$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146696.roa File: AS146696.roa (raw, json) Hash identifier: aWz4py3Ev3tO0qwp1uGIAFsAB0PCYiJKM4jEeHYbLPg= Subject key identifier: D7:16:AB:D2:C4:AC:3C:11:CE:89:7A:91:16:B0:1C:C2:F5:1B:D5:7D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6FD5CACB57B43D1F01879B7760934DEF36036712 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146696.roa Signing time: Wed 04 Mar 2026 06:39:53 +0000 ROA not before: Wed 04 Mar 2026 06:34:53 +0000 ROA not after: Wed 03 Mar 2027 06:39:53 +0000 asID: 146696 IP address blocks: 240a:afce::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:d5:ca:cb:57:b4:3d:1f:01:87:9b:77:60:93:4d:ef:36:03:67:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:53 2026 GMT Not After : Mar 3 06:39:53 2027 GMT Subject: CN=D716ABD2C4AC3C11CE897A9116B01CC2F51BD57D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d4:f2:be:7c:f1:8a:a6:87:fe:55:5d:78:9c: d8:5f:73:3f:35:0a:b5:73:4d:23:cf:57:ef:3e:17: 87:69:81:9c:32:4d:60:d8:61:5d:b8:f1:64:d6:80: 72:10:a6:df:8c:7c:03:b1:c0:ca:3a:cf:5f:0b:c0: 41:93:4c:20:00:fb:de:5d:bf:16:e0:58:a8:da:01: f3:e8:5a:0f:a9:8b:6d:d1:87:c1:a3:1c:06:4d:74: f8:34:3e:53:0f:f1:7c:86:33:37:5b:c4:a3:98:df: 67:c3:b5:f5:97:da:34:6c:21:cc:50:b3:b7:29:6f: 86:1c:ea:2a:bf:6b:1b:89:16:55:8a:e5:d8:0e:67: 2c:6d:68:f7:56:95:06:87:d2:8a:a3:bc:6d:dd:c4: 8d:84:77:c9:f0:c9:8c:4c:e8:86:ff:38:b7:96:ec: 67:b8:d3:1b:27:c9:55:08:5b:b1:0c:88:ce:cf:65: ef:61:c0:f7:59:71:f2:78:94:ee:59:71:49:4b:41: 1b:5a:58:af:85:cd:90:66:e4:6e:fa:0d:e6:13:48: c1:13:01:3d:0b:2a:f1:f8:6d:5e:96:4f:eb:b2:88: 82:c1:f2:30:20:cb:8d:c7:84:99:8e:90:d8:f5:a9: ba:e5:8e:e0:df:81:4f:f8:f5:84:df:db:dc:a7:14: 4e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:16:AB:D2:C4:AC:3C:11:CE:89:7A:91:16:B0:1C:C2:F5:1B:D5:7D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146696.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afce::/32 Signature Algorithm: sha256WithRSAEncryption 61:e4:af:08:87:66:6d:11:75:32:36:a6:32:9d:69:47:df:a5: ce:c8:97:8c:14:5e:37:1b:44:e5:f7:ff:54:81:7d:d1:19:77: 70:95:cd:08:26:d8:92:1e:0d:a3:ed:de:e5:21:08:7d:dc:67: fd:41:d0:ac:b0:d8:04:4b:36:69:08:8c:a4:60:a6:f0:99:4b: b5:2c:e4:14:2d:4d:f1:2c:a0:3b:1c:59:55:6f:2e:2a:9d:45: f4:5f:c9:93:bc:a4:d5:8e:b9:65:24:72:c7:b0:4a:b0:00:8d: 73:8d:82:2e:9a:5d:ca:a9:8e:83:37:61:25:5b:ae:0d:45:84: db:14:73:e5:f8:19:38:f9:55:13:3d:55:6f:66:ff:16:6f:e3: 69:b3:79:5e:8f:02:21:3c:49:fb:6a:56:cb:b0:ac:db:3b:69: 29:24:a1:9a:3d:18:12:0f:41:59:c5:94:c1:c2:73:c9:96:93: c1:5b:a5:c1:19:b4:2b:1c:95:98:1a:27:5b:97:9d:45:f8:9d: 0e:ae:e6:05:71:c9:f9:47:18:45:de:24:ac:36:8c:88:b4:a5: a7:6a:0c:cd:7b:1c:55:0b:c8:e4:4e:4b:4d:66:50:a3:ce:60: 3c:3b:60:5f:8f:4d:a2:c3:a7:f1:95:88:f0:70:94:cf:bc:33: 42:00:74:bf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUb9XKy1e0PR8Bh5t3YJNN7zYDZxIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ1M1oX DTI3MDMwMzA2Mzk1M1owMzExMC8GA1UEAxMoRDcxNkFCRDJDNEFDM0MxMUNFODk3 QTkxMTZCMDFDQzJGNTFCRDU3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDU8r588Yqmh/5VXXic2F9zPzUKtXNNI89X7z4Xh2mBnDJNYNhhXbjxZNaA chCm34x8A7HAyjrPXwvAQZNMIAD73l2/FuBYqNoB8+haD6mLbdGHwaMcBk10+DQ+ Uw/xfIYzN1vEo5jfZ8O19ZfaNGwhzFCztylvhhzqKr9rG4kWVYrl2A5nLG1o91aV BofSiqO8bd3EjYR3yfDJjEzohv84t5bsZ7jTGyfJVQhbsQyIzs9l72HA91lx8niU 7llxSUtBG1pYr4XNkGbkbvoN5hNIwRMBPQsq8fhtXpZP67KIgsHyMCDLjceEmY6Q 2PWpuuWO4N+BT/j1hN/b3KcUTpUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTXFqvS xKw8Ec6JepEWsBzC9RvVfTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjY5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r84wDQYJKoZIhvcNAQELBQADggEBAGHkrwiHZm0RdTI2pjKdaUffpc7Il4wUXjcb ROX3/1SBfdEZd3CVzQgm2JIeDaPt3uUhCH3cZ/1B0Kyw2ARLNmkIjKRgpvCZS7Us 5BQtTfEsoDscWVVvLiqdRfRfyZO8pNWOuWUkcsewSrAAjXONgi6aXcqpjoM3YSVb rg1FhNsUc+X4GTj5VRM9VW9m/xZv42mzeV6PAiE8SftqVsuwrNs7aSkkoZo9GBIP QVnFlMHCc8mWk8FbpcEZtCsclZgaJ1uXnUX4nQ6u5gVxyflHGEXeJKw2jIi0padq DM17HFULyOROS01mUKPOYDw7YF+PTaLDp/GViPBwlM+8M0IAdL8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client