$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146702.roa File: AS146702.roa (raw, json) Hash identifier: t2q+CtF53gV09PlXE6uWyjtF/N9euWWGu1ZDbvrlklY= Subject key identifier: B0:82:6A:53:29:6F:F5:21:3C:8C:D3:12:B1:2A:9C:A7:0B:8A:C7:12 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2BDE1475858D93ACE1AA35E89E5555D98686DDF6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146702.roa Signing time: Wed 04 Mar 2026 06:39:13 +0000 ROA not before: Wed 04 Mar 2026 06:34:13 +0000 ROA not after: Wed 03 Mar 2027 06:39:13 +0000 asID: 146702 IP address blocks: 240a:afd4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:de:14:75:85:8d:93:ac:e1:aa:35:e8:9e:55:55:d9:86:86:dd:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:13 2026 GMT Not After : Mar 3 06:39:13 2027 GMT Subject: CN=B0826A53296FF5213C8CD312B12A9CA70B8AC712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:22:2e:7c:1e:40:4c:57:4c:c4:2c:1f:98:44: f6:6d:b5:10:13:5d:76:ef:f1:c0:bf:a3:60:e4:67: 07:3d:f5:ca:4c:bc:29:17:19:17:67:ac:d1:d4:49: 93:ea:a6:e2:98:38:44:3e:07:71:12:c0:dc:72:aa: b5:9a:49:cf:42:2e:71:55:85:be:74:e8:3b:22:f4: a7:a6:0b:68:16:60:42:37:d4:03:45:54:c8:ac:14: e0:2c:4b:13:ac:b0:91:86:34:f0:e0:0c:76:a7:67: 1e:f3:db:d2:27:72:aa:f3:a9:00:30:08:c7:a8:f7: 34:f2:32:19:f2:b3:7a:f4:71:95:cb:f7:cf:f8:4f: 03:81:91:4f:65:6a:1b:1d:21:e6:03:5f:08:1a:7f: d9:ab:d4:5d:c3:e8:ac:3e:c5:43:b5:91:7d:eb:17: dc:42:eb:2c:56:ab:3f:59:d2:b6:d3:ad:fb:5e:4d: af:e0:e5:7c:bc:75:cd:62:63:26:62:83:31:4d:f4: 73:18:2c:65:e4:88:28:e0:3e:c7:d6:63:a9:06:13: 85:a9:93:96:08:8d:5e:ee:5f:92:c3:c9:ff:9a:b5: 61:22:5e:31:ad:4f:2e:de:cc:1d:ef:1c:01:e8:35: c3:de:04:32:56:ae:af:ae:1e:60:f5:2e:6e:de:bf: 1f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:82:6A:53:29:6F:F5:21:3C:8C:D3:12:B1:2A:9C:A7:0B:8A:C7:12 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146702.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afd4::/32 Signature Algorithm: sha256WithRSAEncryption 31:5e:9d:9b:c8:a2:76:63:67:69:5a:a3:6d:52:31:65:05:f6: 45:2f:be:b0:f7:6d:3e:49:22:9d:8b:37:b0:03:e6:34:cd:e0: 68:ce:ca:3a:7f:51:5d:23:2e:2c:d1:ae:a7:45:29:b9:2a:be: 90:b8:13:a6:d7:6c:6c:c3:36:c6:4c:0b:19:a0:32:fb:86:0a: f9:6a:77:95:8f:3d:42:a3:6d:fe:6c:75:96:5c:db:40:73:02: 84:bd:e9:83:29:7e:92:78:00:ed:b6:95:cc:28:33:f3:08:4d: 85:32:52:79:96:aa:40:89:07:c4:8d:2b:b9:f9:c4:93:2c:8c: e4:a2:2b:68:96:ad:cb:ce:06:fd:c5:d2:ba:9f:3b:5f:ce:e8: 8b:42:c2:c5:bb:84:78:da:ee:90:c6:8e:0e:6d:7f:e6:8c:65: 27:55:c1:17:e8:1d:88:ce:34:78:a9:6e:87:ae:f4:84:d2:aa: 39:a4:25:e2:f7:14:ef:3c:34:cc:12:31:50:c4:ba:66:ab:eb: 97:a5:62:28:dd:0a:61:b1:b8:2b:69:b5:e8:80:2d:bf:20:75: 6f:c0:3d:e7:be:4a:d2:d6:f3:33:30:98:8d:18:de:61:fa:6f: cf:d9:c1:ab:bc:0c:bf:e2:f4:1f:e5:9f:be:07:83:22:7f:0f: d2:e9:11:44 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUK94UdYWNk6zhqjXonlVV2YaG3fYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQxM1oX DTI3MDMwMzA2MzkxM1owMzExMC8GA1UEAxMoQjA4MjZBNTMyOTZGRjUyMTNDOENE MzEyQjEyQTlDQTcwQjhBQzcxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgiLnweQExXTMQsH5hE9m21EBNddu/xwL+jYORnBz31yky8KRcZF2es0dRJ k+qm4pg4RD4HcRLA3HKqtZpJz0IucVWFvnToOyL0p6YLaBZgQjfUA0VUyKwU4CxL E6ywkYY08OAMdqdnHvPb0idyqvOpADAIx6j3NPIyGfKzevRxlcv3z/hPA4GRT2Vq Gx0h5gNfCBp/2avUXcPorD7FQ7WRfesX3ELrLFarP1nSttOt+15Nr+DlfLx1zWJj JmKDMU30cxgsZeSIKOA+x9ZjqQYThamTlgiNXu5fksPJ/5q1YSJeMa1PLt7MHe8c Aeg1w94EMlaur64eYPUubt6/H10CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSwgmpT KW/1ITyM0xKxKpynC4rHEjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjcwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r9QwDQYJKoZIhvcNAQELBQADggEBADFenZvIonZjZ2lao21SMWUF9kUvvrD3bT5J Ip2LN7AD5jTN4GjOyjp/UV0jLizRrqdFKbkqvpC4E6bXbGzDNsZMCxmgMvuGCvlq d5WPPUKjbf5sdZZc20BzAoS96YMpfpJ4AO22lcwoM/MITYUyUnmWqkCJB8SNK7n5 xJMsjOSiK2iWrcvOBv3F0rqfO1/O6ItCwsW7hHja7pDGjg5tf+aMZSdVwRfoHYjO NHipboeu9ITSqjmkJeL3FO88NMwSMVDEumar65elYijdCmGxuCtpteiALb8gdW/A Pee+StLW8zMwmI0Y3mH6b8/Zwau8DL/i9B/ln74HgyJ/D9LpEUQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:11 2026 by rpki-client