2f:58:7c:0d:b2:31:7d:80:14:b3:4f: 67:ef:b6:3b:64:ad:91:d4:3d:97:03:80:c4:6c:f3: 28:e9:91:be:90:13:ed:ea:2b:79:e0:ad:0a:75:c5: e5:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:79:08:6D:F6:7C:37:5E:E6:EC:F2:91:4C:F1:5F:8A:B5:EB:F5:94 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146688.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afc6::/32 Signature Algorithm: sha256WithRSAEncryption 0c:f9:fd:42:09:af:40:b1:76:0f:d3:d8:b6:9d:84:e0:cb:c2: fb:47:b5:74:f4:2b:eb:20:29:6b:d7:fa:3b:1e:88:65:3c:b1: b1:64:33:7d:66:9c:4f:28:fb:6e:92:b4:47:ae:a7:5b:4c:f2: 1e:98:36:f2:8a:1a:e6:44:b4:d8:cb:f3:c9:79:66:c7:0f:fe: 90:8f:18:1a:1c:92:dc:f9:53:e2:68:cc:7e:db:d6:74:32:a5: 47:fa:5a:7b:57:40:f4:96:01:41:d6:50:0d:f7:b2:bb:17:cc: 0e:a1:91:1b:e4:d7:d5:b7:ee:b1:32:c6:82:f8:4f:7c:ac:1a: d4:93:cc:97:c7:83:c8:01:fb:5f:57:0c:41:3e:e6:81:24:d3: 29:7a:a6:25:bc:89:64:28:a7:b5:bc:a1:89:7f:3a:a6:0d:64: 5a:14:95:a4:1e:1b:25:ff:ae:f8:4d:c5:76:7e:c5:28:4d:57: cf:03:df:8b:03:f9:83:c5:0a:e0:2c:35:0a:e9:cf:f6:4d:fd: a3:e6:f2:b6:5c:bc:2e:48:75:02:07:37:b2:20:46:02:d5:fd: 44:6b:24:d3:b9:e5:d7:51:f6:1e:c6:90:25:48:64:c9:5b:87: 2e:2a:88:4d:00:94:45:ea:38:2a:f9:91:58:dc:57:b0:35:d4: 4b:05:3c:0d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfEdCDSvCeYS2pXdB0YMB2DBYmQMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzOVoX DTI3MDMwMzA2MzkzOVowMzExMC8GA1UEAxMoMzk3OTA4NkRGNjdDMzc1RUU2RUNG MjkxNENGMTVGOEFCNUVCRjU5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVPQI5MPghQf/2ApaA/ZaE0xTsRHXhkMkitBeJp+bdU/yFgALHDl3C3Ng8h BDU2X2gyFGN1tb00/0puDY2baEP/LXG2ZbNGe8Xti8oHv/7/0tpIbicOO0j/qZEX UbCx9/HATyS9fZgp9RM8ugFAzuPWbCcHVbcB+zPIVUaRBD/9X8U5NxKdy3LqGxb4 i3hW4iLoLvgGunTC0M6eD6fR/Q4sq9/Zsx3Qd7P1ykZMn+5gnJM2wMk0kiMw4yjo hR1VEYq5kwcEeZhShK8r+UzbWHykBSX2yC9YfA2yMX2AFLNPZ++2O2StkdQ9lwOA xGzzKOmRvpAT7eoreeCtCnXF5ccCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ5eQht 9nw3Xubs8pFM8V+Ktev1lDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r8YwDQYJKoZIhvcNAQELBQADggEBAAz5/UIJr0Cxdg/T2LadhODLwvtHtXT0K+sg KWvX+jseiGU8sbFkM31mnE8o+26StEeup1tM8h6YNvKKGuZEtNjL88l5ZscP/pCP GBocktz5U+JozH7b1nQypUf6WntXQPSWAUHWUA33srsXzA6hkRvk19W37rEyxoL4 T3ysGtSTzJfHg8gB+19XDEE+5oEk0yl6piW8iWQop7W8oYl/OqYNZFoUlaQeGyX/ rvhNxXZ+xShNV88D34sD+YPFCuAsNQrpz/ZN/aPm8rZcvC5IdQIHN7IgRgLV/URr JNO55ddR9h7GkCVIZMlbhy4qiE0AlEXqOCr5kVjcV7A11EsFPA0= -----END CERTIFICATE-----Generated at Sat Mar 28 14:31:36 2026 by rpki-client